How to secure your router to keep hackers out

Tuesday, 18 July, 2017

If a stranger manages to get into your router, they can do a lot more than sneakily use your internet connection.

A criminal can easily look through your computer’s files, see what you’re doing online, steal passwords and usernames and every scrap of personal information they can find. If you have an unsecured home network, you are opening the doors of every device in your home to direct attack.

It is all too easy to get a new router out of the box, plug it in and never think about it again. If this sounds familiar, then you’re probably at risk right now.

With just a few simple steps, you could make your router a fortress against malicious attacks.

You will need to know how to access your router’s settings to follow many of these steps. You can check your router’s documentation, a sticker on your router or contact your ISP if you don’t know how to access the settings for your specific router. Generally, it will involve entering an IP address into your browser’s address bar – for example, ‘192.168.0.1’.

You will also need to know your router’s username and password to access your router’s settings. This is not the same password used to access your router’s WiFi. You will find your router’s username and password in your router’s documentation or on a sticker on your router.

If you’ve accessed your router’s settings, you could complete all these steps in a matter of minutes, so don’t delay.

Change your router’s username and password

If you’ve logged into your router with a default username and password, you need to change them at once. This is the first step to securing your network – many router’s default login details are incredibly generic and can be quickly guessed by an experienced attacker.

Your router’s login details are the last line of defense in your home network, so make sure you choose a suitably strong password using a mixture of numbers, lowercase letters, uppercase letters and symbols.

Turn on wireless encryption

Wireless encryption is enabled by default for almost all modern routers, but it is possible that yours is disabled for some reason. If you don’t need to enter a password to use your router’s WiFi, then your signal isn’t being encrypted.

This means absolutely anyone can get onto your network with no trouble at all.

Locate your WiFi settings on your router’s settings page and ensure that either WPA2 Personal, WPA2-PSK, or, if those aren’t available, WPA Personal is enabled. This will turn on wireless encryption.

Change your wireless password

If you’ve never changed your wireless password, or you’re enabling encryption for the first time, you will need to enter a new one now.

Although default wireless passwords tend to be more secure than router passwords, it’s still a good idea to change it.

Like any password, make sure you choose a strong one with a mix of characters. Remember, each character you add to your password makes it 100 times harder to crack, so don’t be afraid to choose a long one.

Change the network name

Every network has to have a name. You can find your router’s name under the heading, SSID. The default network name for many routers will include the name of the router’s manufacturer or your ISP. This can give vital clues to criminals as to what exploits and hacks are likely to work on your specific router.

Unlike a password, you don’t have to change your network name to a long string of letters and numbers. In fact, it will often be beneficial to change your network name to something simple and memorable.

Turn on your router’s firewall

A firewall is a program that stops unauthorised traffic from getting in (or out) of your network. Malicious software will often send information about your devices out into the web or download more malicious software onto your computer. A firewall will stop this from happening and blocks other pathways that criminals might use to get into your network.

In your router’s settings, make sure that SPI or NAT are enabled in your router’s security options. This will activate your router’s firewall.

A second firewall software running on your computer can act as a second level of security, although this can be a bit of overkill. Some legitimate programs may even struggle to run properly with firewalls enabled on both your computer and router.

If you have to choose between the two, enable the firewall on your router instead of the one on your computer. This will ensure that all devices on your network are protected.

Update your router’s firmware

Firmware is the program that keeps a piece of hardware running. If an exploit or issue is discovered with a router, the manufacturer may issue a firmware update to fix that problem. Regularly updating your firmware will keep you one step ahead of attackers, as the holes they’re trying to get through will have already been plugged.

Be aware that incorrectly installing firmware can permanently break a router, so make sure to follow the instructions exactly. Many routers will automatically do most of the work for you when you click Update Firmware, so as long as you make sure the router doesn’t lose power during the update you should have nothing to worry about.

Firmware will never automatically keep itself up to date, so make sure to manually click the Update Firmware button every month or so.

Don’t give out your information

This is the most important step, and the easiest one to follow. The truth is that most cyber crime isn’t done by hackers and lines of complex code – it is done with phone calls.

Criminals will call a victim, often pretending to be their ISP, and manipulate them into handing over their passwords or worse.

Remember, your ISP will never ask you for your password to anything, ever. As soon as someone asks you to hand over your password, you can guarantee that they have malicious intentions. Stay safe and keep your passwords secret.

Samuel Newman author picture

By:

Samuel Newman is a consumer journalist and blogger based in Sheffield.