How to Keep Your Router Secure
Pro tips to secure your router and Wi-Fi network
Your router knows all your secrets. Every piece of data you send or receive from the internet passes through your router—including any embarrassing search queries and all your online banking passwords. It’s important that you keep that info on lockdown.
If you haven’t thought about keeping your router secure before, there’s good news. You can do several things right now to amp up your router’s security and keep your data private. We’ll walk you through changing passwords, updating firmware, and making sure you’ve picked the right settings to turn your router into an impenetrable fortress.
Log in to your router
The first step to securing your router is logging into it. To do this, you’ll need to find your router’s default IP address, navigate there from a web browser, and log in using admin credentials. For more in-depth instructions on how to find your default IP address and log in, check out our simple step-by-step guide to logging in to your router.
Change your default login credentials
Most routers have the same default login credentials:
They’re stupidly easy to guess, and that makes your router and whole home network vulnerable. You should change your router’s admin login credentials ASAP if you’re still using them. Otherwise, anyone who wants to could easily get access to your network and settings.
We also advise making this username and password combo different from your Wi-Fi network name and password. And speaking of your Wi-Fi network . . .
Password protect your Wi-Fi
If you don’t currently have a Wi-Fi password, make sure to turn on Wi-Fi Protected Access 2 (WPA 2) or WPA3 in your router’s settings. This will create an encrypted Wi-Fi network that can be accessed only with the correct network password.
WPA3 is the latest Wi-Fi security standard, and you should use it if possible. WPA2 is the second-best option and is way more universal since WPA3 is so new.
Other available Wi-Fi security protocols are WEP and WPA, which are outdated but still better than no wireless security at all if you’re using an older router. But if that’s the case, it’s definitely time to upgrade to a new router.
Change your Wi-Fi network name and password
Your Wi-Fi network name, also called an SSID, can be whatever you want it to be. But by default, it’s usually something like NameOfRouter0383. First of all, that’s no fun. Secondly, that’s hard to remember. And third, it gives any potential hackers a little bit of information about your router.
Naming your network something like Pretty Fly For A WiFi or The LAN Before Time is much better and makes your Wi-Fi network easily distinguishable from other nearby networks (which is more important if you live in an urban environment and are within range of multiple networks). And it doesn’t tell would-be hackers any information except that your pun game is strong.
Of course, you want an equally secure network password that is not Password1234. Change your Wi-Fi password from the default. Longer passwords are more secure. Make it memorable.
Set up automatic firmware updates
Keeping your router’s firmware up to date can improve its performance as well as its security. These updates can increase your router’s efficiency, patch any bugs in the system software, and fix known vulnerabilities. Most home networking companies keep up with router firmware updates for several years after the router’s initial release.
In your router’s settings, check for any software or firmware updates. If there’s one available, go ahead and update your router. So you don’t have to log in to your router every time there’s an update, set up automatic updates if your router allows. If you can’t set up auto updates, remember to check back every few months.
Disable unnecessary features
There are a few convenient router features that are built for convenience but not security:
- Wi-Fi Protected Setup (WPS)
- Universal Plug and Play (UPnP)
- Remote access protocols
WPS lets you connect devices to your Wi-Fi network without putting in your password, which can be convenient if you have a nice, long password but definitely decreases security. It’s worth it to just log in the traditional way.
Remote access protocols let you access your router settings even when you’re not connected to your home network. Remote access can be useful for business, but it’s less necessary for home networks. You should turn off any remote access settings just to be on the safe side.
UPnP gets a little more complicated. To put it as simply as possible, UPnP allows any device on your network to alter your network by opening and closing ports, or doorways to the internet. And it’s a vulnerability that has been exploited several times in the 12 years since the protocol was set. You use UPnP to remotely view security camera footage when you’re away from home, connect to gaming services, stream videos through Roku or Apple TV services, and use smart assistants like an Echo dot.
Unlike the other two, you might notice the inconvenience if you disable UPnP. Deciding whether to disable this setting is a trade off of convenience vs. security.
Set up guest networks
Giving out your normal Wi-Fi password to visitors can seem harmless. For close friends and family, that can be the case. But it’s better to set up a guest Wi-Fi network for anyone who doesn’t live in your home.
A guest Wi-Fi network has its own name and password and gives you more power over how your guests use your Wi-Fi. For example, you can block certain websites or types of content, limit bandwidth usage, or set a schedule for when the guest network is active.
Gust networks also keep random people off your primary Wi-Fi network. That’s good because it isolates any potential dangerous downloads or malware to the guest network and device instead of your whole network.
Use a guest network for smart home devices
Smart home devices like thermostats, coffee makers, or smart speakers can be more vulnerable to hacking than your phone or PC. You probably don’t often think about your doorbell’s security, do you?
For that reason, it’s a good idea to keep your smart home devices all connected to a separate guest network.
Keep your devices up to date
In order for your whole network to be secure, you want to make sure that every device on your network is secure as well. The best way to do this is to keep all your devices updated. That means phones, computers, gaming consoles, smart home devices, printers, and everything else that uses an internet connection.
Make sure to keep up with software updates and patches. Many routers have some built-in security features to scan your network and connected devices for vulnerabilities, so take advantage of that to ensure your connections stay secure.
Use a VPN
A virtual private network (VPN) basically obscures your identity online by encrypting your data and hiding your location. You may be familiar with VPNs like NordVPN that you use on individual devices, but you can also connect your router to a VPN to use it across your whole network. Not all routers support this, but most high-end and gaming routers do.
One downside to VPNs is that they can increase latency, which can interfere with online gaming or video calls. To keep an eye on this, you should keep track of your network speeds with an internet speed test.
Author - Rebecca Lee Armstrong
Rebecca Lee Armstrong has more than six years of experience writing about tech and the internet, with a specialty in hands-on testing. She started writing tech product and service reviews while finishing her BFA in creative writing at the University of Evansville and has found her niche writing about home networking, routers, and internet access at HighSpeedInternet.com. Her work has also been featured on Top Ten Reviews, MacSources, Windows Central, Android Central, Best Company, TechnoFAQ, and iMore.
Editor - Aaron Gates