Is your home’s wireless internet secretly harming your security? It could be.
Today, many homeowners are unaware that their home routers have serious security problems. Your home’s Wi-Fi might be silently impacting your security every day.
With that in mind, let’s take a look at four lesser-known Wi-Fi security threats – and how to defend yourself against them.
Change your Default Router Settings
Today, most modem and router manufacturers and your ISP will pre-configure your router with Wi-Fi encryption using a strong default password. That password will often be listed on the router itself, or written by your installation technician somewhere on your router’s packaging.
If you’re serious about security, then this isn’t a good idea. The issue here isn’t that someone could break into your home and check the bottom of your router for the password. At that point, your problem is more serious than just Wi-Fi hacking.
Instead, the problem here is that someone could guess your password using the default combination.
As reported by PCWorld, some router and modem manufacturers use a portion of your device’s MAC address and/or default SSID (network name) in the Wi-Fi password. This can lead to passwords that look difficult to guess, but aren’t really, like:
In this case, part of the password (TG1672G) is the model number, and the other part is its MAC address (D4:05:98:1E:1F:02).
In other cases, these companies could use your name, your address, or other identifying information as part of your password. Many ISPs have started changing your password to things like [Name][AddressNumber][Exclamation Mark], for example, which leads to an easily-guessed password like:
The most dangerous passwords are passwords that you think are secure – but are actually easily guessed. Change your default router settings after you get your router.
Losing a Device Means Losing Every Wi-Fi Password You’ve Ever Owned
Losing a tablet or phone is bad enough. But losing that device means you’ve also introduced a big security threat to your world: old devices store every password you’ve ever used, including your Wi-Fi password.
The best way to prevent this is to lock down your electronics. If you’ve lost a device, remotely lock it. On your current devices, setup passwords and encryption.
This is particularly important if you work for a major company. Someone may be able to gain access to the private corporate network by stealing your device.
Wi-Fi Protected Setup Buttons Are a Security Risk
Today, many modern routers come with a WPS button that lets you easily setup a Wi-Fi network and connect devices with a push of your button – or the entry of a PIN.
Unfortunately, WPS has long been riddled with security problems. Hackers have shown an ability to gain access to a network without needing to crack a router’s Wi-Fi password. Surprisingly, these holes have remain unpatched over the years.
The best way to avoid this security problem is to disable WPS on your router. Most routers allow you to do this from the admin menu – although not all allow it. If you can’t find the setting on your router, try looking for a firmware update that enables you to change the setting.
Don’t Disable SSID Broadcasting
If you look up “router security tips”, you’ll find plenty of lists that recommend disabling SSID broadcasting.
However, writers at PCWorld claim that this can actually do more harm than good. Disabling SSID broadcasting prevents your wireless network from being broadcast to your local area, which means you need the specific SSID to connect.
However, disabling this setting only removes the SSID from the beacons the Wi-Fi router sends alerting nearby devices to the presence of the network. These “beacons” are the reason you see wireless networks on your phone or computer’s Wi-Fi device list.
Here’s the problem: modern electronics will still display a network when SSID broadcasting is disabled. The network will just be displayed as something like “Hidden Network”.
When you connect to that network, the SSID is still broadcasted, unencrypted, for anyone to see. An average Windows machine won’t pick it up. however, Wi-Fi analyzers like Kismet or Airmagnet can all intercept the SSID.
Instead of disabling broadcasting your SSID, your best option is to encrypt your SSID. Enable WPA2 with a strong password, and you’ll deter most hackers from attacking your network.
By implementing the tips listed above, and making sure to use WPA2 security (not the old, outdated WEP protection), you can ensure your home stays protected against the latest wireless threats.