Skip to main content

Understanding Home Wireless Network Security

Wi-Fi SecurityWould you allow a total stranger into your house and have him use your personal computer? 

Your reply back to that may be, I have a lot of bandwidth to spare, what do I care if the guy in the apartment next to me steals a piece of my network connection. Stealing internet access is only one part of the picture in wireless security.  

The other part, as our question suggests, is giving someone access to your wireless router is like allowing them access to your house.  If you have a home network, you probably have Microsoft file sharing turned on to share files between your computers.  Do you want your files shared with total strangers?

There are thieves cruising apartment complexes not because they are looking to steal a little internet bandwidth, but because they are looking to steal your identity.  They want those files on your computer with you account numbers, and the user names and passwords to access those accounts.

You need to enable some type of wireless security on your router to keep strangers from accessing your personal network.

Secure your wireless network router

First and foremost, make sure you change the default password on your router.  Typically the router is set to default settings, with the user admin and the password is admin. Change the admin password!

The next step is to choose a type of wireless security mode.  You'll see a few choices on your router, here's a quick run down of the basics. 

Wired Equivalent Privacy (WEP) is a security protocol released in the late 1990s as a way to provide security in a wireless network comparable to that of a traditional wired network. 

The more recent and more secure protocols are Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access II (WPA2). Both were developed by the Wi-Fi Alliance to secure wireless computer networks. The current recommendation of the Wi-Fi Alliance is the use of  WPA2 encryption.

If the Wi-Fi Alliance recommends WPA2 encryption, you might ask, why is there even a choice.  If you have multiple wireless devices, you have to drop back to the lowest common denominator. From best to worst is WPA2, WPA, and WEP.  Use WPA2 if your device allows it.  If you have one device that can only work with WEP, then all the devices must be set to WEP.  The newer equipment can drop back to the old encryption schemes, but the older equipment can not use the newer schemes.

You may see other choices other than the three mentioned here, but they are for more advanced business use. The focus of this article is for home use, or small business use. 

The last step in securing your wireless router is choosing a secure shared key.  This is the password, sometimes called a pass phase, will be entered on the router, and entered again on each device as it is configured.  Use a strong password, that is something that is at least 8 digits long that is a combination of letters and numbers.  The less easy the password can be guessed, the more secure you are.  If your network name is MyBusiness make your pass phase something much more complex than MyBusiness1.
 
Other Settings on Your Wireless Network Router

One additional method of security that is often mentioned is disabling the broadcast of SSID.  This means that the name of your network will not be visible to wireless devices.

While you can make the argument that selecting disable on the Wireless SSID Broadcast is an additional layer of security.  If you have secured your wireless router as we have discussed in the previous section, someone being able to see the network will not be able to easily access it, and in many cases disabling the broadcast of SSID is more of a pain than a security enhancement.

You may also see some settings for the Wireless MAC Filter on your router, and it is also sometimes mentioned as another layer of security.  For the typical home or small business network this feature is another case of minimal extra protection, with the possibility of creating problems, rather than resolving them.

The most basic, and easiest, way to secure your router is to use the strongest encryption method possible, and use the most complex password you can.  As with the analogy of the thieves cruising your apartment complex looking for a network with an open door, they will most likely pass on the locked door if they can find one close by that is unlocked.