Securing your home wifi network – 7 recommendations to improve your wifi security

Securing your home wifi network – 7 recommendations to improve your wifi security

Hi and welcome to this video on securing your
home wifi network I’ve worked in IT over the last 15 years or
so, and have been known for my security work for the last five of those. The media makes a big thing about network
security in companies, but in this video I want to look at home networks. I’m not going to go into huge depth, but I
am going to give seven pieces of advice that I believe many home networks would benefit
from. OK, so let’s start with the router. The router is the gateway between your network,
and the outside world, the Internet. So it’s really important to protect it with a strong
password. After all, it contains the password to your wifi network, and also gives people
general control over what they can do within your network. It’s really common for people to leave the
default password in-place, and I would strongly advise against that. It’s something that a
hacker will predict. That could be everything from a password like the word admin or administrator,
to match the username; right the way through to a more complex one that matches the serial
number of the device, which the hacker may have other ways of achieving that information. Other common password recommendations apply,
so a common password in the world (used for all sorts of things) is “password1”. Or people
use family names, or sports etc… So try not to use something that is too predictable
and stick to good password advice. Personally, I would recommend (I don’t think
this is the best password in the world, by the way), but use of a phrase of some variety.
People will often use a song lyric or something or other else that means something to them,
and therefore is naturally memorable. My next recommendation is such a common one,
I would hope this is familiar to everybody: to use WPA2 as your level of encryption.It
would be remiss of me not to mention it, and therefore I have put it in this video. For anyone who is not aware, WEP and WPA (the
first version of WPA), are now considered weak forms of encryption so should not be
used. The recommendation is to go to WPA2, which is a much stronger form of encryption. The other thing I’d want to call out here
is what’s often called “Mixed Mode”, “Legacy Mode”, or “Compatibility mode”, or as simple
as it shows in this screenshot, just “WPA + WPA2”. This form of encryption basically
allows for both WPA1 and WPA2. It’s often seen as a benefit for compatibility
but in reality devices very rarely need anything other than wpa2 these days and leaving that mixed mode
open simply opens you up to the risks of the original WPA1 encryption method
so I would strongly advise to move away from that if you use it, and set your
device so that it only uses WPA2 encryption. My third recommendation is to turn off WPS
technology this was a technology brought in as a convenience factor really so that you
could press a button on the top of your router and create a
fast connection effectively for a new device to join the network. I don’t
personally believe that many people use it heavily. You would need to have a lot of
new devices joining your network in order to make it worthwhile and from a hacking
perspective it is the easiest way really into a network is to
exploit WPS technology so unless you have a really strong need for lots of
new devices joining our network on a regular basis I really strongly advise
you turn this feature off. It’s usually just a simple checkbox as you
can see in left hand image “enable WPS”. on some devices, like the one screenshot’d
on the right, it just talks about it as registering devices and you would have
to determine that you did not want you devices to be able to join your network this next recommendation shouldn’t apply to
a lot of people so remote management is a feature that’s usually turned off
by default and people turn it on usually to be able to potentially log into their
router to tweak things while they’re at work or at another site it’s rare that
people really need to use that function but there are occasions when people turn
it on unnecessarily obviously it creates an exposure whereby a
hacker in the outside world has then got an easier
path to be able to break their way into your router password so I strongly recommend that people make sure
that feature is turned off in their router my next recommendation is simply to look after
your devices so bear in mind that any insecure device on your network puts any
other device at risk so maintain any antivirus software any local firewall
and patch the operating system, even firmware potentially to the device don’t forget that this applies to all devices
on your network so you may instantly think of a
desktop PC may be a laptop and a tablet but it will also apply to any mobile
phone that connects, potentially a television and these days even things
like fridges and kettles can be purchased that can jump on a WiFi network The next couple of recommendations are not
as critical so I’ve marked them in the bottom right hand corner as such The first of these is about obscuring your SSID. This is the name of your
network in effect A lot of people recommend
hiding your SSID I must admit I do it myself but it provides a very weak form of
protection. It’s extremely easy to actually crack that Whether or not you choose to hide your SSID
I would still say to think very carefully about what it says about
identifying you So use of your family name in it the name
of your property or even just leaving it by default
representing who your service provider is. All these pieces of information can
help hacker find a flaw in your network or indeed find more information about
yourself out together with Internet traffic so my recommendation would be to used something
pretty neutral maybe a random name from a dictionary such that it
means something to you but isn’t obviously identifiable as yours my last recommendation is to consider
MAC filtering this is basically a list of authorized devices that can connect
to your network and any device that is not on
that list will not be able to connect even if it has the correct password to do
so. If you don’t tend to add new devices to
your network on a regular basis I would strongly advise using this feature just
because of the protection it obviously offers but it will depend on how often you
introduce new devices and just how easy your particualr router makes it for adding
new devices to that MAC filter list and that’s last of my recommendations so I
thought I’d just list here the key ones, the ones I marked as high importance. If any of these still apply to you I’d strongly advise that you take a look at these
now just because of the level of protection that they offer This is the
first video I’ve done of this presentation type, so I’ll be interested
to hear whether this is useful for anybody. That’s obviously the reason I’ve put it up
here… to try and be helpful! Please leave some comments in terms of what works and what doesn’t
work and I’ll try to learn that for any future videos I hope the video helped
Thanks for watching!

28 Replies to “Securing your home wifi network – 7 recommendations to improve your wifi security”

  1. Good stuff, thanks for the review we all need this from time to time. I am in process of changing out modem and router so this helps.

  2. Fuck me, almost everything with my wifi settings was wrong. Thanks for this video mate, now I can properly secure my network!

  3. Contact with experts to discuss How To Secure My Wi-Fi at Router Technical Support Forum

  4. Can you point me to a tutorial that will show me how to do this physically? I’m lost but want to tighten things up at home. I need an actual step by step though. I appreciate your info and any possible help. Thank you.

  5. Very informative video. Please post similar videos if possible with live demo for more practical approach. Appreciate your effort Artexic..

  6. Very useful. Simple concise info.
    Adding a guest access point instruction video would benefit from your instruction style.

  7. very helpful video, I would add turn off UPNP too to this list. I've read articles about how easy it is to exploit that vulnerability for hackers.

  8. (1)how to know that WPS is on off mode or on mode?
    (2) if i want to creat username and password of admin account are for wifi too?

Leave a Reply

Your email address will not be published. Required fields are marked *