From streaming movies to online shopping, we are all WiFi junkies. Visitors prefer to get the Wifi code first and then the coffee. With the convenience of the Internet, however, also comes the threat of poor security. After all, one of the most vulnerable points in your home is your WiFi network. This is exactly why it is important to properly secure your WiFi network. This is how you keep the data and devices of yourself, your family and friends safe. In this guide, we discuss the importance of WiFi security and give you tips on how to secure your WiFi network.
Cybercriminals can use various methods to gain access to your network, such as guessing your login credentials or exploiting weaknesses in your router’s firmware. By understanding these risks, you can better protect yourself and your personal information.
We begin right away with the most important step, which is still skipped by many people:
Change the default login and password
One of the first things to do when setting up your router is to change the default login and password. The default login and password for routers are simply available on the Internet, making it easy for cybercriminals to access your network. To change the login and password, go to your router’s settings page. The process for accessing the settings page may vary depending on the router you are using.
It is important to choose a strong and unique password. A strong password should contain a combination of letters, numbers and special characters. Avoid using easily guessable information, such as your name, address or date of birth. To make your password easier to remember, consider using a password manager such as Bitwarden.
Enable WPA2 encryption
Wi-Fi Protected Access (WPA) encryption is the most secure encryption method for wireless networks. WPA3 now also exists, but most Wi-Fi routers still use the (older) WPA2 standard. To enable WPA2 encryption, go to your router’s settings page and look for the option to enable WPA2 encryption. Once you have WPA2 encryption enabled, you must enter a passphrase. This passphrase is used to encrypt the wireless signal.
It is important to note that some older devices are not compatible with WPA2 encryption. In that case, you must use WPA encryption. However, WPA encryption is less secure than WPA2 encryption, and it is recommended that older devices be upgraded to support WPA2 encryption.
Disable remote management:
Remote management allows you to access your router’s settings page from a remote location. While this feature can be convenient, it also poses a security risk. Sounless you want to be able to manage your grandmother’s router remotely you better turn off this option. Once you’ve disabled remote management, you can only access your router’s settings page from your home network. It’s so safe.
Use a firewall:
A firewall is a security feature that helps protect your network from unauthorized access. A firewall can be software-based such as Pfsense or hardware-based. A software firewall runs on your computer and monitors incoming and outgoing traffic. A hardware firewall is built into your router and controls all traffic passing through your network.
You also configure the firewall in your router’s settings page, look for the firewall option. Once you configure the firewall, you can set rules for incoming and outgoing traffic. For example, you can block incoming traffic from certain IP addresses or block outgoing traffic to certain websites.
Use a Guest Network
Almost every modern router has the ability to set up a guest network. For your guests, the guest network works the same as a regular Wi-Fi network: they just get Internet access, but you give them a different password. But the guest network is separate from the rest of your network. This way, your guests will not have access to your PC, NAS or other network devices.
But you can also banish (smart) devices that you don’t quite trust to have good security to the guest network.
Putting Internet of Things (IoT) devices on a guest network can provide several benefits.
Isolating IoT devices from the main network can prevent them from potentially spreading malware or being used as an entry point for cybercriminals. In terms of privacy, by keeping IoT devices separate from the main network, you can prevent them from potentially collecting or transmitting sensitive information from the main network. Separating IoT devices on a guest network can minimize the risk of security breaches, network congestion and privacy issues.
Firmware of your router
It is important to keep your router’s firmware up-to-date; these updates often contain security patches that fix known vulnerabilities. So check regularly-at least every 6 months-to see if an update is available.
You might also consider replacing the default firmware with open-source firmware. It is not very difficult but you have to be comfortable with a little technique.
Replacing the standard router software with open-source firmware can offer several advantages, including:
More security: Many open-source firmware options include more advanced security features than standard firmware. Moreover, because the source code is public, it can be checked by a community of experts to identify and fix security problems.
More flexibility and customization: With open-source firmware, you can customize your router’s settings to suit your needs. This can include advanced features such as VPN support, QoS and more.
Regular updates and bug fixes: Open source firmware options are often updated more frequently than standard firmware, allowing you to get the latest security patches and bug fixes (sooner).
There are, of course, drawbacks to replacing the standard router software with open-source firmware:
Lack of support: If you experience problems with your open-source firmware, you may not have access to the same level of support as with the standard firmware.
Complexity: Installing and configuring open-source firmware may initially be more complex and time-consuming than using standard firmware.
Risk of the router crashing: If the installation process is not performed correctly, the router may become unusable.
Best open source router software
If you decide to replace the default router software with open-source firmware, it is important to do research and make sure you use a firmware option that is known to be secure. It is also advisable to back up your current router settings before making any changes, in case you need to roll them back.
DD-WRT: DD-WRT is a Linux-based firmware that provides advanced features such as VPN support, hotspot options and advanced QoS. It is compatible with a wide range of router models and is known for its stability and reliability. Website DD-WRT
FreshTomato: Tomato is a firmware that provides advanced features such as bandwidth control, VPN support and advanced QoS. It is known for its user-friendly interface and is compatible with a wide range of router models. Website FreshTomato
OpenWRT: OpenWRT is a Linux-based firmware that is highly customizable and offers advanced features such as VPN support, hotspot options and advanced QoS. It is compatible with a wide range of router models and is known for its stability and reliability. Website OpenWrt
We recommend FreshTomato to the average user. Freshtomato’s installation and configuration is also the most user-friendly. Just make sure your router is suitable for this. We previously wrote an article on secure routers.
Securing Wi-Fi network: Getting Started
If you want to learn more about Wi-Fi security, there are many resources available online such as Reddit. I hope this guide has made you aware of the value of proper WiFi network security.