This guide will help you understand the basics of your wireless router, and how to ensure it is as secure as possible against intruders, also commonly known as free loading neighbors. If you are well versed in the basics of wifi, check out our advanced guide to speeding up your connection.
1. Accessing your router:
You can find the IP of your router in the manual that came with it. Enter the ip of your router into the address bar of your browser, for example a common router address is http://192.168.1.1. If you no longer have the manual you can still look up the IP for the router:
For Windows 7:
- Click the Start Menu (usually located on the bottom left) then type “cmd” into the box that says “Search programs and files”. Alternatively you can press the <windows key> + <R> which will bring up the run menu. You just have to type “cmd” then press <Enter>.
- When the command line pops up, type “ipconfig /all” and hit <Enter>.
- Search for a line that reads “Gateway”. Write down the numbers that follow. Should look something like “192.168.1.1”.
- Enter that number into your url of your favorite web browser to get to your router.
For Mac:
- Open up System Preferences and click on Network. The address for the router is listed in the main menu.
Once you have found your router’s ip address and entered it into the address bar of your browser, it will ask for a login name and password. You can find the defaults in the manual. If you don’t have your manual you can also find the defaults on the internet. This site has a list of common default username/passwords for many brands of routers.
2. Change your default SSID
The first thing you want to do when you get into your router is change the SSID (wireless network name) of your router. Leaving it on the default is always an option, but unique names are easier to relay to housemates and family. Leaving your default SSID is also a sign to wifi intruders that you may have less stringent security.
3. Change encryption level: WEP, WPA-PSK, etc
After you have changed your SSID you will want to change the level of encryption on your router to the highest available. Wireless, due to its nature of broadcasting data in a wide radius is vulnerable to intrusion. The amount of cipher and encoding your network uses to encrypt your internet traffic is dependent upon which setting you use. You will want to use the highest level available via your router, which is usually at least WPA (Wireless Protected Access.) WEP, or Wireless Equivalent Privacy is the weakest form of encryption and is easily cracked so avoid using it if possible.
4. Set a passphrase
Set a passphrase that is more than 14 characters and contains uppercase, lowercase, numbers, and symbols. If you include all these, it will make it significantly harder for someone to gain access to your network. Another trick is to substitute letters for numbers. Common ones are: 3 = E, 4 = A, 7 = T, 0 = O etc. If you decide to go with a bunch of random characters make sure to write it on a piece of paper and keep it somewhere safe. Another option is to tape it to the bottom of your router.
5. Keep firmware up to date
This is important for everything. The firmware of your router controls not only your user interface but the performance and function of the router itself. Making sure your router’s firmware is up to date from the manufacturer ensure that flaws in previous versions are patched. Most routers now support automatic updates via the web interface.
6. Don’t disable SSID broadcasts
It used to be the norm to disable your SSID broadcast so that it did not come up under wireless searches. When you stop your SSID from broadcasting, your laptop will be constantly searching for your router. It makes connecting more difficult for the average user but anyone who wants to get in will still be able to discover your hidden network with tools they can get online for free.
7. Enable MAC address filtering
MAC address, or Media Access Control (not to be confused with Apple’s Mac) is way of identifying a machine. It is unique to each machine’s NIC (network interface card). Enabling a MAC address filter adds another layer of security by only allowing MAC address that you specifically add to the approved list to gain access. You can find your MAC address by following the same steps in which you found your router’s IP address. It should be located under the name “Physical Address.”
9. Disable remote logins
By default this is turned off after the well known router worm that used brute force to access your router usually because people didn’t change the default login and password. If you need to remotely change your settings makes sure to only have it turned on while you’re working on the router and make sure to turn off remote logins after you’re finished.
[…] This quick guide will help you achieve better speed, especially if you live in a wireless dense area like an apartment complex or dorm. You can read our beginner’s guide to wifi security here. […]