Close Menu
    Subscribe Login

    5 Easy Ways to Make Your Router More Secure

    WoozadBy Updated:08 Mins Read Security
    5 Easy Ways to Make Your Router More Secure
    When you set up a router, you’re not just bringing the Internet into your home. This small network device can act as a gateway for malicious individuals to access your digital life if you don’t take the necessary steps to protect it. Being a device with software and firmware, hackers can use several ever-changing methods to hack it. They look for weaknesses like default passwords, outdated firmware, and weak encryption to gain access and disrupt your life. Fortunately, you are not defenseless.

    You might think that cybercriminals don’t target routers much, but they do. According to a report from cybersecurity firm DexPose, among cyberattackers targeting IoT devices, 75% of them target routers (Netgear is the most targeted). When hackers take over routers, they infect them with malware, allowing them to spy on you, recruit the device into a botnet, and use your connection for fraud and cyberattacks.

    You don’t need to be a security expert to boost the security of your router. You should change the default Wi-Fi password when setting it up, but you should go beyond that by getting to know a few important settings. For example, you need to change your default SSID and administrator password. You should also enable things like MAC address filtering, disable Universal Plug and Play (UPnP), and make sure the router uses a strong security protocol.

     

    Enable automatic updates and MAC address filtering

    One of the best ways to ensure that your router always has the latest features and security patches is to update it regularly. For most modern routers, you can enable automatic updates so you don’t have to actively monitor them. This can be useful if you sometimes forget or are away, which can leave your router vulnerable. When a hacker finds out what model you’re using and what firmware version you’re using, they’ll look for an existing exploit to take over and install malware or steal sensitive information.

    Here are the general steps to enable automatic updates on routers:

    1. Log in to your router’s app or admin panel.

    2. Click “Administrative” or “Advanced”.

    3. Enable “Automatic Firmware Update”.

    4. Set when it should be updated.

    5. Save and exit.

    Another thing you can do is enable MAC (Media Access Control) address filtering. Every network and Internet device has a MAC address, a unique identifier assigned to its network interface card (NIC). If you enable the “Whitelist” filtering mode, you will need to enter the MAC addresses of all devices allowed to connect to the router. If you choose “Blacklist”, any device whose MAC address is on this list will be denied access.

    To enable MAC address filtering, you need to do the following in the settings or in the admin panel:

    1. Click “Wi-Fi Settings”, “Tools” or “Advanced”.

    2. Enable “MAC Filtering”.

    3. Choose a filter mode.

    4. Enter the MAC address you want to allow or block.

    5. Save and exit.

     

    Change your default SSID and administrator password.

    Your router has a Service Set Identifier (SSID), which is basically the name of the Wi-Fi network. It’s what appears in your list of Wi-Fi connections when your device searches for them. If you still use the default one, hackers can use it to determine the make and model of your router and target its specific vulnerabilities. Editing it is the easiest way to hide this information. But don’t use something personal like “John Doe home Wi-Fi” because that can reveal your name to hackers who could launch a phishing attack if they’re so determined.

    To change your router’s SSID, you typically need to do the following:

    1. In the router’s settings or admin panel, select “Wi-Fi Settings” or “Wireless Settings”.

    2. Find the SSID field and change it to something impersonal. If you don’t see it right away, look for it in the “Wireless Settings” section or submenu option.

    3. If you don’t want to broadcast the SSID at all, check the “Hide” option.

    4. Save and exit.

    Even if you change the SSID, a hacker will still be able to find out which router you have. In this case, they might try to hijack it by using the default username and password. This is one of the simplest router settings that people often forget to change. It is easy to understand because it is common knowledge, especially to routers that have it printed on the back and underneath.

     

    Create a guest Wi-Fi

    Before buying a router, especially a cheap one, it is essential to make sure that it allows you to create a guest network. It’s a simple toggle in the settings that creates a separate network when flipped, with a different SSID and password that guests can access. This is important because people are usually the weakest link in any security system and can render many of the measures you have taken so far useless.

    With a guest network in place, if a guest makes a mistake and unintentionally leaks the password to a hacker, they will not have access to the main network. This protects your personal information by making Man-in-the-Middle (MitM) attacks useless, since the hacker won’t see your real traffic (guests are still in trouble, though). It also protects your connected devices, such as phones, tablets, cameras and baby monitors. Additionally, if the guest’s device becomes infected with malware, the guest network will act as an effective containment zone preventing a network-wide infection.

    Follow the steps below to create a guest network:

    1. Go to router settings in the app or admin panel.

    2. Search for “Wireless Settings,” “Wi-Fi Settings,” or “Network Settings.”

    3. Enable “Guest Network”.

    4. Configure credentials for the guest network.

    5. Save and exit.

    When an outside person you trust wants to use your Wi-Fi, simply give them these credentials. On some routers, you can set bandwidth and speed limits to ensure guests don’t slow down the network.

     

    Disable UPnP

    UPnP is a protocol that allows devices on your local network to automatically communicate with each other. For example, if you set up a media server on your home network, it will use UPnP to tell the router to open a port for it so it can send and receive traffic. You don’t need to go to any settings and configure port forwarding yourself. When you are away, you can access this server through this open port using your computer or phone, so you can watch your favorite movies and TV shows.

    The problem with UPnP is that it is not secure. Once a device has access to your network, it will be able to communicate with other connected devices. If this device belongs to a hacker, he can turn others against you. You may not need to disable UPnP if you have taken the necessary steps to prevent unauthorized access to your network. But if you want a little more security (at the cost of losing convenience), you can easily turn it off.

    Follow the steps below:

    1. Log in to your router’s app or admin panel.

    2. Click “Wi-Fi Settings”, “Tools,” or “Advanced”.

    3. Find a section, tab, or menu item “UPnP Settings” (located in the sidebar).

    4. Disable or uncheck “Enable UPnP” or “UPnP Status”.

    5. Save and exit.

     

    Make sure the router uses the WPA3 protocol

    Routers have several security protocols that protect them from unauthorized access, with Wi-Fi Protected Access 3 (WPA3) being the current and most secure standard. It prevents hackers from taking control of your router remotely because it offers stronger password encryption and protection against brute force attacks than previous standards, such as WPA2 and Wired Equivalent Privacy (WEP). If the router was manufactured after 2020, it must have WPA3.

    You can check by doing the following:

    1. Log in to your router’s app or admin panel.

    2. You’ll probably find this option under “Wi-Fi Settings”, but you can also check it under “Network Settings, “Tools,” and “Advanced”.

    3. Look for the “Security” drop-down box and see what protocol it uses.

    4. If it is not “WPA3”, click the drop-down list and select the protocol (if available).

    5. Save and exit.

    If you can’t find “WPA3” in the list, try manually updating your router and see if it appears. Otherwise, the minimum protocol the router should use is “WPA2”. If your router does not allow you to check the security protocol, contact the manufacturer’s customer support and inquire about your model. If it uses WEP or WPA and no further firmware updates are planned to resolve this issue, you need to replace this router.

     

    Share.

    Related Posts