In this article I will take you through setting up your WiFi security and configuration, before we begin it’s important to note all routers have a different configuration and as such may not have the same interface or GUI, but they all contain similar settings.
Step #1 – Find your gateway address
Begin by typing CMD in your windows start menu and opening a DOS prompt. Next type in ipconfig /all and press enter to locate your gateway address. See examples here.
Step #2 – Type your gateway address into your browsers URL bar and press enter. (Example – 192.168.1.254)
Step #3 – Sign into your Router
Use your admin account to sign in, most internet service providers place a sticker on the Router / Modem you are issued containing your password for login.
(Note – For those of you using one you purchase you can check with the manufacturer website to determine your default password or manual.)
Step #4 – Navigate to WiFi
Click the WiFi button on your router or the WiFi Settings button.
Step #5 – SSID Names
First off select or type in an SSID broadcast name, this can be any name you wish to give your router access point. It is also important NEVER to hide your SSID broadcast name, some people do this under the false notion that if the broadcast name is hidden no one will guess it and be able to connect. This is a misconception as most WiFi scanning devices can still detect a hidden broadcast name, it is also worth noting it disables security on many router devices, and any previously connected device will broadcast that hidden SSID name.
(Note – It is very important never to use your real name, last name, or phone number.)
Step #6 – Security Mode
Most routers have options for WPA, WPA-2, WEP, and Mixed WPA / WPA-2. The most secure is WPA-2 and is widely supported by almost all WiFi devices, the mode should almost never be anything other then WPA2.
(Mixed modes are acceptable but discouraged, as they can allow access through less secure means.)
Step #7 – WiFi Passwords
By default the router usually assigns a weak password for your WiFi, it is very important to change the default password. The more upper and lower case characters you add the more secure your password will become. There are MANY available bruteforcers on the internet that can easily obtain a WiFi password as most Routers do not / cannot have a connection attempt limit. As such your password should be a minimum of 12 characters both upper and lower case letters and numbers.
Example of Bad Passwords – 6904976 / 9494560 / mywifi / computer
Example of Good Passwords – JuR4L0Id90Hy5Tm3V2s6
(Note – The longer and more complex the password the more likely an attacker will simply give up and move on.)
Step #8 – Encryption
There are usually two different kinds of encryption for WiFi devices AES and TKIP. Some routers have dual options for both limiting yourself to AES will provide the most secure connections.
Step #9 – Disable UPNP
Universal Plug’n’Play provides attackers a Huge hole in your network security and should always remained Disabled. It was a means for providing easier connections and it does precisely that.
Step #10 – Disable WPS
WPS is a simple one button connection for WiFi devices, it also happens to be an amazingly easy way for any attacker to exploit router security and gain a connection. Most routers generate random numbers to be used for the connection and they can easily be fooled.
Optional – Step #11 – MAC Authentication
You can add additional security by enabling MAC authentication however this often requires you to enter your Router and routinely add new devices. It can be a hassle and only minimally increases your security, its a better idea to use this addition to purposely block MAC address you do not wish to connect to your access point.