5 Tips for Securing Your Wireless Network

It's time for a wireless tune-up

The Wireless Connection
The Wireless Connection
Introduction

Whether you have a home network or are working on a business network in an office with multiple users, wireless network security is critical. An open network without security measures in place leaves critical data vulnerable to hacker attacks and other intrusions.

Whether you're an IT professional or a home user, here are five simple tips for securing your wireless network.

Hacking's not a rare occurrence. According to a University of Maryland study, there is a hacker attack every 39 seconds, on average.

Turn on WPA2 Encryption on Your Wireless Router

If you set up your Wi-Fi network several years ago and haven’t changed any settings since then, you might be using the outdated Wireless Equivalent Privacy (WEP) encryption, which is easily infiltrated by even the most novice hacker. Wi-Fi Protected Access 2 (WPA2) is the current standard and is much more hacker-resistant.

People working in office.
10'000 Hours / Getty Images

Depending on how old your wireless router is, you may need to upgrade its firmware to add WPA2 support. If you can't upgrade your router's firmware to add support for WPA2, then you should consider investing in a new wireless router that supports WPA2 encryption.

Wireless routers often come with encryption turned off, and the user must manually turn it on. Consult your wireless router's directions or visit the company's website.

Don't Use a Default Wireless Network Name (SSID)

A Service Set Identifier (SSID) is basically the name of your Wi-Fi network. Your router likely comes with a standard, default ID assigned by the manufacturer. It's easy for hackers to identify the type of router, figure out the default SSID, and crack its WPA 2 encryption, so it's important to change the SSID to something unique.

Also, don't publicize your SSID. All Wi-Fi routers let users protect their device’s SSID via a "stealth mode," so it's harder for hackers to find your network.

Avoid common SSID names at all costs. Password-cracking dictionaries, known as "rainbow tables," include common SSIDs, making the hacker's job even easier.

Create a Strong Router Password

Like SSIDs, most routers come with a preset password hackers could easily find out, so it's important to create a unique, strong password for your router.

Change the password to something long and complex, with at least 12 characters (16 preferred) and a mix of symbols, numbers, and upper- and lower-case letters.

Longer and more random passwords also help thwart rainbow table attacks, because such passwords are much less likely to exist in a precomputed rainbow table. 

Enable and Test Your Wireless Router's Firewall

Most wireless routers have a built-in firewall that can be used to help keep hackers out of your network. Consider enabling and configuring the built-in firewall (see your router manufacturer's support site for details).

Periodically test your firewall from outside your network (i.e., the Internet). There are many free tools out there to help you accomplish this, such as ShieldsUP from the Gibson Research website.

Turn off Admin Privileges on Your Router

Routers can be accessed by their owners over Wi-Fi, which is helpful, but hackers can also access these settings if they get into your network. To play it safe, disable the remote administrative features of your wireless router by turning off the Admin via Wireless configuration setting.

When you disable Admin via Wireless, changes can be made to your router only by someone who is connected to it via an Ethernet cable, so outsiders can't turn off wireless encryption or your firewall. Consult your router's manual for instructions on disabling Admin via Wireless, or visit the manufacturer's website.

Bonus tip: make sure to update your router's software. Periodically visit the manufacturer’s website to see a new version of the software is available for download. Register your router with the manufacturer and make sure you're getting any update news.