How to secure a wifi connection. How to protect your home WiFi networks


I'll tell you a story that is still going on with one Internet provider in my city. One day, visiting a friend, I asked him for access to Wi-Fi. The network is preserved in the smartphone. While in another part of the city, I suddenly discovered that I had reconnected to a friend's Wi-Fi. How is this possible? It turns out that the Internet provider set the same network name and password on all routers that were issued to subscribers upon connection. More than a year has passed, but I still have free wifi in almost every yard. By the way, the login and password for accessing the routers are also the same. :)

Naturally, I told my friend about this funny discovery and reconfigured his router. Are you sure you are not in a similar situation?

The dangers of unauthorized access to your Wi-Fi and router

Imagine that an attacker connected to your Wi-Fi, downloaded several gigabytes of child pornography, and posted a couple of hundred extremist and other “incendiary” messages. The contract for the provision of Internet services is issued in your name, and accordingly, you will also be held accountable for violating the law.

Even if the connected person does not commit illegal actions, he can download and distribute for days large files(including illegal content from torrent trackers), which will affect the speed and stability of your Internet connection. The network is full of stories about free neighbor Wi-Fi. Perhaps you, too, are that good neighbor?

The situation when an outsider knows the login and password for the router itself includes all the risks listed above, and also adds several new ones.

For example, the prankster simply changes the Wi-Fi password and you lose access to the Internet. He may change the password to the router, and you will have to reset to factory settings and configure everything again (or call a specialist if you do not have the appropriate skills) to regain control of your equipment. The prankster himself can also reset the settings.

There is no absolute protection, but you don’t need it

There are many ways to hack networks. The likelihood of hacking is directly proportional to the motivation and professionalism of the hacker. If you haven’t made enemies and don’t have any super-valuable information, then it’s unlikely that you will be purposefully and diligently hacked.

In order not to provoke random passers-by and neighbors eager for freebies, it is enough to close basic security holes. Having encountered the slightest resistance on the way to your router or Wi-Fi, such a person will abandon his plan or choose a less protected victim.

We bring to your attention a minimum sufficient set of actions with a Wi-Fi router that will allow you to avoid becoming the object of cruel jokes or someone’s free access point.

1. Access your Wi-Fi router

The first step is to take control of your own router. You must know:

  • Router IP address,
  • login and password to access the router settings.

To find out the router's IP address, turn the device over and look at the sticker on the bottom. There, among other information, the IP will be indicated. Typically this is either 192.168.1.1 or 192.168.0.1.

The router address is also indicated in the user manual. If the box with instructions from the router is not saved, then find the user manual in in electronic format Google will help.

You can find out the router address yourself from your computer.

  1. On Windows, press the combination Windows keys+R.
  2. In the window that appears, type cmd and press Enter.
  3. In the window that appears, enter ipconfig and press Enter.
  4. Find the "Default Gateway" line. This is the address of your router.

Enter the received IP address of the router in the browser. You will see a login page for the router settings.

Here you need to enter your username and password, which you must know. In most cases, the default login is the word admin, and the password is either an empty field or also admin (the default login and password are also listed at the bottom of the router). If you got the router from your Internet provider, then call them and find out.

Without the ability to change settings, you essentially lose control over your own equipment. Even if you have to reset your router and set everything up again, it will be worth it. To avoid problems with accessing the router in the future, write down your username and password and store them in a safe place without access to others.

2. Create a strong password to access the router

Having gained access to the router, the first thing you need to do is change the password. Router interfaces vary depending on the manufacturer, specific model and firmware versions. The user manual for your router will help you with this matter, as well as with subsequent steps to improve protection.

3. Come up with a unique name (SSID) for your Wi-Fi network

If your neighbors are completely new to technology, then a network name like fsbwifi or virus.exe may scare them away. In fact, a unique name will help you better navigate among other access points and uniquely identify your network.

4. Create a strong password for your Wi-Fi network

By creating a password-free access point, you essentially make it public. A strong password will prevent strangers from connecting to your wireless network.

5. Make your Wi-Fi network invisible

You will reduce the likelihood of an attack on your network if it cannot be detected without special software. Hiding the access point name improves security.

6. Enable encryption

Modern routers support various methods encryption of data transmitted over a wireless network, including WEP, WPA and WPA2. WEP is inferior to others in terms of reliability, but is supported by older equipment. WPA2 is optimal in terms of reliability.

7. Disable WPS

WPS was created as a simplified way to create wireless networks, but in reality it turned out to be extremely vulnerable to hacking. Disable WPS in your router settings.

8. Enable MAC address filtering

Router settings allow you to filter network access by unique identifiers called MAC addresses. Every device that has network card or network interface, has its own MAC address.

You can create a list of MAC addresses trusted devices, or block connections to devices with specific MAC addresses.

If desired, an attacker can spoof the MAC address of the device from which he is trying to connect to your network, but for an ordinary household wireless point access, such a scenario is extremely unlikely.

9. Reduce Wi-Fi signal range

Routers allow you to change the signal strength, thus increasing or decreasing the range of the wireless network. Obviously, you only use Wi-Fi inside your apartment or office. By reducing the transmission power to a value where the network signal is reliably received only within the premises, you, on the one hand, will make your network less noticeable to others, and on the other hand, reduce the amount of interference for neighboring Wi-Fi.

10. Update your router firmware

There is no perfect technology. Craftsmen find new vulnerabilities, manufacturers close them and release “patches” for existing devices. By periodically updating your router's firmware, you reduce the likelihood that an attacker will take advantage of flaws in older versions of the software to bypass security and gain access to your router and network.

11. Block remote access to the router

Even if you protect your wireless network and login with passwords, attackers will still be able to access your router via the Internet. To protect your device from such external interference, find the function in the settings remote access and turn it off.

12. Firewall

Some routers have a built-in firewall - a means of protecting against various network attacks. Look in your router's security settings for a feature with a name like Firewall, Firewall, or Firewall" and turn it on if it is present. If you see Extra options firewall, read in official instructions how to set them up.

13.VPN

They create something like an encrypted tunnel for secure data transfer between the device and the server. This technology reduces the likelihood of theft personal information and makes it difficult to try to find the user's location.

To use a VPN, you need to install a special client program on your gadget. Such software exists for mobile devices and computers. But some routers can also be connected to VPN services. This function allows you to protect all your gadgets at once. local Wi-Fi network, even if they do not have special programs.

You can find out whether your router supports VPN in the instructions or on the manufacturer’s website. The same applies to the necessary settings.

Security in Wi-Fi networks has been constantly improved since its inception. wireless technology. IN Lately it has developed so much that almost all modern routers are protected from possible attacks by strong passwords, complex methods encryption, built-in firewalls and many other means of protection against intruders. But what happens if the encryption algorithms that have so far made Wi-Fi one of the most secure protocols are broken?

This is exactly what happened in the fall of 2017, when Belgian researchers from the University of Leuven found several critical vulnerabilities in the WPA2 protocol and published a detailed report about it. The WPA2 protocol is used to secure most Wi-Fi networks in the world and is considered the most reliable security tool available for mass use.

Content

How to protect your data if Wi-Fi no longer guarantees security?

The fact that WPA has been hacked is alarming news that affects many electronic devices, however, there is no cause for alarm.

Essentially, researchers have found a vulnerability in the Wi-Fi protocol that makes wireless traffic potentially eavesdropping on attackers. In other words, anyone can use this flaw in network security to spy on other people’s actions on the Internet and steal numbers credit cards, passwords, intercept messages in instant messengers, etc.

Fortunately, manufacturers of many gadgets have already managed to improve and finalize their devices, eliminating the found vulnerability. And besides, WPA2 is far from the only wall of protection between a hacker and users’ personal data.

To hack someone else's Wi-Fi, the attacker, firstly, needs to position his receiving antenna within the range of the radio channel, and secondly, most of the information on the Internet is transmitted in an already encrypted form, and the hacker will not be able to read it in any case.


The https protocol, which most web servers run on, adds an extra layer of security to your connection, just like using a VPN service.

That's why you should always remember the padlock icon in your browser's address bar. If the small padlock is not displayed there, it means that the site does not use the https protocol, and all information entered into forms, including passwords, may be accessible to third parties.

That's why before you send your home address or payment details anywhere, you should always make sure there is a padlock in the address bar.

All leading software developers almost immediately after the news of the vulnerability Wi-Fi protocol have released appropriate patches for their products. For example, Microsoft released an update for Windows in October 2017. Apple also fixed its operating macOS systems and iOS around the same time.

Google released an update for Android in November, so every owner of a device running this platform should check the About section in their phone or tablet's settings to find out when it was released. Last update security systems. If it was run before November and your phone is running Android 6 or higher early version OS, then you need to update it.

Which wireless security standard should you prefer?

Wireless routers can use a wide range of various protocols for data encryption. Here are the three main standards that most home and office routers work with:

1.Wired Equivalent Privacy (WEP): This protocol was introduced in 1997 immediately after the development of the 802.11 Wi-Fi standard; Currently, WEP is considered insecure and has been replaced by security technology since 2003 WPA information with TKIP encryption method.

2. Temporal Key Integrity Protocol (TKIP). This standard is also obsolete and is gradually falling out of use. But unlike WEP, it can still be found in the firmware of many models of modern equipment.

3.Advanced Encryption Standard (AES). This standard was introduced immediately after TKIP in 2004, along with the updated and improved WPA2 connection certification system. Routers that work specifically with this technology should be given preference when choosing a new one. network equipment. Gadgets connected to a wireless network must also support AES in order to interact properly with such routers. Despite the vulnerability mentioned above, WPA2 is still considered the best method Wi-Fi protection. Currently, router manufacturers and ISPs typically use WPA2 as a standard; some of them use a combination of WPA2 and WPA to do possible job with the widest range of wireless gadgets.

IN technical documentation You can also sometimes see the letters PSK attached to routers, which stand for Pre-Shared-Key or Personal Shared Key. When given a choice, it is always better to give preference to models with WPA2-PSK (AES) instead of WPA2-PSK (TKIP), but if some older gadgets cannot connect to the router, then you can go for WPA2-PSK (TKIP). TKIP technology uses modern method WPA2 encryption, leaving older TKIP-dependent devices able to connect to wireless routers.

How to secure your Wi-Fi

Disabling WPS

WPS stands for Wi-Fi Protected Setup, it is a standard and at the same time a protocol that was created to make customization wireless connections easier. Despite its practicality and functionality, this solution contains a serious flaw: the eight-digit PIN code, consisting only of numbers, is easily broken by primitive guessing methods, and this creates a convenient starting point for hackers who want to take over someone else's Wi-Fi.

To find out whether it is used or not wireless router WPS protocol, you need to take a closer look at the box in which it comes: WPS support is indicated by the presence of a special logo on the packaging and a separate physical button on the device body. From the point of view of protection against hacking, it is better to disable this protocol and never use it.

Protecting a private WiFi network is the most important moment while creating home group. The fact is that the access point has a fairly large range of action, which can be taken advantage of by attackers. What to do to prevent this? How to protect a private wireless network from attacks by unscrupulous people? This is exactly what this article will discuss.

How to protect your home WiFi networks

Before moving on to the question of how to protect your private home WiFi network, you should understand how it works. So, to organize a home wireless network, as a rule, a router is used, which acts as an access point. In order to become a member of the group you need to connect to it.

This suggests that to protect confidential information, it is necessary to deny access to the router to unauthorized people. How it's done? There are several points here:

  • Long and complex password to enter the router settings menu.
  • Strong password to connect to a Wi-Fi network.
  • Selecting a secure encryption type.
  • Using a MAC filter.
  • Access settings in the operating system.

As you can see, there are quite a lot of security settings. This is necessary, since protecting the confidentiality of the Wi-Fi network depends on it. However, most of them are in the router settings.

So, let's look at all these points in order.

WiFi network protection: Video

Key to enter the router settings menu

Since almost all security settings are set in the router, we need to come up with a complex password to enter the settings system. In addition, a login is used here, which must also be original and complex. How to do it?

First of all, it is worth noting that each router has a different interface, but the principle of operation is almost the same for all. We will look at how to change the router login password using the D-LinkDIR-615 model as an example.

First, connect to the router via wireless communication or via cable. After that, open a browser and enter the address of your router in the address bar. It is indicated on the bottom cover of the device, as well as in the instructions.

How to easily find out the IP address of a WiFi router: Video

In the overwhelming majority, this is the following address - 192.168.0.1 (the following addresses can also be used - 192.168.1.1 or 192.168.2.1).

After entering the address, the system will prompt you to enter your login and password. Initially specified as admin, admin respectively. It is these values ​​that will now need to be changed, since the manufacturer uses an insecure login and key so that the user can easily enter the settings and change the data at his discretion.

After entering, press “Enter”. Here we are in the router settings menu. At the bottom of the screen you need to click “Advanced settings”. Several will appear additional sections, among which you need to find “System” and select “Administrator Password”. This is the very key that we need to change.

In the window that appears, you just need to enter New Password and confirm it. Next, just click “Apply”. At this point the process of changing the key is completed, and now the protection of your home wireless WiFi the network has become higher.

How to find out the password for your WiFi connection in the router settings: Video

note that this model The router does not allow you to change the administrator login. However, devices from other manufacturers or even just other models allow you to set any login to log into the system.

Wi-Fi network key

Very important parameter, on which the protection of information in Wi-Fi networks depends - this is the network password. It prevents unauthorized connection intruders to the router using a wireless connection. That is why the network key must be long and complex.

It is worth noting that initially the router does not have Wi-Fi connection protection at all. In other words, anyone within the coverage area can connect to the device without entering passwords.

To fix this, we need to go back to the router settings menu. Now we are interested in the “WiFi” section, in which we need to find and open the security settings. In the window that opens, we will need to select the encryption type (type of authentication). This is also an important parameter that affects network security.

So, select the encryption type WPA-PSKWPA2-PSKmixed. This is the recommended secure type of authentication and provides the most reliable protection. A line will appear below in which you must enter the network key. Enter the invented values. It is recommended to use a mixture Latin letters and numbers. Moreover, the number of characters must be at least 8-12.

Router MAC filter

Each device equipped network adapters, computer, laptop, smartphone, tablet and so on, has a unique MAC address. In order to increase network security, it is recommended to install a filter for such addresses. In other words, in the router settings you can allow connections only to trusted devices by specifying their addresses.

To do this, go to the router settings menu again. In the “WiFi” section we find the MAC filter and open it. The window that appears has two tabs:

  • Filter mode.
  • MAC addresses.

The first is the regime. Here you can choose one of three options:

  • Allow – the specified MAC addresses will be allowed access to the network. Everyone else will not be able to connect to the group.
  • Deny – denies network access to the specified addresses.
  • Disable – filter mode is disabled.

In the first tab, select the appropriate mode. And in the second we enter the required MAC addresses. If you select the “Allow” mode, you must enter the addresses of only trusted computers. If the “Deny” mode is set, then you only need to enter the addresses of third-party PCs.

How to set up a MAC filter in a router: Video

Setting up access in the OS

The operating system also has built-in data protection features. In order to increase security, we need to enter the Network and Sharing Center. This is done by pressing right click mouse over the connection icon in the tray.

In the window that opens, you need to open the item “Change settings public access" A menu will open in which you can configure access, enable or disable PC detection on the network, and much more. First of all, you need to enable access from password protection. In this case, the system will independently generate a complex password. Write it down, because if you later want to provide access to any files, you will need it.

In order to configure maximum system protection, you should disable access in all points. There is nothing complicated here, carefully read the prompts on the screen.

So, now you know how to protect your private WiFi network from intruders. Now no one else will be able to connect to your group and harm information or steal important data.

How to determine who is connected to the network

We've sorted out the security settings. Now we can move on to the question of how to determine who will connect to my home WiFi networks. Everything is very simple. The router registers the MAC address of each group member. Therefore, we just have to go into the router settings and look at the statistics. We are again interested in the “WiFi” section, only now we select the “Station List” item. If you are using a TP-LINK router, then you need the “Statistics” section.

The station list displays the MAC addresses of everyone in this moment connected to the network. Here you can disconnect one or another connection. As we already know, every computer has a unique MAC address. Now you know how to check who is connected to my private WiFi network.

To find out the value that your computer is using, just go to the Network and Sharing Center. You will see your connection in the center of the screen that appears. In the right half you will see the “Connect or disconnect” section, and a little lower - the type of access and connection. Click on the connection type and select “Details” in the menu that appears. Here you will find the "Physical Address" line. This is the MAC address of your network adapter.

How to find out who is using my WiFi: Video

I have more than 10 years of experience in the IT field. I am engaged in designing and setting up commissioning works. We also have extensive experience in building networks, system administration and working with access control and video surveillance systems.
I work as a specialist at the Techno-Master company.

article


  • Kaspersky Lab blog article.
  • VPN Kaspersky Secure Connection
  • Microsoft support site.

  1. (System Tools → Password).
  2. article.
  3. Click Save (Save).

Router interfaces vary depending on the manufacturer, specific model and firmware version. To navigate the router settings, use the user manual for your model. As a rule, it is included with the router, or you can download it from the device manufacturer's website.

  1. Enter the router's IP address in address bar browser. You will be taken to the login page for the router settings. The router's IP address is listed on the back of the device and in the user manual.
  2. On the login page, enter your username and password. If you haven't changed them, they are located on the back of the router.
  3. On the router settings page, go to the section ( Wireless → Basic Settings).
  4. In field Wireless network name (Wireless Network Name
  5. Click Save (Save).

Router interfaces vary depending on the manufacturer, specific model and firmware version. To navigate the router settings, use the user manual for your model. As a rule, it is included with the router, or you can download it from the device manufacturer's website.

  1. Enter the router's IP address into the address bar of your browser. You will be taken to the login page for the router settings. The router's IP address is listed on the back of the device and in the user manual.
  2. On the login page, enter your username and password. If you haven't changed them, they are located on the back of the router.
  3. On the router settings page, go to the section Wireless mode→ Basic settings (Wireless → Basic Settings).
  4. Uncheck Enable SSID Broadcast (Enable SSID Broadcast).
  5. Click Save (Save).

Disable WPS

Router interfaces vary depending on the manufacturer, specific model and firmware version. To navigate the router settings, use the user manual for your model. As a rule, it is included with the router, or you can download it from the device manufacturer's website.

  1. Enter the router's IP address into the address bar of your browser. You will be taken to the login page for the router settings. The router's IP address is listed on the back of the device and in the user manual.
  2. On the router settings page, go to the section Wireless mode → WPS (Wireless → WPS).
  3. Click Disable (Disable).

Enable encryption

Router interfaces vary depending on the manufacturer, specific model and firmware version. To navigate the router settings, use the user manual for your model. As a rule, it is included with the router, or you can download it from the device manufacturer's website.

  1. Enter the router's IP address into the address bar of your browser. You will be taken to the login page for the router settings. The router's IP address is listed on the back of the device and in the user manual.
  2. On the login page, enter your username and password. If you haven't changed them, they are located on the back of the router.
  3. On the router settings page, go to the section ( Wireless → Wireless Security).
  4. Select WPA/WPA2 - Personal.
  5. In field Version (Authentication Type) select WPA2-PSK.
  6. In field Encryption (Encryption) select AES.
  7. Click Save (Save).

article.

Router interfaces vary depending on the manufacturer, specific model and firmware version. To navigate the router settings, use the user manual for your model. As a rule, it is included with the router, or you can download it from the device manufacturer's website.

  1. Enter the router's IP address into the address bar of your browser. You will be taken to the login page for the router settings. The router's IP address is listed on the back of the device and in the user manual.
  2. On the login page, enter your username and password. If you haven't changed them, they are located on the back of the router.
  3. On the router settings page, go to the section Wireless Mode → Wireless Security (Wireless → Wireless Security).
  4. Select WPA/WPA2 - Personal.
  5. In field Wireless password (Wireless Password
  6. Click Save (Save).

Router interfaces vary depending on the manufacturer, specific model and firmware version. To navigate the router settings, use the user manual for your model. As a rule, it is included with the router, or you can download it from the device manufacturer's website.

  1. Enter the router's IP address into the address bar of your browser. You will be taken to the login page for the router settings. The router's IP address is listed on the back of the device and in the user manual.
  2. On the login page, enter your username and password. If you haven't changed them, they are listed on the back of the router.
  3. On the router settings page, go to the () section.
  4. Click Add (Add New).

  1. Included (Enabled).
  2. Click Save (Save).

  1. Click Turn on (Enable).
  2. Select ().

Router interfaces vary depending on the manufacturer, specific model and firmware version. To navigate the router settings, use the user manual for your model. As a rule, it is included with the router, or you can download it from the device manufacturer's website.

  1. Enter the router's IP address into the address bar of your browser. You will be taken to the login page for the router settings. The router's IP address is listed on the back of the device and in the user manual.
    2. TP-Link
    1. In the window Network connections press twice.
    2. In the window State click Wireless Network Properties.
    3. In the window Wireless Network Properties go to the tab Safety.
    4. Select security type WPA2-Personal article.
    5. Click OK.
    6. Close the window State.

    Windows 10, Windows 7, 8, 8.1, 10.

    For all products: Software compatible

    For all products: Purchase and license

    For all products: Before installation

    For all products: Getting started

    For all products: Program settings

    For all products: Uninstall programs

    For all products: Errors

    For all products: Secure Payments

    For all products: Diagnostics and reports

    For all products: Articles on My Kaspersky

    For all products: Windows Articles

    When you connect to public Wi-Fi networks, for example, in a cafe, data is transmitted unencrypted. This means that your passwords, logins, correspondence and other confidential information become available to attackers. Email addresses can be used to send spam, and the data on your page social network can be changed.

    Home Wi-Fi networks are also at risk. Even the most high level protection for wireless networks: WPA2 encryption - can be “hacked” using the key reinstallation attack (KRACK). For more details, see the Kaspersky Lab blog article.

    Always follow these guidelines when connecting to any Wi-Fi network:

  • Make sure that you have Firewall installed and enabled. This security component checks network traffic and protects your computer from network attacks.
    Firewall is included in Kaspersky Lab programs: Kaspersky Internet Security, Kaspersky Anti‑Virus, Kaspersky Total Security, Kaspersky Security Cloud and Kaspersky Small Office Security.
  • Use protected HTTPS connection. Make sure your browser's address bar is green or gray icon castle For more details, see the Kaspersky Lab blog article.
  • Secure your connection with a VPN, adding another layer of encryption. To do this, install Kaspersky Secure Connection on your device and enable a secure connection every time you connect to the Internet.
  • If you use operating system Windows, turn off File and Printer Sharing for all public networks you connect to. Instructions on the Microsoft support site.
  • If possible, use Mobile Internet instead of public Wi-Fi networks.

Create a strong password to access the router

As a rule, a standard login and password are used to access the router settings. An attacker can find out the login and password for your router by downloading the user manual for the device from the manufacturer’s website. To prevent this from happening, change the router password.

Router interfaces vary depending on the manufacturer, specific model and firmware version. To navigate the router settings, use the user manual for your model. As a rule, it is included with the router, or you can download it from the device manufacturer's website.

For example, we show the setting TP-Link router TL-WR841N. To change the password to access the router:

  1. Enter the router's IP address into the address bar of your browser. You will be taken to the login page for the router settings. The router's IP address is listed on the back of the device and in the user manual.
  2. On the login page, enter your username and password. If you haven't changed them, they are located on the back of the router.
  3. On the router settings page, go to the section System Tools→ Password (System Tools → Password).
  4. Enter your username, old and new password to access the router. Recommendations for creating a strong password are in the article.
  5. Click Save (Save).

The password to access the router will be changed.

Create a unique name (SSID) for your Wi-Fi network

Rainbow tables are often used to crack passwords. Pre-built rainbow tables for popular SSIDs store millions of possible passwords. If your SSID and password are in such a table, an attacker can instantly recover your network password using special programs.

To increase the security of your home wireless network, come up with an uncommon SSID.

Router interfaces vary depending on the manufacturer, specific model and firmware version. To navigate the router settings, use the user manual for your model. As a rule, it is included with the router, or you can download it from the device manufacturer's website.

For example, we show the configuration of the TP-Link TL-WR841N router. To change the Wi-Fi network name:

  1. Enter the router's IP address into the address bar of your browser. You will be taken to the login page for the router settings. The router's IP address is listed on the back of the device and in the user manual.
  2. On the login page, enter your username and password. If you haven't changed them, they are located on the back of the router.
  3. On the router settings page, go to the section Wireless mode → Basic settings (Wireless → Basic Settings).
  4. In field Wireless network name (Wireless Network Name) come up with and enter a name for the Wi-Fi network.
  5. Click Save (Save).

The name for the Wi-Fi network will be changed.

Make your Wi-Fi network invisible

In the router settings, hide the network name. Your Wi-Fi network will not appear in the list of available wireless networks. It will be impossible to detect it without special software.

Router interfaces vary depending on the manufacturer, specific model and firmware version. To navigate the router settings, use the user manual for your model. As a rule, it is included with the router, or you can download it from the device manufacturer's website.

For example, we show the configuration of the TP-Link TL-WR841N router. To make a Wi-Fi network invisible to other devices:

  1. Enter the router's IP address into the address bar of your browser. You will be taken to the login page for the router settings. The router's IP address is listed on the back of the device and in the user manual.
  2. On the login page, enter your username and password. If you haven't changed them, they are located on the back of the router.
  3. On the router settings page, go to the section Wireless mode → Basic settings (Wireless → Basic Settings).
  4. Uncheck Enable SSID Broadcast (Enable SSID Broadcast).
  5. Click Save (Save).

Your Wi-Fi network will be invisible to other devices.

Disable WPS

WPS technology is designed to make it easier for devices to connect to Wi-Fi networks. Using WPS you can connect to your router without a password. We recommend disabling WPS in your router settings.

Router interfaces vary depending on the manufacturer, specific model and firmware version. To navigate the router settings, use the user manual for your model. As a rule, it is included with the router, or you can download it from the device manufacturer's website.

For example, we show the configuration of the TP-Link TL-WR841N router. To disable WPS:

  1. Enter the router's IP address into the address bar of your browser. You will be taken to the login page for the router settings. The router's IP address is listed on the back of the device and in the user manual.
  2. On the login page, enter your username and password. If you haven't changed them, they are listed on the back of the router.
  3. On the router settings page, go to the section Wireless mode → WPS (Wireless → WPS).
  4. Click Disable (Disable).

WPS technology will be disabled.

Enable encryption

When working on a network with weak encryption, your data can be intercepted by attackers. If you connect to home network and receive a message about weak encryption, change the encryption type to a more secure one. Common wireless encryption types: WEP, TKIP, WPA, WPA2 (AES/CCMP).

The main difference between them is the level of protection. We recommend WPA2 as it is the most secure available.

Router interfaces vary depending on the manufacturer, specific model and firmware version. To navigate the router settings, use the user manual for your model. As a rule, it is included with the router, or you can download it from the device manufacturer's website.

For example, we show the configuration of the TP-Link TL-WR841N router. To change the wireless encryption type:

  1. Enter the router's IP address into the address bar of your browser. You will be taken to the login page for the router settings. The router's IP address is listed on the back of the device and in the user manual.
  2. On the login page, enter your username and password. If you haven't changed them, they are located on the back of the router.
  3. On the router settings page, go to the section Wireless Mode → Wireless Security (Wireless → Wireless Security).
  4. Select WPA/WPA2 - Personal.
  5. In field Version (Authentication Type) select WPA2-PSK.
  6. In field Encryption (Encryption) select AES.
  7. Click Save (Save).

Wi-Fi network encryption will be enabled.

Create a strong password for your Wi-Fi network

Without a password, your Wi-Fi network will be accessible to everyone. A strong password will not allow strangers to connect to it. Recommendations for creating a strong password are in the article.

Router interfaces vary depending on the manufacturer, specific model and firmware version. To navigate the router settings, use the user manual for your model. As a rule, it is included with the router, or you can download it from the device manufacturer's website.

For example, we show the configuration of the TP-Link TL-WR841N router. To create a password:

  1. Enter the router's IP address into the address bar of your browser. You will be taken to the login page for the router settings. The router's IP address is listed on the back of the device and in the user manual.
  2. On the login page, enter your username and password. If you haven't changed them, they are located on the back of the router.
  3. On the router settings page, go to the section Wireless Mode → Wireless Security (Wireless → Wireless Security).
  4. Select WPA/WPA2 - Personal.
  5. In field Wireless password (Wireless Password) create and enter a password for the Wi-Fi network.
  6. Click Save (Save).

A password for the Wi-Fi network will be created.

Enable MAC Address Filtering

Each device that has a network card or network interface has its own MAC address. Create a list of MAC addresses of trusted devices or deny connections to devices with specific MAC addresses.

Router interfaces vary depending on the manufacturer, specific model and firmware version. To navigate the router settings, use the user manual for your model. As a rule, it is included with the router, or you can download it from the device manufacturer's website.

For example, we show the configuration of the TP-Link TL-WR841N router. To configure MAC address filtering for trusted devices:

  1. Enter the router's IP address into the address bar of your browser. You will be taken to the login page for the router settings. The router's IP address is listed on the back of the device and in the user manual.
  2. On the login page, enter your username and password. If you haven't changed them, they are listed on the back of the router.
  3. On the router settings page, go to the section Wireless Mode → MAC Address Filtering (Wireless → Wireless MAC Filtering).
  4. Click Add (Add New).

  1. Enter MAC address, device description and select status Included (Enabled).
  2. Click Save (Save).

  1. Click Turn on (Enable).
  2. Select Allow access to stations specified in enabled rules from the list (Allow the stations specified by any enabled entries in the list to access).

Only those devices whose MAC addresses you added to the list will have access to the router.

Reduce Wi-Fi signal range

In the router settings, reduce the transmission power to a value where the network signal can only be received within your premises. Reduced radius Wi-Fi signal will not allow strangers to connect to it.

Router interfaces vary depending on the manufacturer, specific model and firmware version. To navigate the router settings, use the user manual for your model. As a rule, it is included with the router, or you can download it from the device manufacturer's website.

For example, we show the configuration of the TP-Link TL-WR841N router. To reduce the Wi-Fi signal range:

  1. Enter the router's IP address into the address bar of your browser. You will be taken to the login page for the router settings. The router's IP address is listed on the back of the device and in the user manual.
    2. TP-Link
    1. In the window Network connections double click Wireless network connection.
    2. In the window State click Wireless Network Properties.
    3. In the window Wireless Network Properties go to the tab Safety.
    4. Select security type WPA2-Personal and change the network security key. Recommendations for creating a strong password are in the article.
    5. Click OK.
    6. Close the window State.

    The Wi-Fi network key and security type will be changed.

    After changing home network settings Wi-Fi devices will not be able to automatically connect to this network, so you need to connect to the wireless network again. Look detailed instructions Online Microsoft support for Windows 10, Windows 7, 8, 8.1, 10.

Today every third user world wide web widely applies entangle the whole house, offering high speed access to the Internet for all devices. And that’s right, why not use this opportunity when, sitting in a chair, lying on the sofa or in bed before going to bed, you have access to the Internet from a smartphone or.

In this whole practically beneficial situation, there is one big “BUT” - users very rarely follow the security rules that directly relate to access to Wi-Fi. As time passes, we begin to notice that the speed of the Internet connection has decreased, and the printer suddenly began to be interested in “nude photos”, occasionally printing them! The actions of a “prankster” who connects to your network are not limited easy access to the Internet or to a printer, with a little skill, more confidential information becomes available to a third-party user, for example, your funds in electronic wallets. Therefore, protecting the wireless network and yourself personally is task number one, especially for users living in an apartment building.

How to secure Wi-Fi access from external intrusion

Usually the user, having noticed incorrect operation computer connected to the network, hurries to apply a reset. This is apparently similar to system unit, which suddenly froze. And here, we are looking for a thin object to get to the hidden “Reset” button on the network equipment case. Often, such actions save short term, and the situation is in a hurry to repeat itself...

Ways to protect Wi-Fi access:

  1. The main step towards security will be to simply change your access password. After all, after configuration by a specialist (or self-configuration), the equipment continues to store factory credentials. And here, there is no need to be " computer genius"to enter the settings panel via the web interface!
    Note! The ability to configure the router control panel is not available on all equipment models, so next tip more practical in execution.
  2. The next request concerns the network access password. Users are careless when choosing this cipher. Sometimes we refer to our weak memory, but at the same time we reset it with enviable consistency!
    Therefore, it is better to configure the WPA2 encryption algorithm once and come up with a 10-digit password that you will change at least occasionally. Choose for him random set letters and numbers, and simply write down the combination you came up with on a piece of paper or on the box from the router.


    Note! Don't create readable passwords. Surnames and first names in English layout– hard to come up with, but easy to find!
  3. Next, it would be a good idea to abandon the WPS function, which creates a digital PIN code for new devices. The function is active by default on most access point models. If you don't have to constantly connect various smartphones or tablets, then there will be no difficulties.
    Note! Even if there is a need to regularly connect new gadgets, it is enough to enter the access password every time! Low cost for home network security.
  4. The next recommendation is more about attentiveness. Get into the habit of correctly leaving the router’s web interface, that is, not just closing the browser tab, but rather “exiting the control panel.”
    This precaution is associated with some features of Internet browsers. When visiting pages, browsers save cache and cookies, which are responsible for storing temporary files and resource information. You may have previously noticed that after leaving the site, re-authorization is not required. So this is another loophole for a random attacker!
    Note! It would be a good idea to get into the habit of clearing the cache and cookie of the browser you actively use (read how to do this in the article:,).
  5. The following steps are more likely to be addressed to experienced users, as they carry some risk. So, first we’ll change the router’s subnet, since it is set by default and is known to many. Typically, it is an address:
    • 192.168.0.0
    • 192.168.1.0
    • 192.168.1.1

    Moreover, the address is indicated on the device body; nothing prevents us from changing the IP address via the web interface and giving the local subnet a new name, different from the factory one.







2024 gtavrl.ru.