General steps to secure a wifi network from outside access and protect the internet at home.
READ ALSO: Protect your wireless network from intrusion, eavesdropping, and spying
Wi-Fi network security guide
Many ignore it but the data transits over an unsecured Wi-Fi network and can be intercepted by someone nearby. The most trivial example is the neighbor who “latches” our internet connection to make his own business, slowing down the network for his own purposes (whose faults will all fall on us). In more serious cases, real data theft such as website account passwords can occur.
Since then the Wi-Fi network security is required to keep our personal data safe when connecting to the internet, whether at home or in bars, or other places, everyone should follow the following steps to protect networked devices and keep them safe from possible external intrusions.
Wi-Fi security protocol
First of all, it is important to check what type of connection protocol is used by the wireless network at home; if there are no passwords it means that the network is free and that anyone can enter it freely (nearby of course). Choosing a password however is not enough, we must also check that type of security protocol is used. Currently, the protocols are:
- WEP: it is the oldest and weakest wireless security protocol, it should be avoided on all modems as it can be hacked in 2 seconds (many modems don’t even offer it anymore).
- WPA/WPA2-TKIP: it is a protocol that is better than WEP, but it may not be secure in some scenarios, as there are apps that can crack it in 5-10 seconds.
- WP2-AES: it is a fairly secure protocol for all domestic connections and is difficult to crack (special conditions are needed to be able to discover the password).
- WPA3: currently it is the safest protocol, practically impossible to violate even by choosing a password that is not very long (better if it is random and not associated with any important event or date).
To protect our network it is, therefore, advisable to focus on WP2-AES or better still on WPA3, so as to avoid any kind of external attack.
Change the network security settings and enable WPA2 / WPA3
The wireless modem or router is a device that creates the Wi-Fi network; if the home network is not secured with WPA2 or WP3, it is absolutely necessary to access the router settings page to configure the WPA2 type password.
To do so, read the modem user manual or consult our guide on how to configure a Wireless Router to install a secure Wi-Fi network. In general, you can enter the router settings by opening a web browser (such as Chrome or Firefox) and taking us to the address 192.168.1.1 O 192.168.0.1 (in this regard we can read the guide on how to find the IP address of the router). Once the login screen is open, enter the password for admin (which if it hasn’t been changed it always is admin), go to the Wi-Fi or Wireless menu, choose WP2-AES or WPA3 as protocol and choose a new secure password, as also seen in the following chapter.
Create a password for the Wi-Fi network
To secure your network with WPA2 or WPA3 you obviously need to create a password that is unique, such as a long combination of numbers, letters, and symbols, so that others cannot guess it. Since you can only access the network if it gets the signal, it is not wrong to write down the password on the router itself or on a sticky sheet to stick on it.
For an even more effective connection, we can also create a QR code to connect friends on the network without giving them the password. In this way, it will be enough for them to scan the code with their smartphone to access the internet without having to write passwords; to choose a secure password we can instead rely on our in-depth analysis of 5 ways to create secure, easy-to-remember passwords.
For those who use the proprietary modem of the telephone operator, it is always advisable to change the password, since it is generated through algorithms often pierced or known by hackers, which insert them into apps to pierce Wi-Fi networks, such as those seen in the guide Find out the Wi-Fi password with the Android WPA WPS Tester app.
Protect the modem with a new password
Each modem needs its own access password, completely different from the one used to protect the network. All newly purchased modems or routers have an easily identifiable default password, as also seen in the guide sites where to find login and password for all routers); if you do not change the modem/router password, anyone (with access to our network) can enter the modem settings, launch attacks on the entire network in a simple way and sniff traffic as they wish.
To strengthen network security, we always recommend resetting the router access password from the router settings page (as seen in a previous chapter of the guide). After the change, we keep this password safe, which must be different from the one you use to connect to the Wi-Fi network.
Other safety tips
Finally, we can secure the computer on the network by applying the following tips:
- We activate the firewall of the modem/router (if present).
- We disable WPS from the Wi-Fi settings: we will not be able to connect by pressing the single WPS button, but we will prevent the attacks carried out through this system.
- We deactivate UPNP from the modem settings: another system widely used to find network devices and quickly recover the password.
- We install a good antivirus with firewall on Windows PCs, like those seen in the guide Best free, complete and free protection and security suites. You cannot forget to also secure the computer connected to the network and in this regard, the default protection of Windows 10 may suffice, but you can also install a free program, such as Glasswire to control and protect internet traffic.
- We activate the guest Wi-Fi network for people who come to visit us: in this way, they will not be able to view our network devices, they will only be able to browse certain sites and we can always disable it or change the password once they have gone away.
These things are also well explained in our guide to precautions for surfing on public or unsecured Wi-Fi.
Modern Wi-Fi networks are difficult to hack, especially if you follow the advice given in the guide above to the letter. Unfortunately, many people still choose simple passwords that can be easily identified with a dictionary attack or with a collection of detailed information about the victim of the attack: without even realizing it, hackers can sneak in and control network devices or spy on our connections.
To learn more about this topic we can also read our guides Anti Hacker programs and tools e Most used techniques to steal passwords on the internet.
If, on the other hand, we need a new modem with fiber and WPA3 support, we suggest you read our article Best router for fiber: which one to choose.