They ask how to protect a WiFi network. In this article we will look at several techniques that will significantly complicate access to your network from unwanted users.

But when creating Wi-Fi network there is a threat to the security of your data. Everything that is transmitted over a wireless network is broadcast over a fairly significant distance and attackers can gain access to this data. In order to protect your WiFi network from such an attack, you need to take a few simple steps.

Use strong password to access the router settings

When setting up, it is necessary to change standard password. In this case, the password for accessing the router does not follow the password (key) for connecting to the network.

Use a strong security mode.

1. Wireless Mode -> Security wireless mode (Wireless -> Wireless Security).
2. In field Version (Version) select WPA2-PSK.
3. In field Encryption (Encryption) select AES.
4. Click Save (Save).

Disable WPS

Was the information useful?

General Articles: General Articles

When you connect to public Wi-Fi, such as in a café, the data is transferred unencrypted. This means that your passwords, logins, correspondence and other confidential information become available to attackers. Email addresses can be used to send spam, and the data on your page social network can be changed.

Home Wi-Fi network may also be at risk if:

• The network is protected with a light password.
• The network has a common name.
• Encryption disabled.

Open your router settings

1. Enter the router's IP address in address bar browser, you will be taken to the login page for the router settings. The router's IP address is listed on the back of the device and in the user manual.
2. On the login page, enter your username and password. They are indicated on the back of the router.

Create a strong password to access the router

As a rule, a standard login and password are used to access the router settings. An attacker can find out the login and password for your router by downloading the user manual for the device from the manufacturer’s website.

To prevent this from happening, change the router password. Use guidelines for creating strong passwords.

Create a unique name (SSID) for your Wi-Fi network

Rainbow tables are often used to crack passwords. Pre-built rainbow tables for popular SSIDs store millions of possible passwords. If your SSID and password are in such a table, then an attacker will be able to instantly recover the network password using special programs.

To increase the security of your home wireless network, come up with a non-common SSID.

Router interfaces vary depending on the manufacturer, specific model and firmware versions. To navigate the router settings, use the user manual for your model. As a rule, it is included with the router, or you can download it from the device manufacturer's website.

1. Enter the router's IP address into the address bar of the browser, you will be taken to the authorization page for the router settings. The router's IP address is listed on the back of the device and in the user manual.
2. On the login page, enter your username and password. If you haven't changed them, they are located on the back of the router.
3. On the router settings page, select Wireless Mode -> Wireless Settings (Wireless -> Wireless Settings).
4. In field Network name (Wireless Network Name) come up with and enter Wi-Fi name networks.
5. Click Save (Save).

Create a strong password for your Wi-Fi network

Without a password, your Wi-Fi network will be accessible to everyone. A strong password will not allow strangers to connect to it. Use guidelines for creating strong passwords.

Router interfaces vary depending on the manufacturer, specific model and firmware version. To navigate the router settings, use the user manual for your model. As a rule, it is included with the router, or you can download it from the device manufacturer's website.

For example, we show the setting TP-Link router TL-WR841N. To change your password:

1. Enter the router's IP address into the address bar of the browser, you will be taken to the authorization page for the router settings. The router's IP address is listed on the back of the device and in the user manual.
2. On the login page, enter your username and password. If you haven't changed them, they are located on the back of the router.
3. On the router settings page, select Wireless -> Wireless Security (Wireless -> Wireless Security).
4. In field PSK Password (PSK Password) create and enter a password for the Wi-Fi network.
5. Click Save (Save).

Make your Wi-Fi network invisible

In the router settings, hide the network name. As a result, your Wi-Fi network will not appear in the list of available wireless networks. It will be impossible to detect it without special software.

Enable encryption

When working on a network with weak encryption, your data can be intercepted by attackers. If you connect to home network and receive a message about weak encryption, change the encryption type to a more secure one. Common types of wireless encryption:

The main difference between them is the level of protection. WEP is inferior to others in reliability, but is supported by older equipment. WPA2 is the most reliable.

Router interfaces vary depending on the manufacturer, specific model and firmware version. To navigate the router settings, use the user manual for your model. As a rule, it is included with the router, or you can download it from the device manufacturer's website.

For example, we show the configuration of the TP-Link TL-WR841N router.

To change the wireless encryption type:

1. Enter the router's IP address into the address bar of the browser, you will be taken to the authorization page for the router settings. The router's IP address is listed on the back of the device and in the user manual.
2. On the login page, enter your username and password. If you haven't changed them, they are located on the back of the router.
3. On the router settings page, select Wireless -> Wireless Security (Wireless -> Wireless Security).
4. In field Version (Version) select WPA2-PSK.
5. In field Encryption (Encryption) select AES.
6. Click Save (Save).

As practice shows, most users forget or neglect protecting their home network immediately after setting a Wi-Fi password.

Securing your wireless network is not the easiest task, but it is a very important task.

Having gained access to your network, an attacker can post illegal content with impunity or take over your channel and significantly reduce the speed of your connection, for which you, by the way, pay. It can also access not only your computer, but all devices on your network.

Instead of tempting fate, let's go through simple and obvious activities that users often neglect.

Hiding the SSID

The network name or SSID (Service Set Identifier), which we see when scanning the area around, in searching for Wi-Fi. Knowing this network name, you can connect to a particular Wi-Fi network. By default, routers and access points show your network's SSID to everyone. However, it can be disabled in the section of your router or access point. There is an option in this section “enable SSID” or “Disable SSID”. We check or uncheck the box, depending on the name of the option in the corresponding router settings.

Enable encryption

The next point is channel encryption. This option is also located in the section “Wireless Settings” and is called “Encryption settings”. Expand the drop-down list and see about 5 options to choose from ( depending on the router model). How do some types of encryption differ from others?

WEP (WIRED EQUIVALENT PRIVACY).
Came out back in the late 90s and is one of the weakest types of encryption. In many modern routers, this type of encryption is completely excluded from the list of possible encryption options. The main problem with WEP is that it was designed incorrectly. WEP actually transmits several bytes of the encryption key(password) along with each data packet. Thus, regardless of the complexity of the password, you can hack any access point encrypted using WEP by intercepting a sufficient number of packets to crack the password.

WPS/QSS
WPS, also known as QSS, allows you to forget about the password and connect to the network by simply pressing a button on the router. WPS allows a client to connect to an access point using an 8-character code consisting of numbers. But not everything is so rosy. By using only numbers, The cryptographic strength of WPS is much lower than that of WEP and gaining access to your network will not be difficult.

WPA and WPA2 (WI-FI PROTECTED ACCESS)
Some of the most modern this moment No new types of encryption have been invented yet. WPA/WPA2 support two different initial authentication modes (password verification for client access to the network) - PSK And Enterprise.

WPA PSK or WPA Personal- This is the most common encryption option for home Wi-Fi networks. Connection to the network is carried out using a single password, which is entered on the device when connecting.

WPA Enterprise differs from WPA Personal in that its use requires a separate server - RADIUS (Remote Authentication Dial In User Service). Essentially, a RADIUS server is a remote user authentication service that verifies user credentials for authentication.

Setting up a MAC address filter

The most radical way to secure your home Wi-Fi network is to set up device filtering by MAC address. A MAC address is a unique identifier for your device on the network. Using it, you can filter devices that are allowed access to your network or vice versa.

We go to the router settings section, which is called “MAC Filtering”. In it we add MAC addresses that can log in to your network. The MAC address of your device can be viewed either in the properties wireless connection, In chapter "additionally", if it is a computer, or in the settings of a smartphone or tablet, in the section “About the device”. The MAC address consists of 6 blocks of 2 digits each hexadecimal system numbers separated by hyphens. For example: A0-23-1D-14-8C-C9.

Enable guest access

By restricting network access by MAC address, you will significantly increase the security level of your network. But what about friends and acquaintances who want to access the Internet through your connection, from their smartphones or tablets? Adding the MAC address of each device is clearly longer than just giving the Wi-Fi password. In this case, most modern routers provide guest access. Guest access means that the router creates a separate network with your own password , which has nothing to do with your home. You can enable guest access (if available) in the section “Home Network Settings” or in “wireless network settings”.

I'll tell you a story that is still going on with one Internet provider in my city. One day, visiting a friend, I asked him for access to Wi-Fi. The network is preserved in the smartphone. While in another part of the city, I suddenly discovered that I had reconnected to a friend's Wi-Fi. How is this possible? It turns out that the Internet provider set the same network name and password on all routers that were issued to subscribers upon connection. More than a year has passed, but I still have free wifi in almost every yard. By the way, the login and password for accessing the routers are also the same. :)

Naturally, I told my friend about this funny discovery and reconfigured his router. Are you sure you are not in a similar situation?

The dangers of unauthorized access to your Wi-Fi and router

Imagine that an attacker connected to your Wi-Fi, downloaded several gigabytes of child pornography, and posted a couple of hundred extremist and other “incendiary” messages. The contract for the provision of Internet services is issued in your name, and accordingly, you will also be held accountable for violating the law.

Even if the connected person does not commit illegal actions, he can download and distribute for days large files(including illegal content from torrent trackers), which will affect the speed and stability of your Internet connection. The network is full of stories about free neighbor Wi-Fi. Perhaps you, too, are that good neighbor?

The situation when an outsider knows the login and password for the router itself includes all the risks listed above, and also adds several new ones.

For example, the prankster simply changes the Wi-Fi password and you lose access to the Internet. He may change the password to the router, and you will have to reset to factory settings and configure everything again (or call a specialist if you do not have the appropriate skills) to regain control of your equipment. The prankster himself can also reset the settings.

There is no absolute protection, but you don’t need it

There are many ways to hack networks. The likelihood of hacking is directly proportional to the motivation and professionalism of the hacker. If you haven’t made enemies and don’t have any super-valuable information, then it’s unlikely that you will be purposefully and diligently hacked.

In order not to provoke random passers-by and neighbors eager for freebies, it is enough to close basic security holes. Having encountered the slightest resistance on the way to your router or Wi-Fi, such a person will abandon his plan or choose a less protected victim.

We bring to your attention a minimum sufficient set of actions with a Wi-Fi router that will allow you to avoid becoming the object of cruel jokes or someone’s free access point.

1. Access your Wi-Fi router

The first step is to take control of your own router. You must know:

• Router IP address,
• login and password to access the router settings.

To find out the router's IP address, turn the device over and look at the sticker on the bottom. There, among other information, the IP will be indicated. Typically this is either 192.168.1.1 or 192.168.0.1.

The router address is also indicated in the user manual. If the box with instructions from the router is not saved, then find the user manual in in electronic format Google will help.

You can find out the router address yourself from your computer.

1. On Windows, press the combination Windows keys+R.
2. In the window that appears, type cmd and press Enter.
3. In the window that appears, enter ipconfig and press Enter.
4. Find the "Default Gateway" line. This is the address of your router.

Enter the received IP address of the router in the browser. You will see a login page for the router settings.

Here you need to enter your username and password, which you must know. In most cases, the default login is the word admin, and the password is either an empty field or also admin (the default login and password are also listed at the bottom of the router). If you got the router from your Internet provider, then call them and find out.

Without the ability to change settings, you essentially lose control over your own equipment. Even if you have to reset your router and set everything up again, it will be worth it. To avoid problems with accessing the router in the future, write down your username and password and store them in a safe place without access to others.

2. Create a strong password to access the router

Having gained access to the router, the first thing you need to do is change the password. Router interfaces vary depending on the manufacturer, specific model and firmware version. The user manual for your router will help you with this matter, as well as with subsequent steps to improve protection.

3. Come up with a unique name (SSID) for your Wi-Fi network

If your neighbors are completely new to technology, then a network name like fsbwifi or virus.exe may scare them away. In fact, a unique name will help you better navigate among other access points and uniquely identify your network.

4. Create a strong password for your Wi-Fi network

By creating a password-free access point, you essentially make it public. A strong password will prevent strangers from connecting to your wireless network.

5. Make your Wi-Fi network invisible

You will reduce the likelihood of an attack on your network if it cannot be detected without special software. Hiding the access point name improves security.

6. Enable encryption

Modern routers support various methods encryption of data transmitted over a wireless network, including WEP, WPA and WPA2. WEP is inferior to others in terms of reliability, but is supported by older equipment. WPA2 is optimal in terms of reliability.

7. Disable WPS

WPS was created as a simplified way to create wireless networks, but in reality it turned out to be extremely vulnerable to hacking. Disable WPS in your router settings.

8. Enable MAC address filtering

Router settings allow you to filter network access by unique identifiers called MAC addresses. Every device that has network card or network interface, has its own MAC address.

You can create a list of MAC addresses trusted devices, or block connections to devices with specific MAC addresses.

If desired, an attacker can spoof the MAC address of the device from which he is trying to connect to your network, but for an ordinary household wireless point access, such a scenario is extremely unlikely.

9. Reduce Wi-Fi signal range

Routers allow you to change the signal strength, thus increasing or decreasing the range of the wireless network. Obviously, you only use Wi-Fi inside your apartment or office. By reducing the transmission power to a value where the network signal is reliably received only within the premises, you, on the one hand, will make your network less noticeable to others, and on the other hand, reduce the amount of interference for neighboring Wi-Fi.

10. Update your router firmware

There is no perfect technology. Craftsmen find new vulnerabilities, manufacturers close them and release “patches” for existing devices. By periodically updating your router's firmware, you reduce the likelihood that an attacker will take advantage of flaws in older versions of the software to bypass security and gain access to your router and network.

11. Block remote access to the router

Even if you protect your wireless network and login with passwords, attackers will still be able to access your router via the Internet. To protect your device from such external interference, find the function in the settings remote access and turn it off.

12. Firewall

Some routers have a built-in firewall - a means of protecting against various network attacks. Look in your router's security settings for a feature with a name like Firewall, Firewall, or Firewall» and turn it on if it is present. If you see additional firewall settings, read official instructions how to set them up.

13.VPN

They create something like an encrypted tunnel for secure data transfer between the device and the server. This technology reduces the likelihood of theft personal information and makes it difficult to try to find the user's location.

To use a VPN, you need to install a special client program on your gadget. Such software exists for mobile devices and computers. But some routers can also be connected to VPN services. This function allows you to protect all your gadgets at once. local Wi-Fi network, even if they do not have special programs.

You can find out whether your router supports VPN in the instructions or on the manufacturer’s website. The same applies to the necessary settings.

Hello! I decided to prepare an article in which to collect all the main and most important effective tips and answer your question, how to protect a Wi-Fi network. Who will we protect from? From neighbors, of course, but if you need to protect your Wi-Fi network in the office, then from colleagues from a neighboring company :). But seriously, the issue of protecting wireless networks is very relevant now, I drew conclusions from the article in which I described it. The article quickly became popular and received many comments.

Set a password to access the Wi-Fi router settings

This is the first thing you need to do when setting up protection wireless wifi networks. In the router settings, look for the “System Tools” tab, then go to the “Password” tab.

Enter old login and password, then enter a new access name in the form below and twice New Password. Come up with a good one and complex password. Consisting of letters and numbers. And most importantly, remember it yourself :). To save, click “Save”. We continue to configure Wi-Fi network protection.

Set a password for the Wi-Fi network and set the encryption type

It is imperative that you specify the type of encryption you will use for the network and set a strong password. Well, unless you have some kind of cafe and you want to do open access to Wi-Fi for visitors.

Go to the “Wireless” tab, and “Wireless Security”. Next to the WPA/WPA2 – Personal protocol, put a check mark, set the settings as in the screenshot below and in the line opposite “PSK Password:” we come up with good password. This password will be used to connect to Wi-Fi. To save, click “Save”.

The router will offer to reboot it, but if you are still making settings, you don’t have to reboot for now. But the new settings will only work after a reboot.

Another great way protection. We hide the name of the Wi-Fi network, and you can connect to it only if you know what it is called. Your network will not appear in the list of available networks.

We search and go to the “Wireless” tab. And in order to hide the SSID, simply uncheck the “Enable SSID Broadcast” item. That's it, it's simple. Click the “Save” button to save the changes.

Enable device filtering by MAC address

Enabling this function will allow you to connect to the router only those devices that MAC address and which are specified in the settings and are allowed. This is very effective protection, but if you often connect new devices, it will not be very convenient to go into the router settings and enter the MAC address of the device every time.

First, you need to find out the MAC addresses of the devices that you want to allow to connect to the Wi-Fi network. They can be viewed in the settings, read more. If this is a phone or tablet, then you can see the address in the settings, in the “About phone” section. And if the device is already connected to the router, then the entire necessary information can be found on the “DHCP” tab – “DHCP Clients List”.

So, go to the “Wireless” tab, and go to “Wireless MAC Filtering”. First, enable this service by clicking on the “Enable” button. Then check the box next to the item “Allow the stations specified by any enabled entries in the list to access.”. This means that only devices that are on the list will be able to connect to Wi-Fi.

And click the “Add New...” button in order to add the MAC addresses of devices that need to be allowed access. Enter the MAC address, description (optional), leave the status Enable (allow) and click the “Save” button.

In this way we add all the devices that you want to allow to connect to your router.

Disable QSS (WPS) service

I wrote in detail about this service and how to use it in the article. But if you do not connect new devices very often and it is not difficult for you to enter the password for the Wi-Fi network, then it is better to disable this service.

To disable, go to the “QSS” tab; for you it may also be called “WPS”, or something like that. And click the “Disabled QSS” button.

This was the last point that I advise you to do for complete Wi-Fi protection networks on your router. All that remains is to reboot the router by clicking on the “click here” link, or do it with a button on the router itself.

That's it friends, that's all I wanted to advise you to protect your wireless network. I hope that the information I have prepared for you will be useful to you. Good luck!

Also on the site:

How to protect a Wi-Fi network? Basic and effective tips updated: February 7, 2018 by: admin

Wi-Fi has become so popular that having a router is the rule rather than the exception. But, despite all the conveniences, you should take into account that it is visible to others. See for yourself how much is displayed in your home available connections. Hardly one or two, usually their number reaches a dozen or more. Likewise, neighbors can see your network among other available ones.

Few people want to outside users gained access to a personal wireless network

But if certain precautions are not taken, others may be able to connect to your connection. What does this mean? At the very least, a loss of Internet speed. You will not receive the full speed of your communication channel if someone connects to it at your expense. But the situation is much more dangerous if an attacker connects to your Wi-Fi and can use the transmitted data to his advantage.

To avoid this risk, you need to limit access to your Wi-Fi. Read below for recommendations on how this can be done.

Internet access for a specific list of devices

What is a mac address and how to find it out

To each network device Even during manufacturing at the factory, a special mac address is assigned - a kind of unique digital fingerprint. It looks like "A4-DB-30-01-D9-43". For further settings, you need to know the mac address of the individual device to which you are going to provide access to Wi-Fi. How to find him?

Windows

Option 1. Through the “Network Sharing Center”

• Between the battery and sound icons there is an Internet connection icon. Cry right click mouse - select “Network and Sharing Center”.
• “View active networks” - line “Connections”, click on the connection name - “Details”.
• The “Physical address” line will contain the mac address of the laptop.

Option 2: Through Settings (for Windows 10)

• Click “Start” - “Settings” - “Network and Internet” - “Wi-Fi” - “ Extra options" - "Properties".
• “Physical address” is the mac address of the laptop.

Option 3. Via the command line

• Hold Win+R - enter cmd (or Win+X - Command line(administrator) on Windows 8.1 and 10).
• Type the command ipconfig /all.
• In the "Wireless adapter" section local network. Wireless Network" in the "Physical Address" line contains the required information.

Android

• "Settings" - " Wireless network" - "Wi-Fi" - menu button - "Additional functions".
• The required data is in the MAC address line.

iOS

“Settings” - “General” - “About this device” - “Wi-Fi address”.

Once you have discovered the device ID, write it down or simply remember it. Now let's proceed to the next stage - we will establish access to the required equipment through the router.

Setting up the router

First, log into the settings web interface. Using a browser, go to 192.168.0.1 or 192.168.1.1. Enter your login and password - admin/admin or admin/parol. These combinations work on most devices. If there is no access, check the information on the bottom surface of the router or in its instructions.

The layout of menu items may vary depending on the manufacturer, but basic principles Applicable for all devices.

1. In the “Wi-Fi network settings” section, enable filtering by mac address, because it is initially disabled.
2. In the “MAC Address Filtering” tab, add the addresses of the devices to which you are going to provide access to Wi-Fi.

Now you can use Wi-Fi only through those devices for which you have reserved addresses. Attackers will not gain access to your data.

Other access restriction options

Replacing the network and router password

If you haven't changed your Wi-Fi password, change it. Moreover, it is advisable to do this regularly. In your network security settings, create a new password. It is equally important to replace both the factory password and login login when installing the router. The standard combination is the easiest way to access the connection.

It’s not necessarily the neighbors who steal Wi-Fi, but someone does it unscrupulously. And it seems that the connection speed allows you to share with neighbors, but sometimes it drops. What needs to be done to load the network like this? At the very least, lose your conscience and use someone else’s Internet without permission. But let's get to the point.

Situation - you are surfing the Internet through your wi-fi router. And suddenly the speed drops sharply so that pages are difficult to open. And this is not the first time. It's a completely reasonable idea that someone is stealing Wi-Fi. How to find out if someone is connected to my wifi and how to turn off strangers.

Important! All router descriptions are not universal - we're talking about information about a specific TP-LINK model and for other devices may vary. If you are not confident in your actions, you should not continue.

Find out if anyone is connected to Wi-Fi

Method one. Program. SoftPerfect WiFi Guard

This method is for those who do not want to bother too much and who will carry out diagnostics through Personal Computer. To determine who has connected to the router, you will need a program SoftPerfect WiFi Guard. We find it, for example, through Google and install it. The program is in Russian and installs quickly. Minimum settings required.

In the “main” tab of the “settings” item of the program we find the column - “ network adapter" We select the item, in my case it is Qualcomm Atheros. Click "OK". Then click “scan” in the program window.

The program will show all devices that are connected to our Wi-Fi. If only you are connected, you will see two devices (the “Info” column), which will be designated as “This computer” and “Internet gateway”. That is, your computer and the router itself.

If there are strangers, the program will show them - neighbors’ devices will be displayed in red circles. This is either your neighbors or your other devices.

Method two. Router admin panel

This method does not require additional software. We go to the admin panel of the router. After connecting to the WiFi network, enter the IP address of the router. Typically this is 192.168.1.1. On different models The address may be different - you can check it on the device body. Then enter your username/password. As a rule, this is admin/admin (you can check on the device body).

This is where the difficulties begin. The menu may be different on different router models. On my device, in the “Status” tab we find the “Wireless” item. There is a sign with the MAC addresses of connected devices. If you are connected alone, then there is only one MAC in this table. There are other addresses - neighbors steal Wi-Fi. But it’s important - at this point you can get information about the devices that are connected right now.

More information can be seen in the “Interface Setup” tab, “DHCP” item.

How to disconnect neighbors from Wi-Fi

We offer the simplest and effective way to protect your internet. Namely, we set a password. The neighbors connected to our Internet either because they hacked your password, or because you didn’t set it at all.

The algorithm can be different devices different. On mine it’s like this - in the admin panel of the router, go to the “Interface Setup” tab, “Wireless” item. In the “WPS Settings” column we find the item “Authenticatio n Ty pe". If it is “Disabled”, then change it to “WPA-PSK”. Then the “WPA-PSK” column below appears in the same tab. In the “Pre-Shared Key” field we enter a password - at least 8 characters. All that remains is to click “save”. We reconnect to our Wi-Fi, now we are required to enter a password.

As a rule, you only need to enter the password once on each device (laptop, tablet, smartphone). The device will remember it and enter it automatically.

If you forgot your wi-fi password

If you forgot your Wi-Fi password, it is impossible to recover it - it is stored in the device itself. It can only be reset. To do this, press the “reset” button for a few seconds. The router settings will be deleted and you will need to configure it again.