Leaving your wireless network unsecured is like leaving your front door open. You are likely to get unwanted guests, and just like uninvited guests in your home, users accessing the internet through your network can cause all sorts of problems. While piggybacking on your internet connection, someone with basic knowledge can see all of your internet activity. If they commit an internet crime while connected to your internet, you are the one the authorities will talk to first.
Preventing unwanted access is a simple matter of knowing how to secure your wireless internet connection, making it available only to those who have the login information. Even if you have no experience with networking or routers, you can follow these steps and create a secure connection.
First, determine if your connection is already secure by clicking on the Network icon in your system tray, or going to Network Connections in your control panel. You should see a list of wireless connections available, including the one you are connected to. Next to your connection, you should see either “secured” or “unsecured”. You may have to hold your mouse over your connection to see this information. If your connection is secure, follow the information in Steps 1 and 2 to be sure the encryption type is correct. If it is unsecured, follow the steps below to create a secure connection.
1. Establish a connection to your router through its Gateway IP address
The common address is 192.168.0.1 – simply type this directly into your address bar and Go. If this address does not work, you will need to look up your router’s Gateway IP. Listed below are how you can find this address in both Windows and Mac.
Find Gateway IP on Windows
• Click Start > Run > type “cmd” > Click “Enter” (For Windows 7 just type “cmd” into the Search bar at the bottom of the Start menu)
• Input “ipconfig/all” in the Command Prompt window when it opens, then “Enter”
• Look for the line that says “Gateway” or “Default Gateway” and jot down the number you see.
Find Gateway IP on Mac
• Go to your Finder, then Applications > Utilities and open Terminal
• Type “ipconfig –a” and hit “Enter”
• Look for the entry that says “Gateway” and make note of the number.
Once you have your Gateway IP address, type it into your browser’s address bar and hit Enter. You will be prompted for login information. You can find this information in your router’s user guide; otherwise CIRT.net has default username and password info on most routers.
2. Enable encryption by locating the Security section under Wireless
You should see options for “Encryption” or “Authentication” in this section. Choose WPA if it is available, or 128-bit WEP if not.
* WEP encryption is an older style of encryption that is not difficult to hack into. Wireless protection access (WPA) and WPA2 are newer protocols that are nearly impossible to crack and are a much safer option. If you have WEP encryption on your router, check your manufacturer’s website for a firmware upgrade to include WPA. If no upgrades are possible, consider purchasing a newer router with enhanced protection.
3. Set a new encryption key, or router password.
Once you have chosen your encryption type you will be prompted to enter a new key. Make this a strong combination of letters and numbers, using at least 14 characters but preferably the maximum number of characters for the best protection. Choosing a weak password here can leave you vulnerable to security attacks. Since you will only enter it once per device you connect, it need not be something you will remember.
4. Change the network name, or Service Set Identifier (SSID).
The first clue to a novice setup is the way the network name appears in the list of wireless connections available. Changing your SSID to something other than the default may cause would-be hackers to move down the list instead of seeing your default SSID and thinking your connection to be an easy target.
5. Enable MAC address filtering
This will allow your router to record the unique MAC address of each device on the network, and only give access to known devices.
6. Disable remote login to your router
This helps to discourage hacking attempts. Your router should have come with remote login disabled, but check to be sure under your router’s settings.
7. Disable wireless administrating
Similar to point 6 above. After doing this, all configuration work will require you to physically connect to your router with an Ethernet cable. This will disable the ability to wirelessly hack into your router.
Q. Can I just use my router’s built in firewall for protection?
A. While this will help protect you from remote attacks, it does nothing to protect you from hackers who are within your wireless signal.
Q. What do I do to stay secure at Wi-Fi hotspots?
A. Most Wi-Fi hotspots do not offer encryption, so do not send sensitive information while accessing a hotspot unless the website you are on provides its own encryption. Encrypted sites will begin with “https”, indicating the connection is secure. Always make sure your computer’s firewall is turned on and up to date, and turn off your wireless signal when you are not using it.
Another option for security at hotspots is to use a Virtual Private Network (VPN). Companies such as Boingo, JiWire and Witopia offer inexpensive VPN service, which essentially creates a secure tunnel for your information to pass through. Prices range from $25 to $40 per year for these services.
In addition to following the steps above, you can keep your wireless internet connection secure by following common sense practices such as not giving your encryption key to anyone and making sure your router and computer software are both up to date. Not only will this keep your personal data safe, it will prevent a hacker from committing illegal activities while connected through your network.