If you have internet service in your home – and many American households do – chances are you’re accessing it via a Wi-Fi connection. The freedom of movement that Wi-Fi provides allows us to access the internet virtually anywhere in our homes, completely cord-free, and we generally don’t give it much thought.
But Wi-Fi routers can be the source of a security breach in your home if not configured properly.
In February 2014, thousands of people using ASUS brand routers discovered an alarming message saved to their devices. Thanks to a security flaw in their wireless router, anyone in the world with an internet connection would be able to access not only their home’s router, but also any files made accessible to other devices connected to the Wi-Fi through an external hard drive plugged into the router. ASUS had touted this service as a “private personal cloud for selective file sharing,” even though the router had easily-exploitable vulnerabilities, rendering it anything but private.
The resulting complaints to the Federal Trade Commission (FTC) and various legal actions taken against ASUS have served as a wake-up call for both the industry and consumers. The resulting agreement reached between ASUS and the FTC will require ASUS to maintain a comprehensive security program and undergo independent audits for the next 20 years.
In the meantime, however, how can you make sure your home Wi-Fi router is secure?
How to Secure Wi-Fi
- Change the wifi password and username – Every router, regardless of brand, ships with a default username and password to assist in the setup of the router on your network. This needs to be changed immediately during the initial router installation process, and you will need to create a strong, unique password.
- Change the default SSID – The service set identifier (SSID) is set with a default at the factory to aid in troubleshooting. A hacker can use this default SSID to identify the device in order to exploit known vulnerabilities.
- Log out of the management website for your router – The manufacturer-provided website used to configure and manage the router can be a point of entry if you stay logged in.
- Configure router to use WPA2-AES – Wi-Fi Protected Access 2 with Advanced Encryption Standard encrypts the communication between the router and the device. Anything other than WPA2-AES should be considered not secure.
- Disable WPS – While Wi-Fi Protected Setup (WPS) is designed to make it easier to connect devices to your network, it’s also easily exploited.
- Limit WLAN signal – Your signal can extend beyond the walls of your home, so limiting the range of that signal also limits access.
- Disable Universal Plug-n-Play – UPnP allows network devices to discover and establish communication with each other on the network. Enable UPnP only if you need to use it.
- Upgrade firmware – The software that operates your router may be subject to updates and patches from the manufacturer. Check your router manufacturer’s website to determine if you need to upgrade the firmware.
- Disable remote management – Remote management can allow intruders to establish a connection with the router through the WAN interface.
- Monitor for unknown device connections – The router’s management website can help you to determine if any unauthorized devices have accessed your network.
- Turn network off when not in use – If you’re going to be away for an extended period of time, consider turning your network off.
The security of your home network should be as important as the security of your physical home. While locks can prevent someone from breaking in and stealing your possessions, a secure home Wi-Fi can protect your personal information. Possessions can be replaced, but compromised personal information can open you up to issues like identity theft and banking fraud – and these are much, much harder to remedy.