How to Secure Home/Office Wi-Fi from Hackers
Using Wi-Fi at your home or business has kind of become second nature. As long as something hasn’t gone wrong with your connection or service, you don’t even have to log on. Although you might feel secure when using your Wi-Fi, so can some unknown hackers who have figured out how to log on and use it to do a lot of illegal things – things that can get you into some sticky situations. If you’ve been living a carefree existence without worrying about your Wi-Fi, it’s time to consider the possibility that someone could be using your Wi-Fi to stream pirated movies, use up your bandwidth or a couple of even more sinister deeds. You should also be concerned if you are using temporary Wi-Fi rental for events. Here’s our top hacks to out-hack the hackers!
Why you should care
If it’s not costing you any money, you might just shrug and say “meh” when it comes to hackers that are “just using” your Wi-Fi. Unfortunately, you might be helping these sneaky devils participate in some nefarious activity, which includes not just getting into your Wi-Fi but also hacking your entire system. A recent test run by Avast discovered that 48 percent of the millions of routers they scanned showed signs of vulnerability. If we’ve caught your attention with that little stat, don’t worry. There are ways you can protect your Wi-Fi from these little so and so’s and get rid of them, so they can’t do any harm.
Secure That Router Password
It’s pretty common for people to stick with the default login settings for their router because it’s easier. However, this is one of the best ways to let hackers find your info and use your Wi-Fi. These default settings are intended as a temporary password to allow you to get everything set up. Once you’ve done that, you should change your password right away. Also, if you are using a temporary Wi-Fi rental service for one of your events, you will want to make sure your provider is taking precautions as well.
You can use routerpasswords.com to see if you can find your router make and model there. If you do find it, this is a clue how easy it is to find that info for hackers. The good news is once you do find it you can change it. Always use a complex password and unique username. It’s tempting to choose a password that you can remember, but all you’re doing is handing your info over to a hacker. Remember you haven’t had to log on since you got your router so it’s really not so much of a hassle. Your password should be completely random using numbers, upper and lower-case letters and a character to make it harder to hack.
Name That SSID
In your router settings you can also find your “service set identifier” (SSID). Rename it too as it is usually defaulted to the router manufacturer’s name which is why hackers can get your default info so easily. Just choose a random name that will make it a little harder for them to access your network. Never use your company or family name, street name or other clues that will make a hacker’s job easier.
Disable That WPS
Wi-Fi-Protected Setup (WPS) establishes an encrypted connection between your supporting device and the network. It can use either a button or PIN number for the connection which is vulnerable to hacking. Although it appears to be a necessity, you can actually disable the WPS to avoid brute-forcing.
Update That Firmware
We live in a world where a lot happens behind the curtain, so we don’t have to consciously think about a lot the tools and technology we use every day. Your iPhone tells you it will update when you charge it, and your Windows update gives you a warning or tends to even auto update whether you like it or not. Unfortunately, your router firmware doesn’t give you any indication it has an update, so you never do it. This is important because the updates will help increase your security. It takes hardly any time, is free and will make a big difference. You can search your firmware online to find updates and enable auto updates to keep you safer. Just do it after you reset your defaults, so you have your new password handy!
Secure That AP
Although we think all access to our systems is digital, you still have a vulnerable manual option that hackers can target. This is more dangerous for businesses than homes, as businesses can have more potential for a staff member or even a sneaky visitor to know what to do to make you more vulnerable. Your wireless system has an Access Point (AP) that has a reset button that will restore default settings. Although this might seem unlikely, it is best to keep your AP out of sight and consider a locking mechanism to limit access to your AP buttons and ports.
Cut Off That Rogue AP
That same sneaky little visitor or employee won’t just be looking for your AP to reset. They can do even more harm if they can find an unused ethernet port in the wall or a loose ethernet run. You can either remove them, cover them well or disable them on the router or switch.
Set Up Those Individual Users
For businesses, one of your best defenses is using the enterprise mode of Wi-Fi security which will request that each user have their own username and password. This is not only more secure but also makes it easier if someone should leave the company. You can just revoke that user’s info as opposed to having to reset everything, so everyone has to remember the new log-on. This is also better in the case of a lost or stolen company laptop.
If you are going the enterprise mode route, you’ll need to set up a RADIUS server if your other servers such as Windows doesn’t offer this function, or you don’t have a built-in RADIUS server on your AP. Just keep in mind that the enterprise mode can still be vulnerable to hackers who can use a bogus RADIUS server to steal login credentials. Without getting too complicated, you can avoid this issue using server verification on the client side which will check to verify the credentials are legitimate before allowing access to the RADIUS server. Verification capabilities will vary based on the device or OS of the client.
If you’d like more information about our temporary Wi-Fi rental, please call 800-741-2924 or contact us here.