5 Simple WiFi security tips

It seems as if nearly every home and business has a Wi-FiA Wireless Router connection these days, in fact, I can see seven at the moment from inside my house. But as Wi-Fi goes more and more mainstream, it is reaching people who may not be best equipped to set it up securely. So, in an attempt to put that right, I’ll run down 5 simple steps you can take to secure your wireless network. Bear in mind, these are tips that the average person should be able to use, so I’m not going to get hyper-technical. Also, different routers have different administration interfaces, options, and names for features. So if in doubt, consult your manual (or google).

First things first though. To get to these options you will need to access the software on your wireless router. This may be done through a custom piece of software (like that found on Apple Airports) or, more commonly, through a web-based interface. To get to the web interface, consult the router’s manual although it’s highly likely just typing “http://192.168.1.1” into your web browsers address bar will get you there. You will usually have to log in when you try and access this page, to do so, either consult your manual for the default username and password (alternatively, you can find the default passwords for most routers on the internet) or enter the one you chose at initial setup.

  1. Turn on security – This, really, is an absolute must. All Wireless routers (the box that “routes” the wireless connection out to the internet, and vice versa) come with security of differing types. It is very important to turn it on. However, you may find a choice confronts you, WEP,WPA, WPA PSK, WPA2, TKIP and loads of other acronyms that just give people headaches. To cut through it all, generally speaking, WEP is fairly insecure while WPA PSK and WPA2 are better. I won’t bother explaining the difference, it’s not important, but if you can, go for WPA2 and use as long and as complicated a password as you can. You won’t have to enter your password very often (in fact, of it’s a home network and you don’t travel with your computer, you only have to enter it the very first time), so don’t worry about memorising or typing it, make it, write it down and put it somewhere safe.
  2. Hide your network – Every wireless network has a name, this name is called an SSID. When you search for networks, it is the SSIDs that appear in the list of results. You can prevent other people from seeing your network by turning broadcast SSID to off. This means that when people search for networks, yours won’t appear. What this means to you is that when connecting to your network, you will have to type in the name, as opposed to selecting it from a list. Of course, you will only need to do this once (unless you connect to a wide variety of different networks regularly) so it shouldn’t concern you.
  3. Make your network invite-only – If you set up a network with the intention of just accessing it yourself, or allowing access to a small number of devices, MAC filtering can provide an extra level of security. A MAC address is a unique number assigned to every wireless device. By enabling Viewing the MAC address on OSX.MAC filtering, you can deny access to machines with certain addressed or, better still, only allow access to certain devices. Say your computer only. To find out your MAC address, fire up the command prompt in windows (Start Menu > Run > type “cmd” and press return) and type “ipconfig /all”. The MAC address of your machine will appear in the list. If your using OSX, open up System Preferences, click on Network and select the airport connection. From here, click on configure and the MAC address is labeled as Airport ID.
  4. Make sure your passwords are different – The observant amongst you would have noticed that there are two important access credentials (like username, password etc.) you need to run a Wi-Fi network. Firstly, there’s the password you need to access the network, this is the one you type in when configuring your computer to use the network. Secondly, there’s the username and password you need to access the admin options on the router. These are completely separate, and therefore, should have unique passwords. It also helps to change to a username other than the default for your router. By keeping these credentials different, you ensure that even if someone gains access to your network, they can’t go messing around with your setup and therefore take it over.
  5. Provide a physical barrier – Many Wi-Fi routers allow you to set the range of the network. Many times, it allows you to increase it beyond the default in order to provide access further away from the router. However, you can use this setting to help secure your network. This may take a bit of trial and error, but it’s worth it and a very powerful trick. XMIT setting on a routerTry to limit the range of your network to the absolute minimum. Try knocking the power down to 75% of its normal setting, heading to the furthest point away from the router where you want to use the connection, and see if it works. Like I said, you may need to try a few different settings, but it’s worth it. The simple fact being, people can’t break into a network that isn’t there. If you’re struggling to find this setting on your router, it’s sometimes referred to as XMIT, Range or Power. This tip may also put your mind at ease if you are at all worried about the recent Wi-Fi radiation concerns.

Over and above those tips, you should be aware that no wireless network is completely secure. In fact, eves if you do follow the tips above, a determined individual could gain access, it would just take allot more work than usual. If you are still worried about security, then maybe you should consider whether you really need a wireless connection, or whether a wired one would suffice. You can also, in many cases, install alternative firmware on your router. Usually, doing this provides more options to you (always be aware of what you are doing), more features, beefed up security and more. Installing a new firmware is a bit beyond the scope of this article, so I’ll just point you in the direction of Lifehacker’s excellent tutorial. The observant amongst you will note that I’m running a different firmware on my Linksys router, as evidenced by the screenshots above.

I hope these help some of you out. Just to demonstrate the importance of security, I’ll leave you with this thought. I was at my Partners parent’s house a few weeks ago and they were having some speed and reliability problems with their wireless connection. I had a look and the culprit was a poorly configured router and laptop. When reconfiguring the router, I checked the logs and noticed there was not one, but two machines accessing the network that they were not aware of. And that was in a quiet suburbian area in middle England. Everyone wants free internet, so prepare to defend yourselves! Any tips? Drop them in the comments.