Most of us don’t give a second thought to the router that manages our home internet. We assume it’s working fine, just like the day we installed it – which is why hackers can break into your network and wreak havoc without you even realizing it.
It may have happened already.
Remember, every device in your network as at stake.
It may have happened already.
Remember, every device in your network as at stake.
The problem with the internet of things is that there is no security standard. So, we purchase cameras, speakers, thermostats, and more thinking these gadgets are locked down at the get-go.
Now that you know why you need to pay attention to your router, let's get started.
Now that you know why you need to pay attention to your router, let's get started.
1. Regular or automatic updates
When a router gets an update, you probably won't know about it. Newer routers can download them automatically and nearly every router has options to update the firmware manually; so if it’s not an automatic process, you’ll need to check for them every three months.
To get to your router admin page, you’ll need the IP address used by your router and the admin password. These may be written on the user guide for your brand of router, but if you don’t have this information, there are sites that can help you find them.
To get to your router admin page, you’ll need the IP address used by your router and the admin password. These may be written on the user guide for your brand of router, but if you don’t have this information, there are sites that can help you find them.
Once you’ve opened your router’s admin page, find a section called “Advanced” or “Management” to look for firmware updates. Download any updates. If there is an option in your router’s settings that enables automatic updates, turn it on.
2. Stronger encryption
Most routers include encryption by default. If you’re required to enter a password to connect, you already have it set up. But don't move on just yet – there are different types of Wi-Fi encryptions, and some are much weaker than others. . Don’t forget, many routers ship with options for outdated encryption settings.
The most popular Wi-Fi security right now is Wi-Fi Protected Access 3 (WPA3) encryption. This standard is over a decade old, but if you’re shopping for a new router, be sure it supports WPA3. This is still the latest wireless standard available.
The most popular Wi-Fi security right now is Wi-Fi Protected Access 3 (WPA3) encryption. This standard is over a decade old, but if you’re shopping for a new router, be sure it supports WPA3. This is still the latest wireless standard available.
To check your encryption settings, go to the router’s admin menu. You should be able to find encryption under the “Wireless” or “Security” menu. If you still have an older router, select one that starts with “WPA2.”
If your router is not WPA3 compatible, “WPA2-PSK AES” is the next most secure option. If you have older gadgets on your Wi-Fi network, you might have to select “WPA2-PSK AES + WPA-PSK TKIP” to get them working.
This hybrid setting keeps the benefits of WPA2 while leaving compatibility for older, less secure devices. If your main network is securely encrypted, they’ll be safe to use.
Most importantly, never choose “Open,” which means no security at all. The same goes for WEP, which is a highly outdated standard that’s easily hacked.
If your router is not WPA3 compatible, “WPA2-PSK AES” is the next most secure option. If you have older gadgets on your Wi-Fi network, you might have to select “WPA2-PSK AES + WPA-PSK TKIP” to get them working.
This hybrid setting keeps the benefits of WPA2 while leaving compatibility for older, less secure devices. If your main network is securely encrypted, they’ll be safe to use.
Most importantly, never choose “Open,” which means no security at all. The same goes for WEP, which is a highly outdated standard that’s easily hacked.
3. A built-in firewall
One of the best security tools built into your router is the firewall. Nearly every router from the last decade includes one in some form or another.
Not every router labels its firewall the same. You usually find this feature under your router’s advanced settings like “NAT filtering,” “port forwarding,” “port filtering” or “services blocking.”
These settings let you tweak your network’s incoming and outgoing data ports and protect them from outsiders. But be extremely careful with these settings; your default firewall is usually enough, and misconfiguring your ports can knock you off the web or make it easier for hackers to break in.
If you do make a mistake in this area, call your internet provider. A trained technician will know the optimal port settings for your service.
Not every router labels its firewall the same. You usually find this feature under your router’s advanced settings like “NAT filtering,” “port forwarding,” “port filtering” or “services blocking.”
These settings let you tweak your network’s incoming and outgoing data ports and protect them from outsiders. But be extremely careful with these settings; your default firewall is usually enough, and misconfiguring your ports can knock you off the web or make it easier for hackers to break in.
If you do make a mistake in this area, call your internet provider. A trained technician will know the optimal port settings for your service.
4. Optimized Quad9 DNS settings
Check out the Quad9 Domain Name System service, maintained by cybersecurity advocates at IBM and The Global Cyber Alliance. Once set as your DNS service, every time you click on a web link, Quad9 will check the site against IBM X-Force's threat intelligence database of over 40 billion analyzed webpages and images.
I have a whole write-up about it on my site, including the step-by-step instructions for your Windows PC or Mac.
I have a whole write-up about it on my site, including the step-by-step instructions for your Windows PC or Mac.
5. No remote access
Have you ever had a technician take over your computer while you were on the phone? If so, you’re already familiar with “remote administration,” which is commonly used in tech support.
Scammers and hackers find remote access an easy path to a home network. Remote desktop management is one of the pillars of several security flaws found in Windows.
Scammers and hackers find remote access an easy path to a home network. Remote desktop management is one of the pillars of several security flaws found in Windows.
When it comes to your router, you’re better off disabling these settings altogether. You can usually find this in your router settings under the “Remote Administration” heading.
Even if you do all this, you still need to take steps to lock down your internet of things devices. I have several tips on my site.
Even if you do all this, you still need to take steps to lock down your internet of things devices. I have several tips on my site.
There are plenty of reasons your Wi-Fi keeps slowing down (and at the worst times, too, it seems). It could be signal congestion, physical location, firmware issues, hardware limitations, or maybe your space is just too big for your router coverage.
