Securing your wifi network is essential, but it isn’t difficult. Even if you are not the best friends with technology, you’d be surprised how insecure your home network is and how vulnerable you are on an open WiFi. If somebody gets into your home network, they could potentially collect your private information or send death threats to the President of the United States from your IP address. If you connect to a hostile network, your phone could be controlled by others forever, and you wouldn’t notice until you lose access to all your accounts and end up facing insane credit card debt. And if you somehow think that cybersecurity doesn’t concern you, by 2025, the global cost of cybercrime will reach $8 trillion.
This wifi network security Guide will be easy. The goal is to help as many people as possible secure their networks because the security of computers also has something equivalent to herd immunity. If everybody around you has a secure network, each individual network is that much more difficult to target.
Find Wifi Security Settings in Your Router
The first step you need to make is to make sure your home network is encrypted and all default passwords are changed. This is a very easy step and the most effective one. If you only do this, you’re already way ahead in your security. The easiest way to access your router settings is to log into your router’s web interface.
This is usually the IP address of your router. You can find it displayed on your router or in the documentation that arrived with it in the original packaging. If you can’t find it, you can also use your PC or phone to get your router’s IP address. On Mac, Linux, and mobile devices, you can find your router’s default gateway in the network settings of your connections. On Windows, Select Start and type CMD.
Hit Enter and the Windows command prompt should pop up. In the command prompt, type in IP Config and press Enter. If you are connected to your WiFi router wirelessly, or through an Ethernet cable, your router’s IP address will be displayed as the default gateway. Type this IP address into your browser URL bar, where you normally type websites. It will ask you for an admin name and password.
This should be the default password that is displayed on your router or on a sticker that has your WiFi’s name and password to use to connect to your WiFi network. Beware that the admin password is not the same as the password you use to log into your WiFi. Hard gigs are that your router’s admin name and password will be admin. Every router firmware will look slightly different, so it cannot follow any particular device that would suit all the same principles and settings, however, apply equally to all firmware interfaces. When you log into your router’s web interface.
Encrypt Your Wifi Network With Strong Passphrase
The first thing to do is to go to wifi security settings. Choose the strongest encryption available. This should be WPA or WPA Two. If your router doesn’t support this encryption, I recommend you buy a more modern router. This is absolutely essential, as the older standard Weep encryption has been broken years ago, and opting for no encryption leaves our network open for anyone to connect to, spy on, and exploit.
Encryption, however, only works with a strong password. Chances are high that you never changed the default password or you made it something easily guessable. Make a passphrase that is at least 16 characters long and easily memorable. The longer the passphrase, the better. When you change your passphrase, you’ll need to enter it on all your devices in order to reconnect them to your WiFi network.
You should also change your WiFi’s name to something that doesn’t reveal your router’s model or manufacturer and doesn’t identify with your household. So not your pet’s name or street name with house number B. Generic is a Marvel movie. This can be done by changing your wifi SSID. Changing your SSID is not bulletproof, but it does make it harder for others to guess what router you use and search for vulnerabilities in it to exploit it.
Don’t leave your wifi router’s interface yet. You also need to change the default admin name and password so that others cannot get access to your router’s settings and change them. To get access to your network again, use something that doesn’t identify you and for your password, use a strong password. Make sure it is different from your wifi network passwords. If you want, you can easily write down these passwords and names and store them somewhere safe in your home.
If you lose your passwords, you can easily factory reset your router to its default settings. There is usually a button for this somewhere on your router that you can press with a pen or a needle.
Update your Wifi Router’s Firmware
You should also update your firmware. This should be possible to do from the router’s web interface. wifi Router firmware doesn’t usually come with many updates, so you don’t have to check this option too often. But if you haven’t checked for updates since you bought your router, it is time to do it now. If your router is supported.
Enable Firewall Firewall
Enable Firewall Firewall is a crucial part of secure networking for all connected devices. You shouldn’t use any device without a firewall. On Windows, Search for firewall settings and make sure your firewall is always on for all types of networks. Set all the WiFi networks you connect to that are outside of your home to public networks.
This increases the firewall protection of your PC. On Linux, the easiest way to enable a firewall is to use Gufw on macOS, Enable your firewall under security and privacy settings. For mobile operating systems, use a third-party application Firewall, to block all network connections for unwanted apps, even default, and root apps. The best application firewall for Android is a Net guard. The best one for iOS is Lockdown. If you need to use a public network, use it with a VPN. Using a VPN on your phone will disable your application firewall.
There is no way around this, which makes mobile web browsing way too insecure. Web browsing on the desktop is safer, so to stay secure, I wouldn’t recommend connecting your phone to a public network in a hotel or airport.
Set Mac Address Filtering
Changing other settings adds more inconvenience for a smaller, marginal increase in security. If you care about those margins, you can set Mac address Filtering. The best way to approach this is to first connect all the devices that you regularly use on your home network and then only allow their connected Mac addresses. This does make it more difficult for other devices to try to connect to your network. However, someone within the range of your WiFi could use tools to observe your network’s traffic. Find the whitelisted Mac addresses and change their Mac address to one that matches your whitelist.
Some people recommend hiding your SSID, but I can’t vouch for this one. Hiding your WiFi doesn’t stop its broadcast and doesn’t make it invisible to network analysis tools, which are available for free and require little skill to operate. It also adds unnecessary convenience on your part as you’d have to manually type the full name of your network on any new device.
Change Default IP Address
Another hidden security enhancement for your wifi router is to change its default IP address. This makes it more difficult for malicious scripts in your web browser, to target routers at their local IP addresses.
If your router’s gateway is 192.168.1.0, you can change it to 192.168.1.50. If somebody is already on your network or has malware on your device connected to a network, they could still determine your router’s gateway.
So this again is not a silver bullet, but it does reduce your attack surface a little bit. Make sure that all websites you visit and all connections you make are encrypted with HTTPS protocol. There’s a good browser extension HTTPS everywhere that you can set to block all unencrypted traffic.
Encrypt DNS Traffic
Equally important is to encrypt DNS traffic. Most DNS queries are unprotected, much like most HTTP traffic used to be unencrypted before the Snowden leaks in 2013. This standard is, fortunately, changing for DNS as well. There are several methods to use for secure DNS encryption. The one I would recommend would be DNS over HTTPS or DNS over TLS.
This tab is easy, but it is not available on all systems yet. Microsoft is planning to release Windows support soon, but in the meantime, you can enable DOH on Firefox in network settings. By default, Firefox will use Cloudfare, but if you want to use a more decentralized option, Privacy Tools is a list of encrypted DNS providers. All you need is to copy their DNS server and paste it into the field for DNS address in your Firefox settings. The same mechanism applies to pretty much any DNS settings app that supports DNS encryption.
Android Pie or later supports DNS over TLS for all networks, which you can find under Advanced in Network and Internet Settings. Older Android devices support DNS encryption for individual networks. This requires following the traditional mechanism of replacing your DNS servers with the ones that you choose for handling encrypted DNS queries on iOS devices.
A secure wireless network will help protect you and everyone on your local area network (LAN) from threats like viruses, spyware, and identity theft. It’s also important to remember that sometimes the most effective security plans are the simplest ones; making some small changes can go a long way toward protecting yourself online.
That is it for today!