A short article about making your home Wi-Fi network secure
I suspect that most of us have noticed that when we have a Wi-Fi enabled piece of kit, be it a router, a phone, a games machine or likewise we can often see other Wi-Fi networks available to us when we are searching for our own home Wi-Fi network. Should we be concerned about this? Are we safe? Can our home computers be ‘hacked’ into and is anyone else using our Wi-Fi network?
The simple answer is that we might be safe, but why take the risk when it is quite easy to improve the security of our home Wi-Fi network.
I am in no way an expert on this but I learnt from experience the hard way. One afternoon whilst working online I noticed an unknown PC on our home network. It had the name “Jo’s PC” and it was blatantly sitting there for my partner and I to see. We had only just installed a new Wi-Fi network and had yet to put proper security into place, but at that point we knew that it was a matter of urgency.
Fortunately for us when we delved deeper into the system it appeared that nothing was tampered with and no viruses were installed on our computers. We both use Macs so there was less chance of this happening anyway, but the fact was that someone had broken into our network.
After some research we found that WEP password encryption that has been around since 1999 can be broken in about 5 minutes. We have always used WEP, as most people do, but this is not a secure or viable solution anymore. What was even more surprising is that people using powerful aerial boosters could find our home Wi-Fi network from up to 5kms away and, if they had the knowledge, break into our network. Why should we pay for someone else to use our Wi-Fi network and internet connection? Furthermore, what damage could they do to my computer or what kind of problems could they cause me with my ISP. What if they download illegal movies. Used our network for sending spam. Or worse. It doesn’t even bear thinking about.
So what did we do? I’ll tell you in the points below:
1. Change the default administrator passwords and usernames
At the centre of most Wi-Fi home networks is the access point or router. To set up these pieces of equipment, manufacturers provide web pages that allow owners to enter their network address and account information. These web tools are protected with a username and password login screen so that only the rightful owner can do this. The trouble is that the logins provided are simple and very well-known to hackers on the internet. By changing these settings we immediately made the Wi-Fi network more difficult to be broken into. We also used an incredibly strong password using many numbers, characters and a mix of upper and lower-case letters. You would normally access your own router at a web address such as 192.168.0.1 through your browser. The information will be in the router manual.
2. Change from WEP encryption to WPA2
WPA2 is the second generation of Wi-Fi Protected Access whilst WEP has been around for over 10 years. The difference is that WEP doesn’t change its encryption key each time the data is transmitted, whereas WPA2 does. To illustrate just how much better WPA2 is, sources estimate that WEP can be brute-force decrypted in less than ten minutes* (even with those using a very complicated password and WEP 128-bit encryption) whereas WPA2 would likely take decades to crack. If you do not have WPA2 encryption on your router then WPA will suffice, but it too can still be broken although it would take much longer and most opportunist Wi-Fi home network hackers would not even bother to attempt it.
3. Limiting access using MAC addresses
Another precaution we took was to limit the amount of devices that could connect to our router – our WAP (Wireless Access Point). This was very simple and effective and was done by accessing our router and setting up a MAC address filter (Machine Access Code – not to be confused with Apple Mac computers).
Your router may have this feature, wherein you should be able to list a set of machines that are able to connect to the access point by using their MAC addresses. You may not have known it but every networkable device has a MAC address; be it a mobile phone, iPad, iPod, wireless card, games console, etc. Sometimes this is printed somewhere on the item itself but usually you need to look at the settings area of the item you wish to allow access to the router.
By doing this we only allow certain pieces of equipment to access our network. Anyone who tries to access it with a MAC address that is not registered is unable to gain access. As the old saying goes: “If you’re not on the list, you ain’t coming in”!
4. Using strong passwords
Yes, having a complicated password can be a pain in the rear but nowadays it is worth the extra hassle. Using numbers and unusual characters in your password is essential. Of course, write down the passwords in a small book somewhere and keep it safe, just in case you forget. There are plenty of online password generators that you can use to create a strong password. For our home network we have used an incredibly complicated and strong 56 character password that was randomly generated online. It is a slightly longwinded process when we want to add new devices to our home Wi-Fi network but we believe that the extra trouble is worth the feeling of security that we now have.
5. Enable firewalls
We have a modern network router that contains a built-in firewall so we made sure that it was on. We also made sure that the firewall built into our Macs was turned on (my boyfriend’s wasn’t but it is now!). If you do not have a firewall on your home computer it is worth considering installing and running a personal firewall software on each computer connected to the router.
Over to you
The notes above are a short guide to what we did to toughen up the security on our network. There are many other ways to improve security and we have implemented them all on our own home Wi-Fi network. You may not need to do all of the points noted above but please consider some of them.
We found the following website incredibly useful so please visit it and beef up your home Wi-Fi network security.