Using a VPN (virtual private network) slows down your internet connection. According to our research, you can see Wi-Fi speeds drop by as much as 77% as soon as you sign onto a VPN—but don’t fret, there’s a way to decrease the chances of your speeds dropping so drastically.

You can maintain reliable Wi-Fi speeds if you get a quality, subscription-based VPN. And you can keep your internet running smoothly as well if you keep your router updated and placed in a centralized location in your home.

Here’s a quick guide on how a VPN impacts internet bandwidth. We’ll explain why your speeds get slower with a VPN and recommend the best VPNs to maintain fast speeds.

Jump to: Why do VPNs slow your internet speed? | Best VPNs for speed | Test your VPN speed | How to improve VPN speed

Jump to:

• Why do VPNs slow your internet speed?
• Best VPNs for speed
• Test your VPN speed
• How to improve VPN speed

Why does a VPN slow down your internet?

A VPN slows down your internet because it adds multiple extra steps to the process of getting data from your home internet network to your internet provider and back.

VPNs work by letting you sign on to a separate server—usually located in a different state or foreign country. This creates a virtual tunnel that masks your online activity, IP address, and location, keeping you safe from hacking and online surveillance and giving you access to websites that you might not be able to visit otherwise (like foreign versions of Netflix).

But encryption takes up bandwidth, routing a VPN through a foreign server increases latency (especially if it’s a server located in a distant state or country). A VPN’s own server bandwidth and efficiency can also impact your speed. If a VPN server is crowded with other users, it can lead to slower speeds and a less reliable connection.

On the flip side, a VPN can also combat speed throttling from an ISP, as it masks the kind of data you use. So if your provider, say, caps video streaming at 5 Mbps, using a VPN could potentially improve your speed. Let’s take a look at the best VPNs you can get to maintain fast internet speeds.

How much speed do you need?

Not everyone needs the fastest internet in the world—but having fast internet definitely helps ensure a smooth connection even when a slow VPN is in play. Use our “How Much Internet Speed Do I Need?” tool to see what bandwidth is best for your home setup.

What are the best VPNs for internet speed?

You can get a massive discount from most of these VPNs by signing up for a longer subscription. Most range from 6 months all the way up to 26 months. If you plan on using your VPN long-term, we highly recommend going with a longer subscription that can help you save on the monthly cost.

NordVPN, ExpressVPN, and Surfshark consistently rank as the fastest VPNs among reviewers and experts—and they’re generally considered the best VPNs for privacy and other features, too. All three use efficient, up-to-date encryption protocols and have enough servers so you’re less likely to experience major network congestion when you sign on.

Private Internet Access, Hotspot Shield, and CyberGhost are also well-known VPNs and have performed excellently in many speed tests. Private Internet Access also boasts the most servers of any VPN in the world, giving you more options to choose from. Hide.me isn’t as fast, but it’s a great free VPN service that doesn’t eat as much bandwidth as most free VPNs.

Want to see how a VPN impacts your speed? Take a speed test

Take our speed test to see if your VPN is slowing down your internet.

Even the best VPN speeds can fluctuate daily. Your internet speed can also easily be impacted by a range of other factors, including your internet provider, the connection type, your plan, and the router you’re using. But a speed test gives you a ballpark estimate of how different VPNs impact your bandwidth.

Here’s a quick rundown on how to do it.

How to test VPN speed

Step one: Run a speed test with your VPN disabled. Write down the results.

Step two: Turn on the VPN and run the test again. Write down these results as well.

Step three: Compare the two speeds to see how they are different.

Step four: Repeat the process a few times throughout the day to see how the numbers differ.

How can you make a VPN faster (or at least not as slow)?

It’s hard to predict just how much a VPN may slow your internet speed because a lot of factors play into the speeds you’re getting. But there are a few things you can do to make sure you’re getting the most out of your VPN, speed-wise.

Avoid free VPNs

Free VPNs might work if you’re on a budget, but they typically don’t perform as well as subscription-based VPNs. They have fewer servers, so you have to share a single server with more users, and some are also loaded with malware that drains your bandwidth or even hijacks it for nefarious purposes. Also, some lesser VPNs collect your user data and sell it to make money, which is another good reason to avoid them.

To ensure the best speeds—not to mention the best security and other features—stick to a well-vetted VPN that costs a monthly or annual subscription.

Switch your VPN server location

The best VPNs host servers all over the world. Some servers may perform better than others, depending on where they’re located and how many users are on each one. Try picking a server close to you to reduce the amount of time it takes to route your data to and from the VPN server.

Use the WireGuard protocol

Although OpenVPN is the most common and best-respected VPN protocol in use today, a newer protocol called WireGuard has been drawing positive attention since it launched in early 2021. Speed tests show it to be faster and more efficient than OpenVPN—although the latter still remains stronger for privacy.^{1, 2}

Most top-rated VPNs allow you to switch between different protocols, and NordVPN specifically supports WireGuard. You can switch between protocols on your VPN by going to the settings menu. Also, you can adjust the protocol settings to make your speeds faster.

Get a better VPN

Of course, if you’re experiencing consistent speed issues on your VPN, you can always try a new VPN to see if it fares better. NordVPN, ExpressVPN, and Surfshark are often the top-rated VPNs, but there are plenty of others worth trying. See our guide to the best VPNs for recommendations.

Sources

1. JP Jones, TopVPN.com, “Wireguard vs. OpenVPN,” March 11, 2022. Accessed April 14, 2022.
2. Sven Taylor, RestorePrivacy, “Wireguard VPN: Secure and Fast, but Bad for Privacy?” January 10, 2022. Accessed April 14, 2022.

More about VPNs and internet speed

• Best VPNs
• Fastest VPNs
• How Can I Tell If My ISP Is Throttling My Internet?

Data effective 8/27/2025. Offers and availability may vary by location and are subject to change.

Our pick: Which free parental control software is best?

The best free option for parental controls is easily Kurupira Web Filter. It gives you a huge amount of control over the content your kids can stumble upon online. It even has blacklisting and whitelisting options that many paid programs lack. There are no arbitrary limitations on the number of users or devices that can use it, and it doesn’t try to upsell you after a brief trial period. Unfortunately for Mac users, it’s only available on Windows.

Want more help keeping your kids safe online?

Free tools are great, but there are a few things parents need to know in their quest to keep their kids safe online.

1. Many devices and apps have their own parental control features
Whether you’re setting up a new iPhone or a new Netflix account, there’s a good chance you can control how your kids use it. Look for safety or security options in settings or accounts.

Learn About Parental Controls for iPhones, iPads, and Macs

Learn About Parental Controls for Microsoft Devices

2. Routers can be the best way to maintain safety for the entire household
The free solutions we recommend on this page are good for one device at a time, but most routers have tools that let you block or allow sites for every device on the home network. They usually let you set time limits by device, too, and may include bonus features like virus and malware protection. Router controls won’t help if your kid has access to a mobile line, but they’re a great place to start.

See the Best Routers with Parental Controls

Learn How to Set Up Parental Controls on Your Router

3. Your internet provider may offer security add-ons
Many internet service providers offer help with safety and security, whether it’s through the routers they offer or through add-on services. If parental controls and security are important to you, ask about them any time you consider switching plans.

Find a New Home Internet Provider

The best free parental control software

• Best overall: Kurupira Web Filter
• Best monitoring app: Life360 Family Locator
• Best freemium: Qustodio Free

Data effective 08/27/2025. Offers and availability may vary by location and are subject to change.

When you’re looking for free parental control software, the first thing to look for is features that are free for good, not just part of a free trial. Freemium options can be good choices because, while they give you the ability to upgrade for more features, you still have a fully functional piece of software at no cost.

There are a lot of good free options out there, but each generally specializes in one or two things. You probably need different pieces of software for different purposes. If you want a single parental control system that covers all your devices and gives you all the tools you need for both mobile and desktop, you won’t find one for free.

If a more versatile option sounds worth paying for, check out our review of the best parental control tools to see if one of these options works for you.

Free parental controls FAQ

Even on secure networks, cybercriminals still find ways to get in, and once they do, they potentially have access to anything and everything you do online. They use these vulnerabilities to steal your money, peer into your personal life, and perhaps even access live video feeds of your home. Terrifying, right? It’s the unfortunate reality of having so much of our lives integrated into technology.

The upside is Wi-Fi security is constantly improving, giving you some big guns to defend your home network. Once you combine your network’s built-in security tools with good network safety practices, you have a fairly robust defense against cybercriminals.

We’ll go over some of the ways hackers break into your network and show you what to look for in case of a security breach. Then, we’ll go over some essential preventive measures you can take to build up your own personal Fort Knox of Wi-Fi security.

Jump to: How hackers break into your network | How to protect your home network from hackers

Jump to:

• How hackers break into your network
• How to protect your home network from hackers

How hackers break into your network

Phishing

Phishing is a scam tactic used by hackers that tricks you into clicking on a malicious link or attachment that either installs malware on your device or persuades you to provide sensitive information, like login credentials. Phishing usually comes in the form of text messages or emails disguised as communication from reputable or familiar sources. Keep an eye out for urgent language pushing you to act fast—that’s a major red flag.

Here are some commonly used phishing attacks and warning signs you may run into:

• Claiming an issue with an account or payment
• Malicious login attempts
• Directing you to follow a link to fix a problem
• Asking you to download an attachment
• Asking for sensitive information
• Typos

Phishing usually relies on you taking the bait, so all you have to do is avoid clicking that fateful link or attachement. Approach all links and attachments with a healthy level of skepticism and be sure to always check the sender’s email address for anything that may raise an eyebrow. 

Malware

Malware, short for Malicious Software, is any software designed to extract private information or harm your devices. These programs come in a variety of nefarious forms. Some record everything you type into your keyboard, searching for passwords. Others may intercept your web traffic, while some take pictures of your screen and send those back to the criminal. Some malware acts as a passageway for more malware. And sometimes, Malware is designed to simply mess up your computer.

You get malware by downloading files or clicking on links. Don’t download files from untrusted sources, and keep an eye out for disguised websites and emails. If you’re unfamiliar with a source, think long and hard before you let it through your network defenses.

Brute Force Attacks

Brute force attacks involve using a program to guess your password until it finds the right combination of characters. For a person, this is usually impossible without some type of hint, but computers can cycle through thousands of attempts without breaking a sweat.

How to protect your home network from hackers

There are many tools and practices at your disposal to protect yourself from malicious network attacks. Most are really easy to implement in your home network.

Create strong passwords

Your first line of defense is robust passwords that are not easily cracked by hackers. Many of us are guilty of creating simple passwords based on personal information like birthdays or names; it makes sense, as these are easy to remember, and being locked out of your accounts seems to happen at the worst times. But these passwords are also easy for criminals to decipher.

Sometimes, it doesn’t even take the use of malicious programs to break these passwords. Identifying information, like birthdays, pet names, and other personal details is often easy enough to find through a person’s public social media posts or profile information.

Best practice: The most secure passwords mix character types (numbers, letters, and symbols), contain at least 10 characters, and are not based on personal details (such as birthdays or pet names).

Change your router’s default login credentials

Router login credentials are not the same thing as your Wi-Fi name and password. Your router login credentials allow you to change your home network’s settings. These settings include your Wi-Fi password and your security settings.

Many routers come with default login credentials that are laughably insecure. In fact, the login credentials are usually something like “Admin” for the username, and the password is literally set as the word “password.” Even worse, the login page is almost always a universal URL web address or IP address. This lack of security makes it extremely easy for anyone on your Wi-Fi network to access your router settings if you haven’t changed the default credentials.

Best practice: To change your router login credentials, you’ll need to access your router’s settings; we detail the process in full in our guide on logging into your router.

In short, all you have to do is connect to your router via Wi-Fi or using an Ethernet cable and navigate to the settings page in a web browser using the router’s login URL; this is usually printed on a sticker along with the default username and password. Once logged in, you’ll be able to change the password. Alternatively, some routers use a mobile app instead of a web interface.

Some routers prompt you to change the login credentials when you first set up the router. If you can’t remember if you changed them already, it’s best to double-check.

Keep your router security enabled

Aside from limiting access to your network with a Wi-Fi password, your router also has built-in security measures. These should be on by default, so all you need to do is keep them running. Also, if you have a stand-alone modem and router, don’t connect to the modem directly via Ethernet, as this bypasses your router’s built-in security features. Instead, connect your devices to your router via Ethernet or Wi-Fi.

Upgrade to a WPA3 Router

WPA3 is the latest security protocol used in all Wi-Fi certified routers and devices since 2020. WP3 introduced many improvements in Wi-Fi security, notably better encryption and defense against brute force password-cracking attacks.

Best practice: If you don’t have a router that can use WPA3, it might be time to shop for a new one—which could even help your Wi-Fi speeds if your router is older. If your router was released after 2020, you should already have a WPA3 router. If your router was released earlier, it may use WPA2, which is not as robust as WPA3. WPA3 was announced in 2018, so if your router was made before then, it’s definitely not taking advantage of WPA3’s enhanced security.

Keep your computer and devices updated

Like most tech fields, cybersecurity advances at an extremely fast pace. So, while security tools are always improving, so are the methods of cybercriminals. Keeping your OS updated ensures you have the latest protections installed.

Best practice: Regularly update your devices and apps and consider turning on automatic updates to help you avoid forgetting.

Set up a Wi-Fi guest network

A guest Wi-Fi network allows others to use your Wi-Fi network while still protecting the most vulnerable parts of your network. For example, someone on the guest network may be able to browse the internet, but they can’t log in to your router and start changing network settings. This is a nice way to share your Wi-Fi without as much risk.

Best practice: Set up a guest network for when someone you don’t know well visits or accesses your Wi-Fi for any reason. You can follow our guest network guide to get your setup started.

Use antivirus software

No matter how diligent you are, sometimes malware still finds its way into your home network. But don’t fret—you can prepare for such occasions with antivirus software. Antivirus software not only works to keep malware and viruses off your computer and devices, but it scans and erases malicious programs that make their way through your other defenses.

Best practice: Find an antivirus software that fits your budget and needs. Luckily, there’s a wide variety of options nowadays. You can set your software to regularly scan your devices and make sure your personal data constantly stays secure.

I will never, ever tell you to disable the firewall on your computer. That’s just crazy talk right there. Doing so opens the door to hackers and malware, all eager to seize your computer and steal your data. Not fun.

But there may come a time when you need to disable the firewall on Windows or Mac temporarily to troubleshoot issues—and that’s my only exception. For this reason, I’ll show you where to disable and enable the firewall on Windows PCs, desktop Macs, and MacBooks.

Are you troubleshooting speed issues?

You may not need to disable your firewall on Windows or Mac if you’re having internet speed issues. Connect a different PC to your router and run our speed test to compare the speeds.

A note before going in

The firewall on your Windows PC, Mac desktop, and MacBook is enabled by default. If you dig in and find that it’s been unknowingly turned off for some reason, chances are you already have some form of malware installed. I’d run a third-party virus scanner to clean out the malicious trash or perhaps even reset the device to its out-of-the-box state if the pesky bugs persist. Malware can slow your computer to a crawl and severely reduce your internet speeds, among other things.

How to enable or disable the firewall on Windows 11

You can take two paths to access the Microsoft Defender Firewall toggle. I will first give you Microsoft’s official instructions, followed by a shorter route using the hidden icons menu.

The Start button route

Step 1: Select the Start button.

Step 2: Select Settings on the Start Menu.

Step 3: The Settings panel appears on your screen. Select Privacy & Security on the left.

Step 4: Select Windows Security on the right.

Step 5: Select Firewall & network protection from the following list appearing on the right.

Step 6: The Windows Security panel appears on your screen with the Firewall & network protection category already selected. Choose Domain network, Private network, or Public network (see FAQ).

Step 7: Under Microsoft Defender Firewall, click on the toggle to set it to On or Off.

The hidden icons route

Here’s the shorter route to accessing the Microsoft Defender Firewall toggle. In my case, the Windows Defender icon resides in the hidden icons pop-up balloon. However, you may see the icon seated on the Taskbar instead.

Step 1: Select the Show hidden icons button (up arrow) on the Taskbar.

Step 2: Select the Windows Security icon.

Step 3: The Windows Security panel appears on your screen. Select Firewall & network protection on the left.

Step 4: Select Domain network, Private network, or Public network (see FAQ) on the right.

Step 5: Under Microsoft Defender Firewall, click on the toggle to set it to the On or Off position.

How to enable or disable the firewall on Windows 10

The instructions to reach the firewall toggle are different on Windows 10 than on Windows 11. But like Windows 11, you have two ways to reach the firewall toggle: using the traditional Start button method or the (faster) hidden icons route.

The Start button route

Step 1: Select the Start button.

Step 2: Select the Settings icon.

Step 3: The Settings panel appears on your screen. Select the Update & Security tile.

Step 4: Select Windows Security on the left.

Step 5: Select Firewall & network protection on the right.

Step 6: The Windows Security panel appears on your screen. Select Domain network, Private network, or Public network (see FAQ).

Step 7: Under Microsoft Defender Firewall, click on the toggle to set it to the On or Off position.

The hidden icons route

You can bypass the Settings window altogether and go directly to the Windows Security screen using these instructions.

Step 1: Select the Show hidden icons button (up arrow) on the Taskbar.

Step 2: Select the Windows Security icon in the pop-up menu.

Step 3: The Windows Security panel appears on the screen. Select the Firewall & network protection tile.

Step 4: Select Domain network, Private network, or Public network (see FAQ).

Step 5: Under Microsoft Defender Firewall, click on the toggle to set it to the On or Off position.

How to enable or disable the firewall on Mac

Apple keeps your route to the firewall toggle pretty simple, although you’ll have a faster trip if the System Settings icon is on the Dock. These instructions are based on macOS Ventura.

Step 1: Select the Apple menu icon in your screen’s top left corner.

Step 2: Select System Settings on the drop-down menu.

Alternative method: Select the System Settings icon if it appears on the Dock.

Step 3: The System Settings panel appears on your screen. Select Network on the left.

Step 4: Select Firewall on the right.

Step 5: Select the toggle to enable or disable the firewall.

Related sources

• How to Clear Your Browser Cache
• How to Update Your Web Browser
• 7 Signs of a Hacked Router and How to Fix It
• How to Secure Your Wi-Fi Router
• 8 Terrifying Security Flaws in Your Wi-Fi—And How to Fix Them

FAQ about enabling and disabling a firewall

You don’t need a third-party subscription to manage children with an iPhone, iPad, or Mac. Apple provides easy-to-use parental controls with a quick tap or click on the Settings icon. From there, you can restrict specific apps, set purchase permissions, lock down the device for the night, and more.

I’ll explain how you can set up parental controls for the iPhone, iPad, and Mac.

How to create a child account for iOS

Parental control settings aren’t device-specific. Instead, you create an Apple ID for your child you can manage from any Apple device. Once you create the account, you can use Quick Start to set up a new iPhone or iPad with your preferred parental controls already in place.

Here’s how to create a new child account from your iPhone, iPad, or Mac:

Step 1: Tap or click on Settings.

Step 2: Tap or click on Family.

Step 3: Tap or click on the blue Add Member button.

Step 4: Tap Create Child Account.

Step 5: Enter the child’s name, birthday, and then tap or click on Verify You’re an Adult.

Step 6: Tap or click on the Continue With [security] popup to give parental consent. In my case, I used Face ID.

Step 7: Tap or click on Agree or Disagree for Apple’s Family Privacy Disclosure and its Terms and Conditions.

Step 8: Tap Continue to confirm the child’s new email address.

Step 9: Tap or click on the popup to verify the address.

Step 10: Create a password for the child’s new Apple ID.

Step 11: Choose a phone number to receive verification codes.

That’s it. You can use this Apple ID on any iPhone, iPad, or Mac you choose. Now, let’s take a deep, deep dive into the fathomless parental controls.

iPhone parental controls: a brief overview

You can manage children and monitor their activities by tapping or clicking through this path on your iPhone, iPad, or Mac:

Settings > Family > Your Child’s Name

Everything you need falls under the Screen Time category. Here is the list of tools provided to you—simply click on any of the following links to jump to instructions on how to modify each.

• Downtime
• App Limits
• Communication Limits
• Communication Safety
• Always Allowed
• Content & Privacy Restrictions (App Store, iTunes, Web browsing, Siri, Game Center)

However, before you begin, you must enable Screen Time on your child’s account before you can manage content and permissions.

How to enable Screen Time

First, tap or click on the following path to reach the Screen Time settings:

Settings > Family > Your Child’s Name > Screen Time

Step 1: Tap or click on Turn On Screen Time.

Step 2: A new screen appears, explaining all the available tools. Tap or click on Turn On Screen Time again.

Step 3: Tap or click on the slider to set the child’s age (5–18). The default settings adjust accordingly.

Step 4: Tap on a category to customize the content restrictions for Apps, Books, TV Shows, Movies, and more.

Step 5: Tap or click on Turn On Restrictions when you’re done. Alternatively, tap or click on Set Up Later to customize the restrictions some other time.

Step 6: Tap or click on Turn on Communication Safety to protect your child from sensitive photos displayed in the Messages app. Alternatively, you can tap or click on Set Up Later.

Step 7: Select a Start and End time period and then tap or click on Turn On Downtime. Alternatively, you can tap or click on Set Up Later if you need a customized Downtime schedule for your child.

Step 8: Set the daily time limits for your child’s apps. You can choose all apps and categories, select a specific category, or select apps individually.

Step 9: Tap or click on Set to define the Time Amount, and then tap or click on Set App Limit. Alternatively, you can tap or click on Set Up Later.

Step 10: Create a Screen Time passcode.

Step 11: Enter the Screen Time passcode again to complete the setup.

That’s it. Your child’s account is ready. If at any point you selected Set Up Later or need to adjust the settings, read on to find out how.

How to set your child’s downtime

Downtime is ideal when you want to block access to an Apple device during bedtime. Children receive a five-minute warning before downtime kicks in, allowing them to request more time if needed. Some apps and phone calls you choose elsewhere in the Screen Time controls will bypass the downtime restriction.

First, follow this path:

Settings > Family > Your Child’s Name > Screen Time

Step 1: Tap or click on Downtime.

Step 2: Enter your Screen Time PIN.

Step 3: Tap the Scheduled toggle to enable Downtime (green).

Step 4: Tap Every Day and select the start and end times, or select Customize Days and set specific times for each day.

Step 5: Tap the Block at Downtime toggle if you want to lock the device during Downtime. However, the child can ask for more time.

Keep in mind Downtime applies only once per day—you cannot schedule multiple Downtimes within a single day. If you need more than one block of time scheduled, use the parental controls in your router or gateway to block internet access for a specific time, like during homework hours.

How to set app limits

You can set daily time limits for any app installed on the child’s device. Tap on a category to limit all related apps or tap on a specific app. There’s an option to limit access to all installed apps too.

First, follow this path:

Settings > Family > Your Child’s Name > Screen Time

Step 1: Tap or click on App Limits.

Step 2: Tap or click on Add Limit.

Step 3: Tap or click on All Apps & Categories to set limits on all apps your child uses. Alternatively, tap or click on the circle next to a category (like Social) to select all social apps, or tap on a category to choose a specific app (like Discord).

Step 4: Tap or click on Next.

Step 5: Select the amount of time your child can use the app(s) each day. Alternatively, tap or click on Customize Days to set different time limits each day.

Step 6: Tap or click on Add to complete.

How to set communication limits

The limits you set apply to Phone, Messages, FaceTime, and iCloud contacts. Here you can restrict communication to Contacts Only, Contacts & Groups with at Least One Contact, or Everyone. To get started, follow this path:

Settings > Family > Your Child’s Name > Screen Time

Step 1: Tap or click on Communication Limits.

Step 2: Tap or click on During Screen Time to restrict who your child can communicate with during normal hours.

Step 3: Tap or click on During Downtime to restrict who your child can communicate with during Downtime hours. If you select Specific Contacts, a popup appears for you to select an existing contact or create a new one.

Step 4: Slide the Manage Child’s Contacts toggle into the On position to manage contacts remotely. A popup appears for you to select an existing contact or create a new one.

How to set communication safety

This setting only applies to the Messages app, which detects nude photos before they’re received and seen by your child. To toggle this setting on, follow this path:

Settings > Family > Your Child’s > Screen Time

Step 1: Tap or click on Communication Safety.

Step 2: Tap or click on the toggle next to Check for Sensitive Photos. It turns green when you enable this setting.

Step 3: Tap or click on the toggle next to Improve Communications Safety if you want to help Apple improve this tool (optional).

How to set Always Allowed apps and contacts

You can allow your child to use specific apps at all times and who your child can contact during Downtime. To change these settings, follow this path:

Settings > Family > Your Child > Screen Time

Step 1: Tap or click on Always Allowed.

Step 2: Tap or click on Contacts to select Everyone or Specific Contacts. If you choose the latter, a popup appears for you to select an existing contact or create a new one.

Step 3: Tap or click on any red “minus” icon to remove an app from the Allowed Apps list. Phone, Messages, FaceTime, and Maps are Always Allowed by default.

Step 4: Tap or click on any green “plus” icon to add an app to the Allowed Apps list.

How to change the Content & Privacy Restrictions settings

You need to enable this feature to manage how your child installs apps and makes in-app purchases. Here you can also block Apple-specific apps like Mail and Safari.

However, this section is fully loaded, so I’ll break it all down into six parts. To start, follow this path:

Settings > Family > Your Child > Screen Time

Step 1: Tap or click on Content & Privacy Restrictions.

Step 2: Tap or click on the toggle next to Content & Privacy Restrictions to enable this feature. It turns green when enabled.

iTunes & App Store Purchases | Allowed Apps | Store content | Web content | Siri content | Game Center restrictions

How to modify iTunes & App Store purchases

Here you can control what apps your child installs and deletes. You can also allow or block in-app purchases.

Step 1: Tap or click on iTunes & App Store Purchases.

Step 2: Tap or click on Installing Apps to Allow or Don’t Allow.

Step 3: Tap or click on Deleting Apps to Allow or Don’t Allow.

Step 4: Tap or click on In-App Purchases to Allow or Don’t Allow.

Step 5: Tap or click on Always Require or Don’t Require. If you select Don’t Require, your child isn’t prompted to enter a password again after the first purchase.

Step 6: Tap or click on Done when you’re finished.

How to modify the Allowed Apps list

Here you can enable or disable the built-in Apple apps, like Mail and Safari.

Step 1: Tap or click on Allowed Apps.

Step 2: Tap on the toggle next to any app you wish to enable (green) or disable (gray).

How to set Content Restrictions

This section provides all the settings you need to restrict movies, TV shows, websites, Siri results, and Game Center activity.

Step 1: Tap or click on Content Restrictions.

Step 2: The following screen breaks down into four cards and their individual settings:

Allowed Store Content

• Music, Podcasts, News, Fitness – Clean or Explicit
• Music Videos – Off or On
• Music Profiles – Off or On
• Movies – Don’t Allow, Not Rated, from G to NC-17, Unrated, Allow All
• TV Shows – Don’t Allow, from TV-Y to TV-MA, Allow All
• Books – Clean or Explicit
• Apps – Don’t Allow, from 4+ to 17+, Allow All
• App Clips – Allow or Don’t Allow

Web Content—Select one of three

• Unrestricted
• Limit Adult Websites – Tap the Add Website link for Always Allow or Never Allow to enable and block specific adult-oriented websites.
• Allowed Websites – Tap the Add Website link to add a website to the preselected list of nine (Disney, PBS Kids, National Geographic Kids, etc).

Siri

• Web Search Content – Allow or Don’t Allow
• Explicit Language – Allow or Don’t Allow

Game Center

• Multiplayer Games – Don’t Allow, Allow With Friends Only, or Allow with Everyone
• Adding Friends – Allow or Don’t Allow
• Connect with Friends – Allow or Don’t Allow
• Screen Recording – Allow or Don’t Allow
• Nearby Multiplayer – Allow or Don’t Allow
• Private Messaging – Allow or Don’t Allow
• Profile Privacy Changes – Allow or Don’t Allow
• Avatar & Nickname Changes – Allow or Don’t Allow

Other restrictions

Finally, on the Content & Privacy Restrictions screen, you can set restrictions to Allow or Don’t Allow for the following settings:

• Share My Location
• Passcode Changes
• Account Changes
• Cellular Data Changes
• Driving Focus
• TV Provider
• Background App Activities

Other spending tools at your child’s disposal

You can use two other tools besides Screen Time to manage your child’s spending.

Ask To Buy

All Family members have access to the credit card on file when you allow Purchase Sharing. The Ask To Buy feature gives you more control over how your child purchases apps, in-app items, and media.

When your child selects an app or media to purchase, an Ask Permission prompt appears on the child’s screen. The child taps Ask—the parent approves or denies the purchase directly on their device.

Follow this route to enable Ask To Buy on the child’s account:

Settings > Family > Your Child > Ask To Buy

Ask to Buy purchases apply to App Store, iTunes Store, and Apple Books only.

Apple Cash

Apple Cash is an alternative to your child using the credit card on file. It’s a digital card you create for your child in Wallet and is used with any service that accepts Apple Pay. Your child can receive money through Apple Cash as well.

To get started, follow this path:

Settings > Family > Your Child > Apple Cash

Final call: Keep your guard up

I have lots of kids and oh boy can they be clever, especially young teens and older, who are a bit more resistant to your governing ways. I suggest a three-prong approach to parental controls as a failsafe in case something goes awry and your child streams questionable content until the roosters crow at dawn.

As I’ve shown in this guide, Apple provides an incredible toolset for parents at no extra cost. You can block access to your child’s Apple device overnight, restrict the content they consume, limit app use, and more.

Also, be sure to take advantage of the parental controls built into your router or gateway. Check out my guide on the best routers with parental controls if you need something a bit more secure than what you have now.

Finally, use your mobile provider’s tools to keep your child’s cellular use at bay, like AT&T Secure Family and AT&T Purchase Blocker.

Related content

• How To Use Microsoft’s Parental Controls
• Best Routers for Security
• How to Secure Your Wi-Fi Router
• How to Share Your Wi-Fi Password From Your Phone
• Best Password Managers

FAQ about iPhone parental controls

Internet issues are just a way of life. There’s always something disrupting your dancing cat videos. Network troubles on your provider’s side. Storms blowing down lines. The speed woes of a tired old router. Kids downloading super-sized game updates. Something.

But what if every device you own loads the same website no matter what you type into the address bar? Or, even worse, you sit at your computer, utterly speechless, as a “ghost” seizes your mouse and opens your bank account?

Not fun.

Those two scenarios alone are good signs of a hacked router. But don’t worry: I’ll clue you in on how to recognize a hacked router, how to fix it, and how to make sure it never happens again.

There are many signs of a possible router hack that can throw up a red flag. Some are general and could apply to other router-related issues. Others are a sure sign that someone else now controls your network.

Sign #1—You can’t log in to your router

First, let’s be clear that your inability to sign in to your router or gateway doesn’t always mean you’ve been hacked. There have been plenty of times when I returned to a router I previously tested, and it (rather rudely) denied me access to the settings. This is not an uncommon problem. It usually means you’re entering the wrong password, you misspelled the password, or something on the router side is corrupt. Case closed.

With that said, there’s also the slim possibility that someone hacked your router. The attacker may have figured out the credentials, logged in, and changed the password to lock you out. After that, the attacker has free reign to change additional settings and make your life miserable.

But why did the attacker target you? Perhaps you clicked on a clever email or message link, and now the hacker has full control of your home network. Hackers also probe the internet for vulnerable routers they can use to create botnets, steal your bank login info, and so on.

Welcome to the modern-day World Wide Web.

So, whether you’re hacked or just having password issues, the only remedy is to reset your router to its factory defaults.

Immediate action: Follow our instructions on how to reset your router.

Sign #2—All internet browsers lead to the same site

Browser hijacking is a sure sign that you have a hacked router or gateway.

In this case, a hacker logged in to your router and changed its Domain Name System (DNS) settings—the system that matches numeric IP addresses with the alphanumeric ones we see and easily remember, like google.com.

By doing so, the hacker can redirect all your internet traffic to a malicious DNS server. This server will lock you to specific websites that can steal your information and install malicious software on every internet-connected device you own.

Immediate action: Log in to your router and change the DNS settings and password. If you can’t log in, reset your router. You should also scan every device with antivirus software to make sure there’s nothing on your devices that’s hijacking your browser.

Sign #3—There’s strange software on more than one device

If you see new, unfamiliar software on more than one device—especially if you didn’t download it intentionally—there’s a good chance someone hacked your router and remotely installed malware onto your devices.

Strange, uninvited software includes browser toolbars, fake antivirus clients, and other programs that will generate random popups on your screen or within a browser.

If you have multiple computers, this uninvited software may be on all of them. Malware can replicate on a single device and spread across wired and wireless connections, similar to how a virus spreads from person to person.

Immediate action: Log in to your router and change the password. If you can’t log in, reset your router. Afterward, make sure your router has the latest firmware. Be sure to uninstall the strange software from your device(s) and run an antivirus client.

Sign #4—You receive a ransomware message

Ransomware messages can be a sign that you have a hacked router. These attackers can seize control of the router and demand money in return for its release. The message may appear in the form of an email, instant message, text, or a popup generated by uninvited software installed on your device.

But also remain skeptical. Ransomware messages don’t always mean you’ve been hacked. Some are designed to instill fear and convince you of a hack that never happened. But if you see popup threats on your screen or your mouse suddenly opens your bank account, then yes, you’re under attack.

Immediate action: Don’t pay a dime, and follow my instructions on how to reset your router. Be sure to create a unique password that hackers can’t guess.

Sign #5—You see unrecognized devices on your network

You can use the router’s web interface or mobile app to see a list of devices connected to your home or office network. For example, the Linksys Smart Wi-Fi interface provides a network map—just click on a device to see its assigned address.

When you look at the map, all local devices have a derivative of the router’s private IP address. If your router’s address is 192.168.1.1, for example, then all device addresses should start with the first three numbers (192.168.1).

However, a device remotely accessing your router won’t have an address that matches the first three numbers of your router’s private address.

Immediate action: Kick the unknown device(s) off your network and change the password. Disable remote access if you never use it.

Sign #6—You can’t control your device

If you sit in front of your computer and watch an uninvited, unseen guest move the mouse and access your banking information, you definitely have a hacked router.

In this scenario, the hacker has remote access to your device and can open any file or online account using the passwords you store in the operating system or browser.

Immediate action: Unplug your devices and disconnect your router from your modem. After that, follow my instructions on how to reset your router. Change your passwords, too.

Sign #7—Your internet speeds are slower than snails

Slow internet speeds aren’t uncommon. There may be issues with your provider, too many devices downloading at one time, and so on. But if you experience extremely slow speeds along with other symptoms on this list, chances are you have a hacked router.

Your speeds could be slow because the hacker seized your full bandwidth for the following:

• Botnet activity
• Distributing malware to other networks
• Remote connections to your devices
• Cryptojacking
• General internet piggybacking

Immediate action: First, use our tips on how to speed up your internet to see if the problem is just a connection issue. If you think that someone hacked your router, try to change the password. If you can’t, follow my instructions on how to reset your router.

How to fix a hacked router or gateway

You can easily and quickly fix a hacked router. There’s no need to throw it out the window and purchase a new one.

Step 1: Disconnect the router or gateway

If you have a standalone router, disconnect the Ethernet cord to avoid communicating with the modem. If you have a gateway, disconnect the internet connection instead.

In both cases, disconnect all other wired and wireless devices.

Step 2: Power cycle your router or wireless gateway

In some router hacking cases, a simple power cycle (reboot) works as a quick fix. This method clears the memory of any malicious code and refreshes your public IP address. Just pull the plug, wait 30 seconds, and then plug the cord back into the outlet.

In other cases, you may need to reset your router to its factory settings. A power cycle cannot remove severe infections like VPNFilter.

Step 3: Change the password

Once you power cycle the router, log in and change the password. You can use one of the best password managers to create one and retrieve it from your account when needed.

Actually, I suggest you create a passphrase instead of a password. It’s a long string of unrelated words filled with symbols and numbers. Make it something you can remember but isn’t easily guessed.

Do the same with your Wi-Fi network, too.

Immediate action: Read my guide on how to change your Wi-Fi network name and password.

Step 4: Update the firmware

Set your router to update its firmware automatically if it’s not already. And if your router doesn’t give you the option to update automatically, set yourself a reminder to check every month or so.

But carry out either method with caution, as faulty firmware can render your router useless. Check the manufacturer’s notes to make sure the latest firmware is stable. You shouldn’t have any issues with new firmware, but it doesn’t hurt to be cautious and proactive. Routers aren’t cheap.

Immediate action: Read my guide on how to update the firmware on routers from several popular brands.

Step 5: Reset your router

if an infection persists or you can’t log in, then a router reset is your only solution (outside buying a new one). A reset restores the factory default settings, clearing out any possible malware. You’re essentially rebuilding your home network and creating new passwords for the router login and Wi-Fi.

For more information, consult my guide on how to reset a router from ASUS, Linksys, NETGEAR, and more.

How to prevent a router hack

Use the following suggestion to safeguard your devices and sensitive data against hackers.

Stay on top of firmware updates

Your router is a miniature computer with a processor, system memory, and storage that houses the operating system (firmware). Unfortunately, firmware is never bulletproof, as there can be bugs in the code and security holes. Attackers will utilize these unpatched flaws and access your router with ease.

Manufacturers distribute firmware updates regularly to squash these bugs and patch vulnerabilities. Generally, we suggest you enable automatic firmware updates if the feature isn’t toggled on already and you never manually install new firmware. Log in to your router and toggle on automatic updates if they are not already.

However, be aware that things can happen. Bad firmware uploaded to a manufacturer’s distribution server can brick your router. Malware-infected firmware distributed to a router can lock you out. Auto-updates are convenient, but there’s a rare chance the update can go awry and leave you with a $300 paperweight. For this reason, some manufacturers don’t support auto-updates.

Read my guide on how to update the firmware on routers from several popular brands.

Use a secure password

Every router I’ve tested forces you to create an administration password during setup. There’s usually no “default” password that hackers can pass around. Some routers even require you to create two security questions for accessing the router when the admin password doesn’t work (corrupt, forgotten, etc.). The password normally requires a mix of upper- and lower-case letters, numbers, and symbols.

Likewise, every router I’ve tested ships with a unique passphrase for Wi-Fi printed on a label. You’re prompted to change it as you move further into the setup, but it’s not mandatory like the administration one.

Some routers require a cloud account prior to starting the setup process, like mesh networking systems. That means you must create a username and password to use the service and router.

Overall, never use an easily guessed password with your router or Wi-Fi network—even if it’s full of upper- and lower-case letters, numbers, and symbols. These include names of pets, children, other family members, and anything that links to your interests. Believe it or not, the two most used passwords are still password and 123456. Like, really?

So, what’s the big deal? Why can’t we use easily remembered passwords? Because a hacker can use free online tools to carry out a brute-force attack—a trial-and-error method that continuously enters every possible password until one works. Hackers can also use a library attack, which uses words pulled from a dictionary. These attacks can quickly crack an easy eight-character alphanumeric password.

The bottom line here is use a passphrase instead of a password. It’s a string of unrelated words with symbols and numbers that’s harder to crack than any password you create.

Schedule routine reboots

A monthly reboot is good for the router, as it can clear the system memory and refresh all connections.

Additionally, your internet provider assigns a public IP address to your router. It usually refreshes every 14 days anyway (unless you pay for a permanent “static” address), but a reboot gives you an extra refresh if hackers obtained one of your previous addresses.

Disable remote access

Remote access is a feature for changing the router’s settings when you’re off the network, like from a hotel room. Most routers now have two methods, but the one you should be concerned about lies within the web interface. It’s an easy entry point for attackers, especially if you use a weak password.

Based on the routers I’ve tested, this feature is disabled by default in favor of cloud-based access through mobile apps. Still, you should check to see if it’s disabled, and if not, turn it off immediately. Only use this version of remote access if the app doesn’t have the settings you need to change off-network—and only do so sparingly.

Be sure to use strong passwords or passphrases when you set up a cloud account (if you choose not to use the complex ones supplied by Android and Apple devices). Also, enable biometrics so you’re not manually entering login credentials out in public.

Disable WPS

Wi-Fi Protected Setup (WPS) has good intentions. It allows users to connect their devices to a wireless network without a password. Simply press the WPS button on the router, or enter an eight-digit PIN provided by the router.

But the convenience has a major drawback. Hackers can use a brute-force attack to figure out the PIN in 4 to 10 hours—they don’t need access to the physical button. You can easily disable WPS through the router’s backend and instead use our guide on how to share your Wi-Fi network’s password to any device.

If you have a Linksys router, for example, you can disable WPS by doing the following:

Step 1: Select Wi-Fi Settings displayed under Router Settings.

Step 2: Click on the Wi-Fi Protected Setup tab.

Step 3: Click the toggle so that it reads OFF.

Step 4: Click on the Apply button. You must click this button so that WPS and its related PIN are completely disabled—clicking on the toggle without applying the change isn’t enough.

Change the network name

The Service Set Identifier (SSID) is your wireless network’s name. All routers broadcast the manufacturer’s name by default, like Linksys_330324GHz or NETGEAR_Wi-Fi. Anyone within range can see this name, know who built your router, and search the internet for the default login credentials if they’re available.

However, the router prompts you to rename the wireless network during the setup process for that very reason. If you ignored the router’s request, now is a good time to return to the settings and change the network name. Use whatever you want, just don’t advertise anything that can help attackers infiltrate your home network.

If you have band steering turned on, you’ll only need to change one SSID. If band steering is turned off, you’ll have at least two Wi-Fi connections to rename. I normally add a “2” or “5” suffix to distinguish between the different bands, like “clearlink2” and “clearlink5” as seen in my router reviews. At home, I use different NSFW names to annoy my neighbors.

Finally, network names can be up to 32 characters long.

How to protect your devices from hacks

There’s more to protecting your network against hackers than securing your router. You need safeguards in place to protect your devices and personal data, too, should an attacker take control of your router.

Computers and mobile devices

Lock your device with biometrics or a passcode

Use facial recognition and fingerprint scanning to lock your devices and accounts in addition to using the main login password. Passcodes and patterns are better than passwords, too, but you run the risk of someone guessing them correctly by viewing the smudges on your screen.

Keep all software current

Device manufacturers like Apple and Lenovo release system updates to squash bugs in the code, optimize performance, and fill security holes. Software developers do the same, so be sure every platform, desktop software, and app you use is current.

Never install questionable software

If the desktop software or app—or even the website that hosts it—looks shady, then don’t install it. Always get your apps and software from verified sources versus back-alley repositories lurking in the dark corners of the internet.

Never connect to an unsecured public network

An unsecured public network means the Wi-Fi connection doesn’t use any security. The data you send and receive from an unsecure Wi-Fi access point isn’t protected from eavesdropping hackers eager to steal your info.

Use a VPN service

Many modern routers now support OpenVPN, a free VPN service you can use to hide your online activity. All you need is to enable the server on your router and install the client software on your devices. We also provide a list of the best VPN services if your router doesn’t include a VPN server.

Turn off Bluetooth

Bluetooth is another form of wireless communication. Device manufacturers like Apple say to keep it turned on “for the best experience” but the Federal Communications Commission suggests you turn it off when not in use, as hackers can access your device by spoofing other Bluetooth devices you use. If you must enable Bluetooth, use it in “hidden” mode.

Use Two-Factor Authentication

Always, always enable two-factor authentication on every account you use. It’s a pain, we know, but that added layer of security keeps hackers at bay should they somehow get your login credentials. For example, Microsoft Authenticator requires you to verify a login request in the mobile app before you can log in to your Microsoft Account on any device, including the Xbox consoles.

Never click or tap on strange links

Malware you unintentionally download to your computer or mobile device could lead the way to a hacked router. Here are several ways you can get unwanted malware:

• Click on a link in a phishing email or chat message
• Connect an infected flash drive
• Access a malicious website
• View infected ads

Computers only

Keep your antivirus current

Apple macOS doesn’t include built-in antivirus because hackers rarely ever target the platform. Microsoft Windows is a different story, however, and includes antivirus protection for free. Be sure to keep it and any third-party antivirus software you have installed on Mac or Windows up-to-date, so you stay protected against the latest threats.

Never ever disable your firewall

All computing devices have a firewall that monitors your network traffic flow but you can disable it on Mac and Windows. This is a bad idea, as you remove all restrictions and open the door for hackers to slip in and infiltrate your device. I provide instructions on how to re-enable your firewall on Windows and Mac if, for some reason, it’s disabled.

Related topics

• 8 Terrifying Security Flaws in Your Wi-Fi—And How to Fix Them
• How Can I Tell If My Internet Is Being Throttled by My ISP?
• How to Know If Someone Is Stealing Your Wi-Fi

From one parent to another: Don’t leave your kids unchecked online. The internet can be far more unsafe than the neighborhood they play in. Inappropriate content. Malicious software. Unsavory strangers. All of it makes me want to trash their devices and kick ’em outdoors (go get some sun, dangit).

The good news is that Microsoft Family Safety has your back if you own Windows, Xbox, and Android devices. This free service packs a slew of parental tools for keeping your kids’ content consumption and activities in check. Find out how to set up Microsoft’s parental controls and put restrictions in place.

You need the following two things to get started:

• A free Microsoft Account for the parent
• A free Microsoft Account for the child

You also need a browser or Microsoft’s app to manage and use the parental controls.

What platforms support Microsoft Family Safety?

You can use Microsoft Family Safety to manage the following platforms:

• Windows
• Xbox (which is really Windows with a controller-friendly interface)

You can also use Microsoft Family Safety to view activities on the following platforms:

• Android phones
• iPhone
• iPad

What can you do with Microsoft Family Safety?

Here’s what you can do with Microsoft Family Safety at no extra cost to you:

• Set device screen time limits on Windows and Xbox
• Set Microsoft app and game screen time limits on Windows, Xbox, and Android
• Filter out inappropriate apps and games
• Filter out inappropriate websites and content search in Microsoft Edge (blocks all other browsers)
• Allow/deny screen time requests (Windows, Xbox)
• Allow/deny content filter requests (Windows, Xbox, Android)
• Manage spending through a Microsoft Account

If you have a Microsoft 365 subscription, the following features are also available to you:

• See location alerts (iPhone, Android phones)
• View a teen’s driving habits (iPhone, Android phones)
• View a teen’s driving history (iPhone, Android phones)

Now, let’s get started!

Create the parent’s Microsoft Account

You need a Microsoft Account to use Windows and Xbox anyway, so skip this section if you already use these platforms and see how to create a family group.

If you’re new to the Microsoft family, you must have a Microsoft Account to activate and use Windows and Xbox.

The following instructions apply to everyone who will be managing the family group once it’s created. These are also web browser directions.

Step 1: Go to account.microsoft.com.

Step 2: Select the Sign in button in the top right corner.

Step 3: Select the Create one link on the following screen (shown above).

Step 4: Enter a valid email address, and then select Next (or create a new [email protected] address).

Step 5: Set your password and then select Next.

Step 6: Retrieve the security code sent to you, enter it into the required field on your screen, and then select Next.

Step 7: Solve the CAPTCHA to prove you’re not a robot, and then select Next.

Create a family group

Now that you have a Microsoft Account, it’s time to create the family group and add your child.

Step 1: Sign in to the Family Safety dashboard.

Step 2: Select the plus icon next to Add a family member in the top right corner (shown above).

Step 3: Select Organizer and then select Next.

Step 4: Enter your email address and then select Next.

Step 5: Solve the CAPTCHA and then select Invite.

Step 6: Open the Microsoft Family Safety email sent to you and select Join Now.

Add a child to the family

With the family group organizer set, you can now add a family member. For this set of instructions, let’s assume you need a new email address for your child.

Step 1: With the Family Safety dashboard open, select the Add a family member tile.

Step 2: Select Get a new email address on the following screen.

Step 3: Enter a username and select @outlook.com or @hotmail.com and then select Next.

Step 4: Create a password for the new account and then select Next.

Step 5: Enter the first and last name of your child and then select Next.

Step 6: Select the country/region and the child’s birthdate, and then select Next.

Step 7: Solve the puzzle and then select Next.

Step 8: Give consent for your child’s new Microsoft Account by entering your signature and selecting Yes, I agree.

Step 9: Give your child permission to use non-Microsoft apps with the account you created, and then select Continue.

Step 10: Set the age limits on apps and games, enable/disable activity reporting, enable/disable web and search filters, and enable/disable Ask to buy.

Step 11: To finish, select the Family Safety button.

Manage your child: Part 1

So, you have an organizer managing the family group, and your first child has been added. Everyone in the family group is displayed in tiles under Your family. As seen in the previous section, you already set restrictions. Now, you can go in and tweak the settings.

When you click on a child’s tile, you’re presented with two options and four tabs. First, I’ll cover the two options from left to right. I cover the tabs in the next section.

Spending

This section speaks for itself: Your child’s spending through Microsoft. At the top is a toggle for getting notifications about spending—I suggest you turn that on.

Here’s a brief rundown of what to expect on this screen:

Microsoft account balance: You can see what’s available and add money as needed.

Credit cards: Add a card for the child to use. Be sure to toggle on Require approval for every purchase to prevent an unwanted spending spree (it will happen).

Spending activity: This is a summary of all spending activity in the family group, not just the child’s activity.

Account settings

Although you already set the restrictions when you added the child, here is where you can modify them as they get older. Trust me: Your 14-year-old will complain if they’re still locked to Y7 content. (Stop all that growin’, dangit.)

Age Rating: Select an age from 3 to 20, or choose Any Age.

Web safety (on or off): Unsafe browsers and mature content are blocked. Safe search is enabled in Bing.

Ask to buy (on or off): Turn this on to prevent unwanted spending sprees.

Weekly email (on or off): Get a weekly report about the child’s activity for the week.

Child’s activity: Get a report about the child’s current activities. Select the Send Email link to get the report.

Now, let’s talk about the tabs.

Manage your child: Part 2

With Settings and Spending out of the way, click on a link below to see what each tab offers:

• Windows
• Xbox
• Edge
• Mobile

Windows and Xbox

The Windows and Xbox tabs have identical parental controls, so let’s take a look.

Screen time

Here, you’ll see a chart showing your child’s screen time on Windows 10 and Windows 11 (or Xbox).

At the bottom of the page, you’ll also see an Activity reporting toggle under Windows Settings (or Xbox Settings). Switch it on if you want to see your child’s app and game-related activities on every Windows device (or Xbox) they use.

Devices: Setting the time limits

At the top of this section is Lock Devices. Select it to lock and unlock each Windows-based device your child uses.

Below the Lock Devices setting is a chart that shows the daily time limits set for each Windows device (or Xbox) your child uses, as shown above. This is where you can set different or identical time limits throughout the week. For example, you may want to limit time during the week and give more time for the weekend. Here’s how:

Step 1: Select any day on the chart to edit the time limit.

Step 2: In the first field on the pop-up window, select up to six days you wish to enforce time limits or select Every Day.

Step 3: Move the slider to select up to 23 hours or choose No limit.

Step 4: Set the time when your child can use Windows. Select Add a schedule if you want to allow multiple time allowances during the day. A good example would be allowing screen time after school and later in the evening.

Step 5: Select Done.

Apps and Games: Setting the limits

At the top of this tab, you’ll find the App and Game limits toggle—turn it on. You’ll see a list of Microsoft apps and games installed on your child’s Windows device (or Xbox). Select one to see the user stats, block it, or set a time limit (similar to the instructions above).

To block third-party apps and games, refer to my instructions further down the page about managing consent.

Microsoft Edge

At the top of this tab you’ll see your child’s recent search queries and website activity. Everything you need to control what your child does through Microsoft’s browser is located under Filter Settings:

• Filter inappropriate websites and searches (on or off)
• Only use allowed websites (on or off)
• Add a blocked website
• Add an allowed website
• Activity reporting (on or off)

Mobile

iPhone/iPad and Android are managed by Apple and Google, respectively, so there’s very little you can do using Microsoft Family Safety on these devices. However, you can install the Microsoft Family Safety app (App Store, Google Play) and sign in with your child’s account on Apple devices and Android phones to see some activities.

Block third-party apps and games—the hidden setting

Once upon a time, you could just block apps and games no matter where they originated, but now it seems Microsoft has chosen to let you block individual Microsoft apps and games in your child’s family group profile.Third-party app and game permission settings are buried elsewhere. Here’s how to block third-party software:

Step 1: On the Your Family page, select the three-dot button next to your child’s name on their tile.

Step 2: Select Manage Consent on the drop-down menu (shown above).

Step 3: Select Manage this child’s access to third-party apps.

Step 4: To block third-party apps and games, select Disable Access. Return here and select Enable Access to allow your child to use third-party apps and games later.

Block unwanted installs on Windows

Just in case, make sure your child’s account listed in Windows is set to Child or Member. This setting prevents your child from making changes to Windows, rebooting into Safe Mode, and more.

The following instructions are based on Windows 11, so they may be slightly different from Windows 10.

Step 1: On the child’s PC, select the Start button, followed by the Settings icon on the Start Menu.

Step 2: Select Accounts.

Step 3: Scroll down and select Family.

Step 4: Select the child followed by Change Account Type.

Step 5: Set the account type as Child or Member if it’s not already.

Bottom line: Microsoft Family Safety is but one solution

Look, I’ve been using Microsoft Family Safety to keep my youngins in check for years, but it’s only one piece of my parental control arsenal. My family uses different platforms and different devices, so I need various tools to make sure my kids remain safe from inappropriate content and applications.

However, your approach should start at the router. I’ve tested and reviewed quite a few and compiled the ones with the best parental controls in a list (see below). I go with the free parental controls because I’m cheap, but you may find premium controls are worth the cost. Honestly, you don’t need content filtering at the router level—you really only need the ability to block devices and maybe create profile-based schedules. But if you can get some extra tools for free, the more the merrier, right?

Here are a few guides to get you started:

• Best Routers with Parental Controls
• How To Set Up Parental Controls on Your Router

The second arm in your parental approach should be the operating system, and that’s where Microsoft Family Safety comes in. I’m still working on other guides for Google, Amazon, Nintendo, and PlayStation, but if you own Apple devices, here’s my guide to using parental controls across its three device types:

• How to Use Apple’s Parental Controls on iPhone, iPad, and Mac

Related content

• Best Free Parental Control Software
• Internet Parental Control Apps for Keeping Your Kids Safe
• Gryphon AX Review: Our Testing and Comparison
• This Hack Stops Your Kids from Sucking Up Your Internet Bandwidth

The U.S. experienced over 3,000 data breaches in 2023, the largest of which affected over 30 million individuals. Cybercriminals found their way into some of the most secure institutions in the country, including banks and the nation’s largest internet service providers (ISPs). With our most sensitive information now living on the web, it’s on you to secure your personal data and devices. And this is no longer as simple as installing an antivirus and calling it a day. That doesn’t mean keeping your online activity secure needs to be expensive or time consuming, but you do need to cover all your bases.

There are three main areas to focus on when evaluating your internet security:

• Online accounts
• Devices and home network
• Online activity

Securing your accounts and hardware is fairly straightforward. Once you set up a decent defense, it runs itself with little maintenance—we’ll show you how to do this. But your online activity is a different story. It’s the only part of your online security you can’t automate and it’s the area most commonly exploited by cyber criminals. We’ll show how to develop good online practices to keep your data safe from bad actors.

Top 5 ways to improve your internet security

We go over, in detail, how to set up a robust defense against cyber criminals for all your online accounts, your devices, and your home network. But here’s a quick breakdown of the most crucial elements for your online security:

1. Use strong passwords

Your passwords are literally the key to your most sensitive data, and poor security practices like using personal details in your passwords and using the same password for multiple accounts introduce unnecessary risk. The fastest, easiest, and most effective way to secure your online accounts is by using a password management tool.

2. Use multi-factored authentication (two-step verification)

Multi-factored authentication requires an additional login credential before providing access to your account, usually in the form of a code sent to your phone or email. With two-step verification, cybercriminals can’t access your accounts even if they get your passwords, unless they also get access to your second verification method. Multi-factored authentication isn’t available for every account, but you should enable it for every account that offers it.

3. Enable automatic updates for all your devices and internet equipment

Automatic updates allow you to keep up with the nearly constant stream of security updates that keep your devices secure. Updates patch up new security threats as they are found, so it’s crucial to take advantage of these new securities as soon as possible, without any extra effort on your part.

4. Don’t allow downloads from untrusted sources

Initiating a download is as simple as clicking on a link on a website or in an email. When you download anything from the internet you’re letting code through your security firewall. Make sure you only download from reputable sites.

5. Be on the lookout for phishing emails, texts, and phone calls

Phishing scams pretend to be reputable or familiar contacts to get you to let your guard down. On the surface, these communications can look very legitimate, so avoiding them takes more than going with your gut. A few solid security practices, such as checking the sender’s actual email address, go a long way in keeping your network and data secure.

A little loose data can cause a lot of damage

Before we get into the nitty-gritty of setting up your cyber defenses, it’s important to acknowledge that all of your data and devices are worth protecting. Cybercriminals don’t need something really juicy, like your banking password or social security number to exploit you; you might be surprised at just how far someone can get with seemingly insignificant data.

As an experiment, I took a quick look at the account page of one of my video streaming accounts, just to see what someone could access if they obtained my login credentials for this account.

Right off the bat, the streaming profiles identify every member of my household, so they can see the names or nicknames of everyone I live with. Do you use any of those nicknames in your passwords?

One click away, the account page gives up a wealth of very scammable data: my subscription details, email, gender, birth date, payment history, and even my payment method. They wouldn’t have the payment account number, but they’d have the email attached to it. While this isn’t enough data to directly access anything else, it’s more than enough for a pro to work with. Not convinced? Let’s walk through how vulnerable each one of these mundane data points makes you.

Your name: Knowing your name gives scammer communications another level of authenticity which helps convince you a phony email, phone call, or text message is coming from a legitimate source.

Your family member’s names: A lot of scammers and cyber criminals impersonate family members to get you to act quickly before you have a chance to realize you’re being scammed. It might be something dramatic, such as a family member in trouble who needs quick cash, or something mundane, like a message from a family member saying they forgot a password.

Birthdays: This is perfect password-cracking fuel. With details like names and birthdays, a password-cracking program can make quick work of your security measures if you use any of these details in your passwords.

Subscription details and payment history: Knowing what subscriptions, plans, or products you have and how much you pay for them helps scammers make more convincing phishing emails. These emails might say your payment failed, or offer a free upgrade, among countless other scammer tricks.  A savvy scammer might even add that you’ll lose your lower rate or get a late fee if you don’t act quickly. Clicking a link in one of these phony emails could be all it takes to infect your device and subsequently your entire network.

Payment account method and email: Any details attached to a financial account are like hacker gold. Even if they don’t have the password to your payment account, many accounts use the email as the username—so the criminal already has half the keys to your finances. Pair this with the password-cracking tool and the info above, and it’s a homerun for the thief. A hacker could also just sell this information to the highest bidder on the dark web.

Bad actors will take any advantage they can get in their efforts to exploit you. This is why it’s important secure everyone of your online accounts, and not just the obviously sensitive ones like your online banking and email.

Luckily, most devices and online accounts come with security tools you can use to protect yourself. We’ll show you how to set those up. But first, let’s go over how most cybercrimes happen.

The most vulnerable part of your network

When you think of cyber criminals, you might imagine a hooded assailant fervently tapping away at lines of computer code, but most cyber crimes take a simpler approach. According to the FBI’s latest Internet Crime Report, social engineering attacks are, by far, the most common, accounting for three of the FBI’s top-five cybercrime complaints. Social engineering hacks you, not your computer, conning you into giving up your sensitive info, providing access to your network, or even directly sending money.

FBI’s top 5 cybercrimes of 2023

One social engineering hack in particular, phishing, accounted for more reported cybercrime complaints than any other. Phishing is when a cybercriminal tricks you into providing sensitive information (like login credentials) with a phony email, text, or phone call. These fraudulent communications insist on urgent action with severe consequences if you don’t act immediately. The goal here is to get you to click and type faster than you think because, if you study these cyber traps for just a minute or two, you usually can tell something’s up.

Learn how to protect yourself against phishing.

Types of hacks

While phishing attacks are the most common, here are some other ways hackers exploit weaknesses in your cybersecurity.

Viruses

Viruses are self-executing programs that infect your devices and spread to other devices. Once a virus gets access, it may steal or destroy data, impair crucial systems, or even render your device inoperable.

Tojans

Trojans are disguised malware that sneaks through your security by appearing to be legitimate programs or data.

Adware

Adware is covert marketing software that burrows into your system and bombards you with ads. Some adware even tracks your online activity to display personalized ads.

Bots and botnets

Bot viruses steal and redirect your computer’s processing power and networking capabilities toward a hacker’s agenda. Hackers use botnets to assemble entire armies of user’s computers without their knowledge to carry out cyber attacks.

Spyware

Spyware accesses your device’s activity and reports data back to the hacker. One of the most common instances of spyware is keyloggers, which capture user input and relay everything you type and click to bad actors. Spyware may also capture your communications or view your computer screen.

Password cracking

Hackers use password-cracking programs to essentially guess millions of passwords in seconds. If your passwords use common word and number combinations, password crackers can be an effective way for hackers to access your online accounts.

Malware

Malware is a catch-all term used to describe any malicious software. Every hack in this list is a form of malware.

Zero-day attacks

Cybercriminals are constantly discovering and exploiting new vulnerabilities; these discoveries are called zero-day attacks, and despite the rigorous efforts of cybersecurity professionals, it’s always a threat. Like a brand new biological virus to which there’s no existing immunity, zero-day attacks have a field day with our security measures. Cybersecurity experts then patch up these vulnerabilities, and all is well, until the next hits.

Protecting your online accounts and data

Usually, cybercriminals are after your accounts and data. A hacker may want to access your financial accounts to steal money or your shopping accounts to make fraudulent purchases. Sometimes the data itself is the prize, as the hacker sells your critical info to the highest bidder.

Your data doesn’t live in your home or on your devices; it’s in the cloud. This means that security measures on the home network level, like anti-virus software and high-tech routers, won’t necessarily help protect your data. Your best defense here is a robust set of login security measures and a watchful eye for social engineering attacks. Let’s go over how to protect your accounts and data in more detail.

Use strong passwords

Tough passwords are your main defense against unauthorized access to your accounts. While it’s easier to remember passwords with familiar terms and numbers, such as a pet name and birthday, these are the easiest passwords for hackers to crack. The tools used by hackers can guess millions of passwords in seconds, but that’s usually not good enough to crack even slightly complicated passwords.

The real danger comes when a hacker combines these tools with your personal information, like the password-crippling personal details we’ve mentioned above. Once the password-cracking program has some terms to latch onto, it’s much more effective at guessing the right password.

How to create strong passwords

The short answer here is that you should create and manage your passwords with a password manager app, as this single step provides you with an endless supply of highly secure passwords for all your online accounts with effortless recall. With that said, let’s get into what makes up a really tough password.

The strongest passwords are long, randomly generated, and complex containing letters (upper and lower case), numbers, and symbols. For length, a 2010 cyber security study by the Georgia Technical Research Institute found that 12 characters is the magic number to obtain a reasonable level of security.

The use of numbers, lower case, and upper case letters, as well as symbols in your passwords increases complexity, driving up the number of possible combinations to such a high number that it makes it very unlikely that a password-cracking program would land on the right guess.  And be sure to leave out personal details, such as birthdays, address details, area codes, and zip codes.

See the table below to learn how skimping out on any of these requirements dramatically reduces the security of your passwords.

Why you should use a password manager

Creating and remembering a 12-character-long password with a completely random assortment of numbers, letters, and symbols is a tall order, especially when you factor in a different password for each of your online accounts. This is where password manager apps come in. These programs automatically generate a unique and extremely robust password for each account—this is one of the single most powerful tools at your disposal for securing your data. Let’s review the benefits in greater detail.

Randomly generated passwords vs user-created passwords

A password you create using familiar terms or anything easy to remember will never be as secure as one created by a password manager. By throwing out grammatical rules, and recognizable words, and introducing long lengths, randomly generated passwords establish a level of complexity making it next to impossible for a hacker to come up with the right guess. These passwords aren’t vulnerable to common dictionary attacks because they don’t contain any words, and they’re too long for brute-force hacking attacks to have any reasonable odds of success.

Use a different password for every account

Using the same password for every account places only one point of failure between you and complete data intrusion. Even an extremely complex password is a potential security risk if reused for multiple accounts. With a password manager, you can generate a unique hyper-secure password for every account with little effort.

Effortless recall

The reason people use weak passwords is because they are easy to remember. Password managers remove this risky motivation entirely by storing and recalling your passwords whenever you need them.

Password manager apps compared

Enable multi-factor authentication (a.k.a. two-step verification)

Multi-factor authentication takes your security to the next level by requiring both your password and an additional credential, often a temporary code sent via text or email. This extra step goes a long way to increasing your security, as a cybercriminal won’t be able to log in to your accounts without access to your second verification method, even if they have your password.

You should enable multi-factor authentication on every account that offers it. This may be an extra step when accessing your accounts, but you get a lot of added protection in return.

Don’t fall for phishing emails, texts, or phone calls

As we explored earlier, phishing attacks are by far the most common method used by cybercriminals to access your data. Be very skeptical of urgent emails asking you to do anything out of the ordinary. Big services like Amazon or Walmart will never outright ask you for your login credentials or sensitive information. They have more secure ways of confirming your identity.

You can often detect a phishing email by looking at the sender’s email address. Make sure to view the actual email address and not the contact name which can be very easily spoofed. Look for numbers, misspelled words, and odd phrasings, like Amazonsupport2334@[public domain].com.

Securing your home network and devices

Protecting your accounts and data is paramount to your online security, but home Wi-Fi hacking does happen. Luckily, securing your home network is much easier. After initial setup, most of the following security measures manage themselves.

Use WPA3 or WPA2/WPA3 Wi-Fi security settings in your router

Wi-Fi Protected Access (WPA) are the security standards that protect access to your router and Wi-Fi traffic. WPA-3 is the newest and most secure version of WPA, with several substantial improvements over WPA-2. But to use WPA-3, you need both a WPA-3 capable router and devices that support WPA-3. So, if you’re running older devices, it’s possible they aren’t compatible with WPA-3. After July 2020, all Wi-Fi-certified devices are required to have WPA-3 compatibility, but Wi-Fi certification is an optional standard, so there’s a chance even a brand-new device doesn’t support WPA-3.

To get around WPA-3 incompatibilities, many routers use a WPA-2/WPA-3 split mode that will default to WPA-3 for compatible devices but still use WPA-2 on devices without WPA-3 support. You should enable the WPA2/WPA3 mode on your router if possible. If your router only has WPA-2, this setting is still far superior to WEP. See our router login guide to learn how to log into your router and access its settings.

Disable WPS in your router settings

WPS allows devices to connect to your Wi-Fi network without using a password. Instead, WPS uses either a PIN or a touch button. Pin WPS is far less secure as it’s susceptible to brute force hacking attacks that can guess every possible pin combination to gain access. WPS that uses a button on the router is more secure as it can only be initiated with physical access to the router, but hackers can find ways around this. At the minimum, a WPS-enabled router means you need to trust everyone with potential access to your router.

While WPS isn’t necessary for connecting devices with screens and keyboards, like phones and laptops, it’s very handy for connecting smart devices without displays or cumbersome data entry methods. One workaround is to enable WPS to connect smart devices and disable it once you’ve connected the device to your network.

Use a guest Wi-Fi network

Guest Wi-Fi networks provide a separate network you can share with visitors. This keeps all your devices protected on your main network. It’s a good practice, even if you trust your guest. It’s also a no-brainer if you ever need to share Wi-Fi with people you don’t know well. You can’t predict everything, but with a guest Wi-Fi network, you don’t have to.

Put IoT devices on a separate network

Internet of Things (IoT) devices are notoriously insecure, so it’s a good idea to keep these devices on a network separate from your computers, phones, and other main devices with access to your sensitive data. Some routers allow you to create separate virtual networks (VLANs) specifically for this purpose. By setting up a separate Wi-Fi network for your IoT devices, your computers, tablets, and phones will still be protected even if someone is able to break through the weaker security of an IoT device.

Keep all your devices updated

Cybersecurity is a constant battle between security experts and hackers. Hackers find vulnerabilities to exploit and security experts quickly move in to close the gaps with software and firmware updates. This makes it extremely important to install the newest security updates onto your devices. This is usually as simple as enabling automatic updates on every one of your devices. We know the constant updates and restarts get tedious, but it’s one of your best defenses against the latest cybersecurity threats.

How to enable automatic updates on all your devices

Access Windows update settings:

Automatic security updates are not an option on Windows 10 and Windows 11, so your Windows PC should be set. You can pause updates for seven days and configure when your computer restarts to finish an update. You may also check that you have the latest updates.

Step 1: Click the Start button and select Settings.

Step 2: Select Windows Update.

From here, you can view if your computer has the latest updates, check for new updates, and pause updates.

At the top of the update window, you’ll see a message indicating your device is up-to-date, or it needs to install updates. Click Check for updates if you want to be 100% positive you have the latest updates. This is where you can check that updates are paused or initiate an update pause if needed, though we don’t recommend it.

Access update settings on Mac:

Step 1: Click the Apple menu button in the top left corner and select System Settings in the drop-down menu

Step 2: Click General from the settings sidebar in the pop-up window.

Step 3: Select Software Update.

Step 4: At the top, click the “i” info icon next to Automatic updates.

Step 5: Toggle on Install Security Responses and system files.

Access Android (Samsung) update settings:

Samsung Android phones have automatic updates turned on by default, so you probably don’t have to do anything. Here’s how to make sure automatic updates are enabled:

Step 1: Open the Settings app.

Step 2: Select Security and privacy.

Step 3: Select Other security settings and the Hexagonal gear icon.

Step 5: Toggle on Install Galaxy System Update. Note: This setting is on by default, so make sure you don’t toggle it off if it was already on.

Access iPhone iOS update settings:

Step 1: Open the Settings app.

Step 2: Select General.

Step 3: Select Software Update.

Step 4:  Make sure automatic updates are set to On.

Activate your computer’s firewall

Your computer’s firewall is its main defense against external cybersecurity threats. Both Windows and Apple computers have a robust firewall built in, but you need to keep these features activated to stay protected. Here’s how to make sure your firewall is enabled:

Activate firewall on Windows 10:

Step 1: Select Settings from the Start menu.

Step 2: Select Update & Security. Then, from the left-hand menu, choose Windows Security.

Step 3: Under Protection areas, select Firewall & network protection.

Step 4: You’ll see a menu displaying three networks: Domain network, Private network, and Public Network. The firewall status is displayed beneath each network name.

Step 5: If your firewall is off, select the network, and under Microsoft Defender Firewall, toggle the switch to On.

Activate firewall on Windows 11:

Step 1: From the Start menu, select Settings.

Step 2: Under Privacy & Security, select Windows Security, then choose Firewall & Network Protection.

Step 3: You’ll see three networks: Domain network, Private network, and Public network.

Step 4: To turn on the firewall for a network, select the network, and under Microsoft Defender Firewall, toggle the switch to On.

Activate firewall on Mac:

Step 1: From the Apple menu, select System Settings.

Step 2: From the pop-up window’s sidebar, choose Network, then click Firewall.

Step 3: Toggle on the firewall (if it’s off).

Do you need third-party Antivirus software?

You probably already have all the antivirus software you need built right into your computers and devices. Most cybersecurity experts agree that third-party antivirus software isn’t any better than the security measures companies like Microsoft and Apple supply with their products. Programs like Windows Defender do a fine job of protecting your computer as long as you keep them updated.

Decades ago, built-in security like Windows Defender had trouble keeping up with hackers, creating opportunities for third-party security companies like McAfee and Norton to offer products that filled in significant security gaps. Large tech entities like Microsoft have since significantly stepped up their cybersecurity game.

“We test it regularly (Windows Defender), and it’s one of the top products we’ve seen. It has improved a lot,” cybersecurity expert Simon Edwards, told NBC in 2021.

In response, third-party security companies have been bundling additional services with their products, such as identity theft scanning, enhanced email security, and security extensions for popular web browsers. You may gain some additional protection from these add-ons, but you still need to be vigilant and practice good cybersecurity hygiene, like using strong passwords, timely updates, and avoiding phishing emails.

Keep your guard up

The challenges of cyber security are always evolving, as evidenced by the constant stream of security updates that seem to pour into our devices on a daily basis. Internet security is a marathon, not a sprint. To stay secure, you must maintain good cybersecurity practices over time. Don’t get lazy or complacent, as it’s easy to normalize constant threats.

When you get a new device, make sure auto-updates are enabled. Don’t use the easy but risky password habits of yesteryear, keep up on your updates (which mostly means not disabling auto-updates), and be careful about what you click in your inbox and on the web.

If your home Wi-Fi is slower than it should be, someone might be stealing your bandwidth. Fortunately, there are ways to detect and remove uninvited guests on your home network and make sure they don’t come back.

Is your connection slower than it should be? Take our speed test to find out.

How can someone steal my Wi-Fi?

Wireless networks make it easy to connect all your devices to the internet, but it also makes it easier for other people to use your connection. This has been true since the earliest days of wireless transmission. The first wireless hack occurred in 1903 when Nevil Maskelyne hacked Marconi’s wireless telegraph in order to send a rude poem during a public demonstration.

Perhaps unsurprisingly, wireless hacking became common in the early days of Wi-Fi, when security protocols were lax and most people were new to the technology. At this time, hackers would go “wardriving,” driving through neighborhoods looking for unsecured wireless networks that they could use to connect to the internet for free. While this might conjure images of shadowy agents in high-tech surveillance vans, all it really took was a college kid with a laptop, some hacking software, and a “cantenna”—a signal amplifier antenna made out of a tin can.

Although most wireless routers have security features enabled by default, many network attacks still begin with a hacker wardriving through a neighborhood, looking for network vulnerabilities (often still using a cantenna). Having hackers on your network is bad for several reasons. They can do any of the following:

• Use your connection for illegal activities
• Use packet sniffers to steal passwords and other information
• Redirect your browser to fake sites to steal your information
• Install malware on your devices

Of course, while lax security might be an open invitation to hackers, Wi-Fi thieves are more likely to be neighbors trying to get free internet access. This is especially common if you live in a large apartment building, since your router signal is probably strong enough to be picked up from almost anywhere in your building and probably several of the surrounding buildings as well.

Your neighbors probably aren’t trying to steal your credit card numbers, but freeloaders will slow down your connection speed. So unless you gave them permission to use your Wi-Fi, kick them off.

How to check for Wi-Fi thieves

If you think someone is stealing your Wi-Fi, the first step is to check. Some methods are simple, while others require a bit more technical savvy.

Check the lights on your router

Most routers have a series of indicator lights that let you know when the router is powered on or connected to the internet. It should also have a light that shows wireless activity. A quick way to see if you have freeloaders is to turn off all your wireless devices and see if the light is still blinking. If it is, someone else is on your network.

This method isn’t very practical if you have a lot of devices in your home—everything from your phone to your fridge could be trying to connect. But if your computer is the only device that should be connected to the internet, this is a quick way to catch Wi-Fi thieves in the act.

Check the lights on your router

If you think someone is stealing your Wi-Fi, the first step is to check. Some methods are simple, while others require a bit more technical savvy.

Check the lights on your router

Most routers have a series of indicator lights that let you know when the router is powered on or connected to the internet. It should also have a light that shows wireless activity. A quick way to see if you have freeloaders is to turn off all your wireless devices and see if the light is still blinking. If it is, someone else is on your network.

This method isn’t very practical if you have a lot of devices in your home—everything from your phone to your fridge could be trying to connect. But if your computer is the only device that should be connected to the internet, this is a quick way to catch Wi-Fi thieves in the act.

Use an app

There are apps for both mobile and desktop computers that can be used to detect unwanted devices on your network. There are also web-based apps like this router checker from F-Secure that will look for indications that someone has hacked into your network.

Check wireless client list

Although it’s a bit more complicated, the surest way to see if an unauthorized user has broken into your network is to check the list of current devices in your router’s settings. Here’s how to do this:

1. Log in to your router.
2. Find the list of current wireless clients.
3. Look for unknown devices.

Every phone, computer, and smart device you own will show up in this list as a unique MAC address. If you know for a fact that you have only five wireless devices and there are six active devices in the list, you definitely have a freeloader. You can also look up the MAC address (a type of network identification number) for each of your devices and see if there are any on the list that don’t match. MAC addresses are often listed in a device’s settings alongside its IP address.

Check router logs

If you didn’t find anything when checking the active client list but still believe someone’s been getting on your network, you can check your router’s logs. You can access past activity logs from the same menu in your router settings where your current wireless clients can be found.

The downside is that it’s a bit of a needle in a haystack. It’s not easy to look at a huge list of numbers and determine which one doesn’t belong.

The advantage of going to the logs is that your moocher doesn’t have to be logged on to your network for you to catch them. Also, if you have an idea of when the problems started, you can see if any new MAC addresses started popping up around those times.

How to secure your wireless network

Once you know that someone is stealing your Wi-Fi, you need to kick them off your network. The first step is to change your network name and password. If the internet thieves are just freeloading neighbors, this is usually enough to get rid of them. But it’s also a good idea to make sure that you’re using the most secure settings on your router.

There are several protocols used to secure wireless networks and most routers give you several options. The oldest and least secure of these is WEP (Wired Equivalent Privacy), which was created in the late ‘90s. Don’t use WEP.

WPA stands for Wi-Fi Protected Access and was created to fix the major security flaws in WEP.² The newest version of this standard is WPA2, which also incorporates the Advanced Encryption Standard, also known as the AES encryption protocol. This is why, on some devices, this feature is called AES instead of WPA2. You should always enable WPA2/AES security on your router if it’s available.

If your router doesn’t offer WPA2 security, you might want to buy a more secure router.

Using a secure password on your wireless network is the most important thing you can do to keep your Wi-Fi secure, but there are lots of other steps you can take. For more information, check out our guide to keeping your router secure.

If it’s not thieves, why is my Wi-Fi so slow?

If you’ve gone through your router logs with a fine-toothed comb and haven’t found any unauthorized devices, people probably aren’t stealing your Wi-Fi. So, why is your Wi-Fi still slow? There are a couple possible reasons.

Is it just the Wi-Fi?

Before you spend an entire afternoon on the phone with customer service, try plugging your computer directly into your router. Did that fix your speed problems? If it did, then the problem is with your router. You can always buy a new router, but there are a few tricks you can try first. To find out how, check out our step-by-step guide to improving your Wi-Fi speed.

If plugging in to your router didn’t resolve your speed issues, the problem isn’t just your Wi-Fi. It’s your entire internet connection.

When does it slow down?

If your network slows down at peak hours (usually in the evening when everyone is getting home from work), then this might be normal slowdown due to internet traffic. Cable connections share bandwidth between houses in the same neighborhood, so you can get lower-than-advertised speeds if you and your neighbors are all trying to use the internet at once. The only way to avoid this is to avoid peak hours or switch to a more reliable connection like fiber.

If your internet slows down for a few days or weeks every month, your internet service provider (ISP) might be throttling your speed once you pass your monthly data cap. This can often be fixed by upgrading to a more expensive monthly plan or by purchasing additional data from your provider.

Is it always slow?

If your connection is constantly slower than your provider’s advertised speed, it could be a problem on their end. Contact your provider’s customer service department to ask why your speed is so slow and when it will be back up to speed. Every network experiences occasional slowing and outages due to maintenance. But if customer service can’t tell you when your speeds will be back up to normal, it might be time to find a new provider.

Protect your internet connection

It’s easy to take Wi-Fi safety for granted. Almost every coffee shop and fast food restaurant offers its own public Wi-Fi, and we can see the names of our neighbors’ home networks just by pulling out our phone.

These days, a vulnerable home network may not exactly be a jackpot for hackers, but it is low-hanging fruit for freeloaders. Using proper network security is a good habit to get into and a good way to get the most out of your internet plan.

More resources

Having your bandwidth stolen by freeloaders is frustrating, but there are lots of other security threats that can affect your home network. If you want to find out more about how to keep your network and devices secure, check out some of our other articles on internet security.

• Terrifying Security Flaws in Your Wi-Fi and How to Fix Them
• Best Internet Browsers for Security
• How Safe Is My Internet Connection?
• Best Routers for Security

Updating your browser to the most recent version gives you access to the newest features, but most importantly, it protects your computer from attacks. Most browsers update automatically by default, but if your browser is out of date for any reason, you can manually update it by doing the following:

1. Open your browser menu.
2. Find your browser’s About page and select it.
3. Click the update button.
4. Close your browser and relaunch it.

Most modern browsers follow similar steps, but there are some minor differences in the menus and buttons. To learn more about the how and why of updating your browser, read on as we go into specific details.

Why should I manually update?

Ideally, you probably don’t want to be doing updates manually. In general, it’s a good idea to set your browser to download and install updates automatically in order to keep it protected from any recently discovered vulnerabilities or exploits. There are, however, a few situations where you might want more control over when these updates are downloaded. For example, some satellite plans give you extra data during low-traffic hours that you can use for downloading software updates and other large files.

Users might also want to manually update their browser proactively. Some browsers make new updates available days or weeks before they roll them out as automatic updates. If you want to know about updates as soon as they become available, you should follow your preferred browser’s developer blog, such as the Chrome Dev Blog.

In any case, find the method that works best for you to keep your browser as current as possible to avoid security threats online.

How to update Chrome

To update your browser when using Google Chrome, follow these steps:

1. Open Chrome.

2. Open the Menu (three dots in the top right corner).

3. Select Help > About Google Chrome from the menu.

4. Check to see if Chrome is up to date. If not, click Update Google Chrome.
5. Close your browser and relaunch it to apply the update.

How to update Firefox

To update your browser when using Firefox, follow these steps:

1. Open Firefox.

2. Open the Menu (three dots in the top right corner).

3. Select Help > About Firefox

4. Click Restart to Update Firefox.

How to update Internet Explorer

Microsoft officially ended support for Internet Explorer 11 on June 15, 2022. That means that there will be no more official updates to the browser and thus you can’t update it, even if new security flaws are found. If you’re one of the last holdouts still using Internet explorer, it’s finally time to switch to another browser.

If any site you visit needs Internet Explorer, you can reload it with Internet Explorer mode in Microsoft Edge.

How to update Microsoft Edge

To update your browser when using Microsoft Edge, follow these steps:

1. Open Microsoft Edge.

2. Open the Menu (three dots in the top right corner).

3. Select Help and Feedback > About Microsoft Edge.
4. If an update is available, it will begin updating automatically.

How to update Safari

Apple has discontinued support for versions of Safari on non-Apple devices, so updating Safari is now integrated with upgrading your OS. To update your OS, follow these steps:

1. Open the Apple menu in the top left corner of your screen.

2. Select System Preferences.

3. Click on Software Update.

4. Click Upgrade now to update your OS, including Safari, or select Automatically keep my Mac up to date to turn on automatic updates to keep it updated in the future.

Our pick: Which password manager is best?

LastPass is our go-to solution for the best password manager. It checks all the right boxes: desktop and mobile support, password sharing, file storage, family management, dark web monitoring, a password generator, and more. It feels more complete overall, thanks to a good balance of free and premium features.

The 7 best password managers

• Best overall: LastPass
• Best for Apple devices: 1Password
• Best for usability: Dashlane
• Best for business: Keeper
• Best for budgets: RoboForm
• Best free option: Bitwarden
• Best no-cloud password sync: Sticky Password

*Non-business prices as of 9/25/23.

What should you look for in a password manager?

The best password manager should generate long, unique passwords that are nearly impossible to crack. It’s essential for day-to-day use across all accounts because passwords are often reused, too short, and easily guessed.

A password manager should also support multiple operating systems, like Windows and Android. Be sure to pick a password manager that is in active development and offers end-to-end encryption, if possible.

Finally, a password manager should list “zero knowledge” somewhere on its product page. That means the developer doesn’t have access to your data. If a password manager advertises device synchronization (most do), that data should reside on the developer’s cloud servers as an inaccessible encrypted blob.

For a more in-depth look at the essential features to consider in a password manager, jump ahead to our expanded section below.

Leer en Español

FAQ about password managers

Our pick: Which internet browser is the most secure?

Firefox is our top pick as the most secure browser because it’s completely open source and contains no hidden or proprietary code. As a result, it can be examined by any security expert to confirm that it doesn’t secretly track you across the internet and sell your browsing habits.

In contrast, Google Chrome, Apple Safari, and Microsoft Edge are only partially open source, as they include proprietary components security experts can’t thoroughly inspect.

The 6 most secure browsers

• Best overall: Firefox
• Best for anonymity: Tor Browser
• Best for customization: Vivaldi
• Best for blocking ads: Brave
• Best for extreme privacy: Epic Privacy Browser
• Best for VPN use: Opera

Compare secure browser features and availability

What should you look for in a secure browser?

You want a web browser that blocks everything that can identify you. While some cookies are necessary for websites to function, others are intrusive and intentionally collect your information to track you across the internet.

A web browser should also verify that every destination you visit is safe so you’re not unintentionally loading a site full of malware or one that secretly runs scripts in the background to mine digital currency at your expense.

Lastly, a browser should offer secure connections. For example, the Tor Browser offers triple encryption, while Opera has a built-in virtual private network (VPN) component. Most web browsers support HTTPS connections.

Compatible browsers will display a lock symbol in the address bar when you load a website that offers HTTPS connections. If the website doesn’t support HTTPS, the browser will display a “not secure” message or something similar.

You may find browsers that include an HTTPS-Only Mode. Firefox, for example, can force all connections to use HTTPS when you enable this setting. Conversely, if the website does not use HTTPS, Firefox will block access with a warning page containing “Continue to HTTP Site” and “Go Back” buttons.

Malware prevention

A secure web browser should check with a trusted database to verify that a website is safe to use.

For example, malware may secretly infect a legitimate website, or a website may appear official but is instead a “spoof” to fool you into downloading unwanted software. Both situations are typically reported and listed in a database that the browser downloads and updates frequently.

A browser should also verify that the file you are downloading is legitimate. For instance, Firefox will verify the site’s integrity against a database provided by Google Safe Browsing. If Google blacklists the site for malware, Firefox will block the download. This verification also helps prevent unwanted files too, like automatic downloads, when you visit a website.

So, where are Chrome, Safari, and Edge on this list?

On a security level, we don’t recommend using browsers provided by Apple, Google, and Microsoft.

Google Chrome

Google makes a big chunk of revenue from advertising and data collection. Those two factors alone should be enough reason to shy away from Google Chrome. The browser is undoubtedly convenient given its native ties to Google’s services, and it’s one of the fastest based on our tests, but Chrome collects an alarming amount of data—more than any other browser on our list.

Apple Safari

Apple is a “device first” company. Its most significant source of revenue is sales from Macs, iPhones, iPads, and so on. Safari is undoubtedly the better native option over Google Chrome on these devices, and its security and privacy aspects have improved over the last few years. 

But Safari isn’t completely transparent in terms of code, nor is it available on any other platform outside the Apple ecosystem. It’s also had its share of eye-opening security and privacy issues in the past.

Microsoft Edge

Finally, the new Microsoft Edge ditches the previous in-house EdgeHTML engine for Chromium. It collects data about the websites you visit, and there’s no option to turn this data collection off. Moreover, Microsoft Edge shares details regarding web pages visited, whether you use the search autocomplete function or not.

The bottom line

You can’t expect total security and privacy from companies that have other agendas. All three browsers listed above provide operating systems that already know what you do and where you go every day.

What you need is a browser provided by a developer with one single, razor-sharp mission: to give you the best, most secure window to the internet.

FAQ about secure browsers

What is Incognito Mode?

Also known as Private Mode or something similar, Incognito Mode keeps your browser history private. In Firefox, for instance, the browser deletes all cookies when closed. It also blocks tracking cookies by default. For more information, read our explanation about what Incognito Mode actually does to protect you online.

What is fingerprinting?

Fingerprinting is a form of data collection that pieces information together to identify you. Data is collected through the web browser or through apps or programs installed on your device.

Websites use third-party trackers to continue collecting data (shopping habits, frequented websites) and create a larger snapshot of your internet presence. This “fingerprint” includes your device, operating system, preferred browser, and so on.

What is the Tor network?

The Tor network consists of over 7,000 volunteer-operated relay servers located around the globe that perform as “onion” routers. Here’s what happens when you access a website using a Tor client:

Step 1: The Tor client determines the best path to the destination and generates three encryption keys. 

Step 2: The client sends the three-layer encrypted data to the first Tor server, the Entry Node.

Step 3: The Entry Node decrypts the first layer, discovers the second server’s location, and relays the two-layer encrypted data.

Step 4: The second server, or Middle Node, decrypts the second layer, discovers the third server’s location, and relays the single-layer encrypted data.

Step 5: The third server, or Exit Node, decrypts the final layer and relays the plaintext data to the destination.

In a nutshell, the Tor client creates a “circuit” between you and the destination that remains open for around ten minutes. Once that window expires, Tor creates a new circuit to prevent eavesdroppers from tracking your activities. A new circuit is also created when you visit another website.

“Tor” is an acronym for The Onion Router.

What is a virtual private network (VPN)?

A virtual private network is a secure, private connection that works over the internet.

VPN software you install on your device encrypts your data and then establishes a direct, encrypted connection (or “tunnel”) between you and the VPN server. Once the server receives your encrypted data, it decrypts the data and then sends it in plaintext to the destination.

This way, the destination cannot collect your information, such as your IP address, web browser, and operating system.

How does cryptocurrency mining work in a browser?

Cryptocurrency mining within a browser works by using JavaScript code. Every web page you view on the internet is downloaded to your device as cache, including JavaScript code that quietly runs in the background to run basic web components.

In this case, the JavaScript code runs complex mathematical calculations to create digital currency. Mining requires heavy processing and will slow your device to a near crawl as the CPU computes the heavy math. You could see your browser use 90% or more of your CPU’s total processing capacity.

Some websites, however, use cryptocurrency mining in the browser as a form of “payment” for consuming their content. This payment is typically voluntary on your part.

What is phishing?

Phishing is a method of obtaining your personal information through a link embedded in an email, text message, instant message, and so on. The attackers pose as a person, company, or service you trust and attach a link. The resulting website looks legitimate, but it’s a “spoofed” site created to steal your information.

What is address bar tracking?

Address bar tracking is a method of obtaining your browsing habits through the autocomplete function. When you type a search query or URL in the address bar, the browser analyzes that data to provide suggestions. The browser may also send that information to remote servers. As a result, companies like Google and Microsoft know where you’re going and where you’ve been.

What is a Device ID?

A Device Identifier (ID) is a unique string of numbers that identifies your device, whether it’s a computer or smartphone. It’s stored on the device and is derived from other hardware-identifying numbers, like the IMEI number or MAC address.

What is a User ID?

Web browsers typically create a user identifier profile upon installation that includes information like your processor, storage, screen resolution, and operating system. This profile is assigned a unique identifier that the browser stores locally in a cookie.

What is Chromium?

Chromium is a free and open-source browser “foundation” developed and maintained by Google. Developers can compile the code “as is” and distribute it as a basic Chromium browser or compile it to include proprietary components and unique designs. The latter group includes Brave, Epic Privacy Browser, Google Chrome, Microsoft Edge, Opera, and Vivaldi.

What is Google Safe Browsing?

Google Safe Browsing is a service provided by Google. It contains a database of known websites containing malware and phishing content. This database is available to internet service providers and used by Chrome, Firefox, Safari, and Vivaldi. According to Google, this service protects over 4 billion devices each day.