Though there isn’t really an infallible way to keep hackers from infiltrating your network, we are still capable of setting up cyber-security basics that can discourage hackers from trying. In this article we’re going to go through Lifehacker’s tips in securing your wireless router. At best, these steps will not only protect your router, but the devices connected to it as well.
It is important to note that wireless routers have different interfaces. Hence, different ways they name their settings and steps to get to the right option.Lifehacker specifies that the steps below or specifically from TP-Link Archer C7. It’s best to explore your router’s web-based configuration screen or app to familiarize yourself with the necessary selections. It is also noted that some of the steps may or may not be applicable to your router. Accessing your router’s settings can be done either through an app (if applicable) or by pulling up a web browser and typing in the router’s IP address.
Update you firmware. Lifehacker states that some routers bury firmware updates deep in their settings menus while some might even notify you about a new update the moment you log into their apps or web-based user interfaces. It requires some effort, though the payoff of security is worthwhile. Most of us won’t even bother, but with the router manufacturer’s themselves urging you to update, you can bet that it’s for a good reason. Hackers and manufacturers are constantly playing a game of patch-and-seek. The company either finds the vulnerabilities first and releases a patch, or they scramble to release one when a hacker cracks ahead.
Change your password. Keeping the default logins is a bad idea anywhere. Even though your router manufacturer might have given you an incomprehensible string of characters for a password , it’s always better to make a strong and memorable password on your own. Hackers are usually able to obtain a list of factory logins and run them through their tools to crack home networks.
Use WPA2 to secure your wireless network. It’s one thing to not change the default logins. Using WEP is another issue. Lifehacker emphasizes that passwords “protected” with the WEP encryption are a lot easier to brute-force attack than those encrypted with WPA2. There isn’t a reason why you shouldn’t be able to set and use this setting, unless you have an old device that’s incapable of connecting to WPA2 WiFi.
Turn off WPS. WPS—or Wi-Fi Protected Setup may offer the convenience of typing in a smaller PIN number, which is likely printed directly on your router, but it poses more harm than benefits.Lifehacker explains that PIN numbers are much easier to brute-force attack than a complex password. “While a number of routers will time out an attacker after they botch a certain number of password attempts, that hasn’t stopped more ingenious WPS attacks from surfacing.” You either just have to type in your secure password for WiFi, or you can check to see if your router allows you to use push-button WPS instead of PIN-based WPS. Physically pressing buttons on your router and any devices you want to connect will make your network trickier to hack into.
Use a better DNS. Lifehacker recommends using services like Google DNS, Cloudflare, or OpenDNS to safeguard yourself from being intercepted by middleman attacks. Hackers can make use of your ISP (Internet Service Provider) to pull off attacks like spamming ads, pop-ups, and redirects if you simply mistype websites or searches.
Other methods worth considering
MAC filtering. You can limit which devices can connect to the network by enabling MAC filtering on your router, and then proceed to add your current and/or new devices’ MAC address.Devices whose MAC address aren’t in the filter won’t be able to connect at all, even with the password. However, attackers can easily spoof MAC addresses. If this method is more impractical than helpful, then you’ll do fine without it.
Consider scheduling your wifi turning on your router’s scheduling mechanism—if it has one—to just turn off your wifi when you aren’t home.
Lifehacker advises that this may not be the most practical tip for smarthome devices (e.g. automated garage doors, lights, voice systems). But if you don’t have any of these, or anyone else staying at home needing the internet, then turning it off is a fuss-free safeguard for your home network.
Disable potentially sketchy services. Lifehacker recommends turning off settings like “remote management” or “remote administration”. They also oblige disabling UPnP on your router. This might be easily labeled within your router’s main settings menu, as an option that’s buried in an advanced settings. Better yet, consult your router’s manual. It’s a setting that can be exploited for nefarious purposes such as remotely manipulating your smart home appliances. More about the risks of this setting is comprehensively covered at upnp-hacks.org
Consider a separate wifi network for guests and smart-home devices. Yes, this is a setting that you can explore through your router manual. Your router automatically sets up a second SSID for friends or guests to use. Lifehacker suggests that this can be especially effective in keeping your primary network safe from attacks that might come from your less-secure devices, like smart home appliances. “If someone takes advantage of a vulnerability in your smart light bulb and breaks into your network, there will still be a layer of protection between your hacked device and your desktop PC, smartphone, and laptop—to name a few examples.”
Many have fallen victim to hacker exploits after skipping the settings or their router manual altogether. To save yourself from worrying over your WiFi’s security while you’re out in the weekends, take some time to sit down and have a good look at what your fences (router settings) are made of.