Some Tips To Protect Your WiFi Form Hacker's
Set up a password - or even better - an encryption key
Adding
some kind of password to your network is a way to immediately
discourage probably 99 percent of the people who could jack into your
Wi-Fi connection remotely, and it really is just about the easiest thing
ever to do to protect yourself. All you need is the Ethernet cable that
comes with a router when you pull it out of the box or installed by a
cable company, and the manual that comes with the router. By using the
cable to plug directly into the router, a computer can access the
router’s internal settings using an Internet browser. The address
(usually in the form of what’s called an IP address, generally
192.168.1.1 or something similar) gets you into the router’s inner
workings, but you need the cable to access it, so it can’t be altered
remotely. The router’s manufacturer password is also included in the
manual (usually it’s “admin” or “password”), and you should change that
too from the settings menu for added internal security to keep prying
eyes out.
From there, it’s usually as simple as going to the security settings
for your router and activating an encrypted password called a WEP or WPA
key. This is presented in the form of a long chain of letters and
numbers that the router can generate for you. You can specify a password
of your own, but the router’s generated key is a much stronger
encryption than using a password someone might be able to guess. Most
modern computers will save passwords when you connect to your home Wi-Fi
network, so you shouldn’t need to specify the network password again
when signing onto the Internet, unless something gets reset.
Turn on MAC address filtering and router firewalls
While it is absolutely essential to use a password or encryption key
to keep your Wi-Fi network secure, there are a number of other easy
steps to make it even more protected.
Each computer that uses your network has a specific number attached
to it called a “MAC (Media Access Control) address.” This is actually a
physical number assigned to the actual Wi-Fi adapter hardware in your
computer or mobile device. From the internal settings of your router,
you can determine the MAC addresses of the computers that you want to be
able to access your network and specify them to the router. Any device
that doesn’t have the right MAC address will be denied access.
In order to set MAC addresses, you’ll need to have the devices you
want to be able to use on your network connected so you can see their
addresses in the router’s “MAC Address” section. There, you can usually
just click a button that turns on the router’s MAC limiting setting, and
then select which addresses are allowed access to the network.
Most routers also have an internal firewall program you can enable
from the settings menu. This is anti-hacking software that makes a
network more difficult to access from the outside, and turning it on is
generally really easy. It’s also a good idea to protect your computers
and devices with firewall software (Windows has one built in, but it’s
not a bad idea to invest in better ones) that you can buy commercially
to protect your data even further.
There is a slight inconvenience with MAC address filters, as they can
complicate things whenever you want to add a new device to your
network. So if your wife's cousin wants to connect to the network, for
instance, you'll need to go back and add his MAC address to the router's
list. Of course, this is a small price to pay for added security.
Change your network’s SSID and make it invisible for everyone
From
within the same settings menus that you adjusted the MAC settings and
turned on your encryption key, you can also set whether your Wi-Fi
network is “discoverable.” This means that the router won’t broadcast
its ID information (called the SSID) over the air for other devices to
lock onto. Only devices that know to look for the router, like the ones
you’ve already authorized to connect to it, will be able to use your
connection.
Generally, you’ll find the ability to alter discoverability in the
security tab of your router’s settings browser window. It’s usually a
button that discusses making your network discoverable or disabling SSID
broadcast. This is also a good opportunity to change your router’s SSID
to something other than the manufacturer preset. There’s a reason you
see so many networks named "Linksys" or "D-Link" -- those are routers
that have their manufacturer defaults still activated, and they suggest
to hackers that the passwords are still set to defaults as well. Either
way, it’s easier for someone to get into your network when they have
more information, and a manufacturer SSID doesn’t help. Change it, then
make it invisible. Just remember: You don’t want your network
discoverable, and you don’t want your router to broadcast its SSID. Turn
those things off.
Assign Unique IP addresses to your devices
This gets a bit technical, but like the MAC address filtering, it’s
not nearly as complex as it at first seems. Each device that connects to
the Internet does so using what’s called an IP address. Most networks
use a system called “dynamic IP addresses,” which means that every time
you connect to your network, the system assigns a temporary IP address
to your system. That’s easy, but it also means anyone jacking into your
network can get a temporary address just as easily as you can.
Instead, look for a tab in your router’s setup menu that lets you set
“static IP addresses.” Like MAC filtering, you should be able to see
the addresses of your devices at the moment; write them down, or specify
a series of numbers to the router when you’re prompted to. These look
complex (they’re usually long, like the 192.168.1.1 address), but that
doesn’t mean they have to be complicated. You can actually set addresses
with the same sets of numbers up front, but alter the numbers at the
end to keep them consistent and easy to remember for you, but more
difficult for intruders to access.
Once you set static IP addresses, you’ll have to use the numbers you
wrote down on your computers when they try to connect to the network. In
your Network Settings, you can specify a device’s IP address so that it
always uses the same number, then you can tell your router to only
allow device’s using those specified addresses to connect. While the MAC
filtering will keep out some less in-the-know network jumpers, more
complex hackers can get around that technology; they’ll have more
trouble with your static, filtered IP addresses.
5. Avoid open, unprotected Wi-Fi networks
This
is more for when you’re out in the world than at home, using your
computer or smartphone to try to access the Internet when you’re at the
airport or in other places. Beware of open, access-free networks. If
they’re open to you, that means they’re open to other people, too, and
your sensitive information can be plucked out of the air by people who
have a little bit of expertise in this area.
“Free Public Wi-Fi,” for example, is a network that will often pop up
in public places when you’re searching for a network. Don’t connect to
it, though, as it isn’t really a free public network, and could very
well be a quick and easy way for someone with ill intentions to get
access to your computer.
For the most part, the best thing you can do is avoid open networks you don’t trust whenever possible. If you
do
decide to access an open network, limit what you do on it. Don’t access
sensitive websites or use important data like your bank passwords while
attached to the network. You should also take steps to keep your
computer from saving sensitive Internet information that could be
accessed later, like a history or cookies cache. These are bits of data
your web browser saves from websites to make accessing them easier
later. When you tell a website to save your password, for example, it
leaves a “cookie,” or small program, on your browser for use later. You
can easily clear these from your browser’s settings menu.
These are simple steps you can take to protect your network, your
data and your privacy, but the technical aspect often frightens off
people who aren’t familiar with their Internet hardware. Trust us when
we say that it’s usually less complicated than it appears. Consult your
router’s manual if you need to, and look for the keywords in your
router’s settings menu: things like “encryption key,” “firewall,”
“disabling broadcasting and IP” and “MAC address filters” are good. Once
you set them up and write the numbers down, you should be able to
breathe a little easier knowing your access to the Internet is
protected.