I covered some tips on wireless network security. Wireless network security is important Use the following recommendations for additional security on your wireless networks. Read and implement them in your wireless network.
Change the Default Username and password on Wireless Router:
This is the first task you must do to better secure your wireless router. If you have a router or access point, you probably used a default name and password to configure the device. Factory default username and password must be changed when you start to configure the router. Those username and password are known publicly, so don’t leave it as default setting. For more details, download some router manuals from vendor website, you would be able to find all these information.
Most of the manufacturers use the same default name and password for all of their equipment. Find below some examples of default username and password of wireless router from different vendors:
Linksys : Default username:(leave it blank) Password:admin
Dlink : Default username:admin Password:(leave it blank)
Netgear : Default username:admin Password:password
Configure a network security key:
For home or office wireless network, you should configure a network security key, which turns on encryption. With this unauthorized users can’t access to your network without the security key. And also, any information that is sent across your network is encrypted so that only computers that have the key to decrypt the information can read it. Known Wireless network encryptions are:
Wired Equivalent Privacy (WEP)
Wi-Fi Protected Access (WPA) and WPA-2.
Always try to use WPA2 encryption to encrypt the network traffic and improve wireless network security. For most of the latest routers, WPA2 encryption is supported. So far, WAP2 is the best and strongest encryption among WEP, WPA and WPA2 encryptions.
If you are using old wireless router that only support WPA/WEP encryption, try to upgrade the router firmware to have WPA2 support by checking what is the latest firmware for your router from vendor website. This is because WPA/WEP encryption is not secured and can be cracked after gathering enough network traffic.
Change the default SSID on Wireless Router:
Routers and access points use a wireless network name called a service set identifier (SSID). Most manufacturers use the same SSID for all of their routers and access points. Changing the default SSID to Unique SSID helps to keep your wireless network from overlapping with other wireless networks and it makes it easier for you to identify which wireless network is yours, if there are wireless network(s) nearby, because the SSID is typically shown in the list of available networks. Check the information that came with your device for instructions about how to change the default SSID.
Find below some examples of default SSID of wireless router from different vendors:
Linksys Factory default SSID: linksys
Dlink Factory default SSID: default
Netgear Factory default SSID: NETGEAR
Disable SSID Broadcast on Wireless Router:
By default, most wireless routers will broadcast the SSID to all wireless devices. That means your neighbor can detect your SSID and gain access to your network with a computer equipped with wireless network adapter. If you really want to broadcast the SSID, please make sure you enable WPA2 encryption and MAC address filtering to limit the access to your network.
Enable MAC Address Filtering on Wireless Router:
You can enable MAC address filtering to allow the computers with specific MAC address (it’s wireless adapter’s MAC address) to join the wireless network only. This is one of the methods to enhance wireless network security from unauthorized access. In order to make it work, you need to define a list of MAC address that are allowed to join the network.
Disable Wireless Router Administration by Wireless Client:
It’s advisable to disable wireless router administration by wireless clients. This means you can only access and change the router configuration after wire connecting your computer to router.
Note: You should also use https (with encryption) method to access your router administration webpage instead of http (without encryption).
Disable Remote Wireless Router Administration:
Don’t enable remote wireless router administration from Internet unless you really need it. Other Internet users would be able to find and hack your router through bruteforce password cracking or security exploits.
Note: Have a check on this feature although it’s usually disabled by default.
Use Standard or User account:
The standard account can help protect your computer by preventing users from making changes that affect everyone who uses the computer. A very good recommendation is for you to create a standard account for each user. When you are logged on to Windows with a standard account, you can do anything that you would do with an administrator account, but if you want to do something that affects other users of the computer, such as installing software or changing security settings, Windows might ask you to provide a password for an administrator account.
Filed Under: Wireless Security
About the Author: