In the past few posts I’ve discussed numerous aspects of wired and wireless networking, from equipment differences to proper router placement. Now we’re going to touch on one of the most important issues of all: wireless network security.
There are several facets to wireless security that you, the end-user, need to pay attention to. None of them are particularly difficult, but left undone they can create a serious security breach.
Change the default login and password
By default your router will have a login and password set to something like: “Admin/Admin” or “Admin/Blank.” Some routers may use their own model number for the password, while routers distributed by a company like Comcast may use “Comcast.”
No matter what the company uses, you can bet on two things: It’ll be simple, and everybody online knows what it is. There are websites that catalog this information, specifically because users who forget the defaults or lose the documentation have to have a way to look it up.
A router secured by the default login and password is therefore roughly as secure as a screen door on a submarine. Pick a combination that’s specific to you and write it down if you have to. Writing down user names and passwords isn’t great security practice, but the risk is ameliorated if you’re in your home – anyone with access to your domicile is already a much greater security threat.
Use WPA or WPA2
Alright, you’ve changed the default login and password on your router. Now what? Now you have to choose between three different wireless networking security standards – except, really, you’re only choosing between two of them.
There are three wireless networking security standards: Wired Equivalent Privacy (WEP) debuted in 1999. Like most things from the 1990s (the Pentium 4, Toad the Wet Sprocket), WEP has not aged well. The standard has been completely broken and, at this point, can most likely be hacked by a mobile phone. Don’t use WEP.
That leaves WiFi Protected Access or WiFi Protected Access 2. WPA was based on an early version of what became WPA2. The standard was rolled out quickly when it became clear that WEP was critically compromised. If you only have access to WPA, choosing it as your wireless security method (typically found in the Security tab of the router configuration software) should offer you the choice to use TKIP or AES as an encryption method. If available, choose AES.
If you can, however, choose WPA2 and AES. You don’t need to worry if the router offers you the option between WPA2 Personal and WPA2 Enterprise. Only enterprise deployments need to concern themselves with the latter, and you’d know if you were actually a large multinational corporation.
Once you’ve completed these two steps, you’ve secured your router. Those of you looking to take an extra step should consider Googling any router you might purchase beforehand, specifically to check for known security flaws. Online security is an ever-evolving game, and you don’t want to buy a product that has critical issues out of the box.
The post How to Secure Your Wireless Network appeared first on Speedtest Blog.