Virtually everyone has a home wi-fi network. It provides convenient access for laptops, smartphones, tablets and gaming devices. How do you protect yourself?
Administration Account. The first step is to secure the administration account for your wireless router or wireless access point. Change the factory admin account name, and use a strong password (at least 8 characters with upper case letters, lower case letters, and digits). Disable remote access, that is, set it up so that it must be administered from a computer connected directly with an Ethernet cable. Don’t forget the password!
Use WPA2 with AES. Your router comes with multiple authentication options. Choose WPA2. The recommended encryption to use with WPA2 is AES only. You will need to choose a password. Choose one with at least 20 characters. Make sure you don’t use old methods, particularly WEP, which are insecure.
Disable WPS. Most consumer-grade routers include a feature called WPS, or Wi-Fi Protected setup. This is a feature designed to help you quickly and easily setup your security options. Disable this feature. In December, 2011 researchers published details on how to easily hack this feature and gain access to your network.
Enable the Beacon. In a change from earlier advice, leave the beacon enabled. Set it to something unique and different from the default which might be something like “linksys”. Keeping the beacon enabled helps protect your devices (laptops, phones) from attacks while away from home using a technique known as the “Evil Twin” attack.
The Preferred Network List
Consider OpenDNS. While this is not related to wireless security specifically, since you are into your router settings now would be a great time to add another layer of defense. OpenDNS is a free service that helps you avoid unsafe websites which are a major attack vector. Check the OpenDNS web site for instructions on configuring your router and for more information on what DNS is and how their service protects you.
Don’t Forget to Secure your Devices! The weakest link in your wireless security could be your laptop or mobile phone. Keep the operating system and wifi drivers updated. Switch off wifi when not in use. Delete networks from your list of saved networks (the Preferred Network List) that you do not regularly use.
These simple steps can give you the convenience of home wifi, without doing the equivalent of dangling an Ethernet cable out to the street.
