Secure your home network

You need to make sure your home wireless network is secure, to protect it against unauthorized access or attack. The best place to start is with your router.

When we talk about routers, we’re actually talking about more than one thing. Your home wireless network is made up of three different parts — the modem, the router, and the access points.

  • The modem is the bridge between your home network and the internet.
  • The router is what connects all the devices on your home network, and sends traffic in and out. It shields the devices on your home network from view, acting like a single source of traffic for your home.
  • The access points allow your devices to connect to the home network wirelessly.

The devices that your internet service provider (ISP) provides to you are all these things in one. Your ISP calls them modems, but most of us refer to them simply as routers.

You need to secure your router so people can’t access your home wireless network without your knowledge — or use your WiFi for free. Here’s what you need to do.

Change the default login details for your router

Everything that comes in and goes out of your home wireless network goes through your router. The best place to start when you want to protect it is with the default login details, or ‘default credentials’. You use these to log in to the router, to manage how both it and your devices access the internet. These login details give you ‘admin access’ to the router, and let you define:

  • what data can pass through it, and
  • what devices have permission to send and receive that data.

When you buy a router, it will come with default login details that are set by the manufacturer. Often, all devices of the same model will have the same default username and password. The username might be something like ‘admin’, and the password might be ‘password’. The router should come with details of what the default login details are. If it doesn’t, or you don’t know what they are, you can find a list of default passwords for most routers on the internet.

You can change the default username and password by logging in to your router online. Each router comes with its own IP address — it’s like your router’s URL. It’s usually just a string of numbers, like 192.168.0.1, for example. You can:

  • type this into your browser’s address bar
  • log in with the default username and password
  • change the default login details once you’re logged in.

If you don’t update your router’s default login details, you leave it open to attack. Attackers could use them to log in to your router and gain access to your network or your devices. They could use your devices as part of a denial-of-service attack, for example, where many computers are joined together to attack someone else. If this happened, it’s unlikely that you’d even know about it.

So, before you do anything else, update your router’s default login details. Change both the username and password to something more secure, and don’t share them with anyone.

Change the name of your home wireless network

Your home network name is also known as the service set identifier (SSID) name – what you see when you go to connect to WiFi. You’ll need to log in to your router’s admin account to update it.

When you buy a router, it’ll already have a network name set by the manufacturer. It’s often based on the manufacturer and model name, and this can make it vulnerable to attack. If an attacker knows what make and model your router is, they’ll also know if it has any vulnerabilities. If it does, the attacker could use them to access the network without your knowledge.

It’s important to change the network name as soon as you can. Make sure the name you choose doesn’t include any personal information. For example, don’t include your name or home address as part of the network name. That way, no-one can see that it belongs to you.

Set a password for your home wireless network

While you’re updating the name for your home network, set up a new password for it too. Make sure the password is long, strong, and unique — or use a passphrase, which might be easier to remember.

Keep your WiFi password private. It should only be you and your family (or anyone who lives with you) who know it. You may need to share it with guests from time to time, but the fewer people who know it, the better.

How to create a good password

Use WPA2 or later for wireless security

When you update the login details for your router and your home network, check to see if you need to update your wireless security settings too. You can protect your network by setting WPA2, or a later version, as your default security setting. WPA2 stands for WiFi Protected Access 2. It:

  • protects the traffic going between your devices and your router
  • helps you control who (and what devices) can access your network — the only people who can access it are those you share the network password with.

When you turn WPA2 encryption on, no-one outside your home network will be able to:

  • gain access to the network — or the devices on it — without your knowledge
  • use your WiFi data.

Keep your router up-to-date

Software updates often fix security vulnerabilities in operating systems or apps that attackers could find and use to gain access to your network. Updating your router with any software updates that become available is one of best ways to prevent an attack on your home network.

If you’re using a router given to you by your ISP, ask them what they do to keep it secure. Some ISPs provide security support by managing your router remotely. They’ll patch it if they need to, or will close ports that are commonly abused by attackers.

If you use a router that you bought yourself, make sure you keep up-to-date with any security updates for it. Don’t get behind on installing updates and leave your network exposed. If your router is old and doesn’t get updates anymore, you could consider:

  • investing in a newer model, or
  • talking to your ISP to see what routers they provide.

TIP: Anything you use to connect to the internet through your router needs to have software updates applied too. That means mobile devices as well as those that stay in your home — like your desktop PC or printer, for example. Be sure to update your operating systems and apps whenever new versions become available.

Enable a firewall

A firewall provides security by monitoring the traffic that goes in and out of your home network through your router. It:

  • stops insecure or unwanted traffic entering the network
  • allows legitimate traffic to flow in and out freely.

Most routers come with a firewall that has pre-set rules for how it will manage your traffic. Turning it on will help stop attackers connecting to, or attacking, your router from the internet. It’s important to make sure that no-one can access your router (or your admin account) from outside your home network. It should only be accessible from inside your network, through the router’s IP address.

Visit CERT NZ for more information. 
Visit ACSC for more information.