How to protect your wifi from other people's access. How to protect your router or secure wi-fi at home. How to protect your Wi-Fi from your neighbors. How to protect your home router from hackers and neighbors

Today, when in most homes you can catch a wireless Internet network, the question of how to set a password for wifi takes on the role of an important aspect of ensuring data security. Creating a reliable “line of defense” for a home network is quite a responsible matter, and has its own subtleties. With this in mind, you will benefit from adopting the knowledge and advice offered in this article.

The plan for introducing the topic will be as follows:

• First, we will cover the main existing types of encryption in wifi networks;
• Then we’ll look at a general example of how to password protect a network.

Encryption in WIFI networks

Personal information stored in files on a computer connected to a wireless network may be accessible to unauthorized people. In other words, with bad intent or not, for fun or profit, unauthorized access to the entire contents of a PC can be obtained through a network without a password. To prevent this, various encryption methods have been developed to protect users. Further about what they exist.

WEP

This technology (802.11 standard) was one of the first systems to ensure the security of a wifi network. It provided weak protection, which is why it was often hacked by hackers in order to steal important information. The result of this has been a significant slowdown in the adoption of wifi networks in companies and business organizations. The managers did not have the slightest confidence in the confidentiality of data transmitted via wireless communications. In addition, this system did not provide the ability to set a password.

The IEEE Institute took up the solution to this problem, which organized 802.11i, a working group that began creating a new data encryption model that can protect wifi networks.

The result was the emergence of WPA (Wifi Protected Access or secure access) in 2004. The new system corrected the shortcomings of the old one thanks to the combination of several technologies that could solve the problem of its vulnerability and put an end to the history of easy network hacking.

WPA

The 802.1x standard, as mentioned above, replaced 802.11. The main difference was mutual authentication and constant encapsulation of data transmitted between the server and client access points. The authentication protocol (EAP) has also been expanded.

We invite you to familiarize yourself with a schematic representation of the operation of WAP and many other security systems (see figure)

In addition, Temporal Key Integrity Protocol (TKIP) technology and MIC, a message checksum that prevents any modification of data packets during transmission, have been integrated into WAP. Working together, these technologies can reliably protect the network, giving the right to connect to it only to users who own the password.

WPA2

The next leap towards network security was the release of the WPA2 (802.11i) program. Only with its advent, enterprises and companies began to actively implement wireless networks, giving privacy a special role.

The most important innovation was the introduction of AES, a 128-bit advanced data encryption algorithm. It allows you to put an end to the work of the “blocker” of the cipher, which makes it possible to use one code for both authentication and encryption. It has now become mandatory to use different ciphers for each of these operations. We also added key caching and pre-authentication of users (to organize them by access points).

There are modifications of the 802.11i standard:

• 802.11r is a technology specializing in the fast and reliable transfer of key hierarchies based on the Handoff algorithm. This wifi standard is fully compatible with 802.11a/b/g/n modifications.
• 802.11w is intended to improve the security mechanism by placing greater emphasis on protecting 802.11i-based control packets. Both of these standards belong to the 802.11n group.

Thus, the use of the latest (WPA2) standard when organizing wireless network security is obvious.

Enough theory. The next step should be to organize wifi password protection, which we will now consider.

Wifi password - installation details

A wireless network makes it possible to connect various devices to the Internet within a radius far beyond the boundaries of the apartment. Therefore, if your wifi is not password protected, your neighbors will be able to use it. And it’s one thing if such an unauthorized “visit” is made only for the sake of getting free Internet, and quite another thing if its purpose turns out to be to obtain personal information for committing fraudulent actions.

Therefore, setting a wifi password is a top priority after creating and configuring the network.

This procedure may have slight differences when working with different models of routers. But despite this, there is one general configuration algorithm that is used in all cases.

Step 1

The first operation required to password protect the network is to enter the router settings.

It comes with a CD designed to make setting up the equipment easier. But if you find it difficult to find it, you can use the router’s web interface. In this case, you will need to launch a web browser and enter a special code (a construction consisting of “http://” and “IP router”) in the address bar. Standard addresses for most routers start with “192.168.”, and then follow: “1.1”, “0.1”, “2.1” (for example, 192.168.1.1). Which one is suitable in your case? This can be found out by looking at the back cover of the router (for 99% of cases), or by looking on the Internet.

Please note the following:

• It is better to enter the router settings from a computer connected to it using an Ethernet cable. When using a wifi connection, you will have to repeat the login procedure every time after any change.
• The name and password for the router is almost always “admin”. If it doesn’t work, look through the instructions to find the correct option, or look at the back cover of the device.
• If you find it difficult to remember the password you set earlier, reboot the router with the Reset button. This will reset all user settings on the device, returning them to factory settings.

Step 2

Now you need to find a tab with a name similar to “Network Security Properties”. It is most often located in the “Wifi Settings” or the “Security” section. Having trouble locating a tab? You can enter the name of your router model into the search and determine its location.

Step 3

Next you need to select the type of data encryption. Modern models provide for the use of various network protection methods. We talked about the features of each at the beginning of the article. And, as discussed there, it is most advisable to use WPA2 today due to its highest reliability.

• Important! Older router models may not be able to use WPA2. Therefore, you need to install either WPA or change the device to a more modern one.

STEP 4

After choosing an encryption method, you need to install its algorithm. For WPA2-Personal you need to install AES. The other one - TKIP - is much inferior to the first in reliability, and it is not advisable to use it.

Important! Some router models no longer even provide TKIP, as it is outdated and cannot provide the required level of protection.

Step 5

Now we have reached the most important stage of the entire procedure. You need to decide on the SSID (access point name) and set a password for the wifi (in other words, specify a code word or password protect the network).

When choosing a secret phrase, keep in mind:

• The password should be a combination of both numbers and symbols, and it is very good if they are mixed. By complicating the secret code in this way, you can pose a difficult task to ill-wishers who want to pick it up.
• The Internet is littered with many simple password generators, with the help of which they can be cracked in a matter of seconds.

Step 6. Last

All that remains is to save the new settings and reboot the router. Click on “Apply” (“save”, “save”, “apply”...), and all changes will be ready to take effect. This will happen only after rebooting the router. In most cases, the router will begin to reboot on its own, and all connected devices will necessarily disconnect from wifi. To notify them of changes in the network, you will have to re-establish the connection and enter the new password specified in the previous step.

Important to remember:

• If the automatic reboot does not start after saving, you will need to do it manually. You need to unplug the router from the power supply, count to 10, and then turn it on again. You can start working after it completes the initial boot. The indicator lights will indicate its completion and stop blinking chaotically.
• This reboot is different from the one obtained as a result of pressing the RESET button! The latter will erase all your settings, resetting them to the initial (factory) settings.
• To prevent network intrusions, it is recommended to change your password at least twice a year.

Remember, you have everything you need at your disposal so as not to compromise the security of your personal data. The main thing is to learn how to use wireless network security methods.

Today, every third user of the World Wide Web is widely used to connect the entire home, offering high-speed Internet access to all devices. And that’s right, why not use this opportunity when, sitting in a chair, lying on the sofa or in bed before going to bed, you have access to the Internet from a smartphone or.

In this whole practically beneficial situation, there is one big “BUT” - users very rarely follow the security rules that directly relate to access to Wi-Fi. As time passes, we begin to notice that the speed of the Internet connection has decreased, and the printer suddenly began to be interested in “nude photos”, occasionally printing them! The actions of a “prankster” who has connected to your network are not limited to simple access to the Internet or to a printer; with a little skill, more confidential information becomes available to a third-party user, for example, your funds in electronic wallets. Therefore, protecting the wireless network and yourself personally is task number one, especially for users living in an apartment building.

How to secure Wi-Fi access from external intrusion

Typically, a user, noticing incorrect computer operation related to the network, rushes to apply a reset. This is apparently similar to a system unit that suddenly froze. And here, we are looking for a thin object to get to the hidden “Reset” button on the network equipment case. Often, such actions save for a short time, and the situation is in a hurry to repeat itself...

Ways to protect Wi-Fi access:

1. The main step towards security will be to simply change your access password. After all, after configuration by a specialist (or self-configuration), the equipment continues to store factory credentials. And here, you don’t have to be a “computer genius” to enter the settings panel via the web interface!
   Note! Not all equipment models have the ability to configure the router control panel, so the following advice is more practical to implement.
2. The next request concerns the network access password. Users are careless when choosing this cipher. Sometimes we refer to our weak memory, but at the same time we reset it with enviable consistency!
   Therefore, it is better to configure the WPA2 encryption algorithm once and come up with a 10-digit password that you will change at least occasionally. For it, select a random set of letters and numbers, and simply write down the combination you came up with on a piece of paper or on the box from the router.
   
   
   Note! Don't create readable passwords. Last names and first names in the English layout are difficult to come up with, but easy to find!
3. Next, it would be a good idea to abandon the WPS function, which creates a digital PIN code for new devices. The function is active by default on most access point models. If you don’t have to constantly connect different smartphones or tablets, then there won’t be any difficulties.
   Note! Even if there is a need to regularly connect new gadgets, it is enough to enter the access password every time! Low cost for home network security.
4. The next recommendation is more about attentiveness. Get into the habit of correctly leaving the router’s web interface, that is, not just closing the browser tab, but rather “exiting the control panel.”
   This precaution is associated with some features of Internet browsers. When visiting pages, browsers save cache and cookies, which are responsible for storing temporary files and resource information. You may have previously noticed that after leaving the site, re-authorization is not required. So this is another loophole for a random attacker!
   Note! It would be a good idea to get into the habit of clearing the cache and cookie of the browser you actively use (read how to do this in the article:,).
5. The following steps are more likely to be addressed to experienced users, as they carry some risk. So, first we’ll change the router’s subnet, since it is set by default and is known to many. Typically, it is an address:
   • 192.168.0.0
   • 192.168.1.0
   • 192.168.1.1

   Moreover, the address is indicated on the device body; nothing prevents us from changing the IP address via the web interface and giving the local subnet a new name, different from the factory one.
   
   

I'll tell you a story that is still going on with one Internet provider in my city. One day, visiting a friend, I asked him for access to Wi-Fi. The network is preserved in the smartphone. While in another part of the city, I suddenly discovered that I had reconnected to a friend's Wi-Fi. How is this possible? It turns out that the Internet provider set the same network name and password on all routers that were issued to subscribers upon connection. More than one year has passed, and I still have free Wi-Fi in almost every yard. By the way, the login and password for accessing the routers are also the same. :)

Naturally, I told my friend about this funny discovery and reconfigured his router. Are you sure you are not in a similar situation?

What are the dangers of unauthorized access to your Wi-Fi and router?

Imagine that an attacker connected to your Wi-Fi, downloaded several gigabytes of child pornography, and posted a couple of hundred extremist and other “incendiary” messages. The contract for the provision of Internet services is issued in your name, and accordingly, you will also be held accountable for violating the law.

Even if the connected person does not commit illegal actions, he can download and distribute large files (including illegal content from torrent trackers) for days, which will affect the speed and stability of your Internet connection. The network is full of stories about free neighbor Wi-Fi. Perhaps you, too, are that good neighbor?

The situation when an outsider knows the login and password for the router itself includes all the risks listed above, and also adds several new ones.

For example, the prankster simply changes the Wi-Fi password and you lose access to the Internet. He may change the password to the router, and you will have to reset to factory settings and configure everything again (or call a specialist if you do not have the appropriate skills) to regain control of your equipment. The prankster himself can also reset the settings.

There is no absolute protection, but you don’t need it

There are many ways to hack networks. The likelihood of hacking is directly proportional to the motivation and professionalism of the hacker. If you have not made enemies and do not have any super-valuable information, then it is unlikely that you will be purposefully and diligently hacked.

In order not to provoke random passers-by and neighbors eager for freebies, it is enough to close basic security holes. Having encountered the slightest resistance on the way to your router or Wi-Fi, such a person will abandon his plan or choose a less protected victim.

We bring to your attention a minimum sufficient set of actions with a Wi-Fi router that will allow you to avoid becoming the object of cruel jokes or someone’s free access point.

1. Access your Wi-Fi router

The first step is to take control of your own router. You must know:

• Router IP address,
• login and password to access the router settings.

To find out the router's IP address, turn the device over and look at the sticker on the bottom. There, among other information, the IP will be indicated. Typically this is either 192.168.1.1 or 192.168.0.1.

The router address is also indicated in the user manual. If the box with the instructions from the router has not been preserved, then Google will help you find the user manual in electronic form.

You can find out the router address yourself from your computer.

1. On Windows, press the Windows key + R.
2. In the window that appears, type cmd and press Enter.
3. In the window that appears, enter ipconfig and press Enter.
4. Find the "Default Gateway" line. This is the address of your router.

Enter the received IP address of the router in the browser. You will see a login page for the router settings.

Here you need to enter your username and password, which you must know. In most cases, the default login is the word admin, and the password is either an empty field or also admin (the default login and password are also listed at the bottom of the router). If you got the router from your Internet provider, then call them and find out.

Without the ability to change settings, you essentially lose control over your own equipment. Even if you have to reset your router and set everything up again, it will be worth it. To avoid problems with accessing the router in the future, write down your username and password and store them in a safe place without access to others.

2. Create a strong password to access the router

Having gained access to the router, the first thing you need to do is change the password. Router interfaces vary depending on the manufacturer, specific model and firmware version. The user manual for your router will help you with this matter, as well as with subsequent steps to improve protection.

3. Come up with a unique name (SSID) for your Wi-Fi network

If your neighbors are completely new to technology, then a network name like fsbwifi or virus.exe may scare them away. In fact, a unique name will help you better navigate among other access points and uniquely identify your network.

4. Create a strong password for your Wi-Fi network

By creating a password-free access point, you essentially make it public. A strong password will prevent strangers from connecting to your wireless network.

5. Make your Wi-Fi network invisible

You will reduce the likelihood of an attack on your network if it cannot be detected without special software. Hiding the access point name improves security.

6. Enable encryption

Modern routers support various methods of encrypting data transmitted over a wireless network, including WEP, WPA and WPA2. WEP is inferior to others in terms of reliability, but is supported by older equipment. WPA2 is optimal in terms of reliability.

7. Disable WPS

WPS was created as a simplified way to create wireless networks, but in reality it turned out to be extremely vulnerable to hacking. Disable WPS in your router settings.

8. Enable MAC address filtering

Router settings allow you to filter network access by unique identifiers called MAC addresses. Each device that has a network card or network interface has its own MAC address.

You can create a list of MAC addresses of trusted devices, or block connections to devices with specific MAC addresses.

If desired, an attacker can spoof the MAC address of the device from which he is trying to connect to your network, but for an ordinary household wireless access point such a scenario is extremely unlikely.

9. Reduce Wi-Fi signal range

Routers allow you to change the signal strength, thus increasing or decreasing the range of the wireless network. Obviously, you only use Wi-Fi inside your apartment or office. By reducing the transmission power to a value where the network signal is reliably received only within the premises, you, on the one hand, will make your network less noticeable to others, and on the other hand, reduce the amount of interference for neighboring Wi-Fi.

10. Update your router firmware

There is no perfect technology. Craftsmen find new vulnerabilities, manufacturers close them and release “patches” for existing devices. By periodically updating your router's firmware, you reduce the likelihood that an attacker will take advantage of flaws in older versions of the software to bypass security and gain access to your router and network.

11. Block remote access to the router

Even if you protect your wireless network and login with passwords, attackers will still be able to access your router via the Internet. To protect your device from such external interference, find the remote access function in the settings and disable it.

12. Firewall

Some routers have a built-in firewall - a means of protection against various network attacks. Look in your router's security settings for a feature with a name like Firewall, "Firewall" or "Firewall" and enable it if it is present. If you see additional firewall settings, read the official instructions on how to configure them.

13.VPN

They create something like an encrypted tunnel for secure data transfer between the device and the server. This technology reduces the likelihood of identity theft and makes it more difficult to find the user's location.

To use a VPN, you need to install a special client program on your gadget. Such software exists for mobile devices and computers. But some routers can also be connected to VPN services. This function allows you to protect all gadgets on a local Wi-Fi network at once, even if they do not have special programs.

You can find out whether your router supports VPN in the instructions or on the manufacturer’s website. The same applies to the necessary settings.

Today there will be a fairly large post on how to create a secure Wi-Fi network at home, protect home computers connected to this network, smartphones and tablets from hacking, using the RT-N12VP as an example.

So, let’s first understand that the security of your wireless network is determined by its weakest link. Today we'll look at the basic security settings you should have.

Let’s assume that at home you have 2 desktop computers, 2 laptops, 3 tablets and 4 smartphones. I’m not talking about other things, such as TV set-top boxes, wi-fi MFPs and media center servers on Android.

Check that you have antivirus installed on all devices.

It is important. If one of the devices is infected, then the others will be infected in the near future. Thus, Android smartphones can distribute advertising viruses over a local network with great success.

Disable automatic search for networks on mobile devices. The fact is that you may well become a victim of scammers who deliberately create open access points for the purpose of stealing data.

Clear the list of networks remembered by your devices. Leave only familiar secure networks: home, work.

To prevent theft of funds, “diversion” of email accounts, social networks and other sites, use two-factor authentication where possible.

Well, you protected your devices and didn’t fall for the scammers with “free” wi-fi. What's next? Setting up secure wi-fi.

The center of your wi-fi universe in your apartment is your access point (router). In the vast majority of cases, it is protected only by a password and login. Let's try to make your home Wi-Fi network more secure.

Install - Authentication method(security level) — WPA2-Personal

WPA-PSK key(network password) - something like this FD5#2dsa/dSx8z0*65FdqZzb38. Yes, such a password is difficult to remember, but also more difficult to guess. The fact is that there are programs for selecting wi-fi passwords using brute force. Selecting a password in this case is a matter of time. You can even download a similar program to your smartphone, for example, and try how long it will take before you guess the password to your network.

Go to settings Wireless network — Wireless MAC Address Filter

The Wireless MAC Address Filter allows you to control packets from devices with a specific MAC address on a wireless LAN.

Simply put, only those devices whose MAC addresses are allowed to connect will be able to connect to your access point. How can I find out these addresses? You can look in the device settings and enter it into the router settings. You can turn on Wi-Fi on each one in turn, compare the data with the data displayed in the router’s network map and enter these addresses into the Wireless MAC Address Filter.

On an Android smartphone, the MAC address is located Settings -> About the phone -> general information ->Wi-Fi MAC address.

If you live alone, or at least there is a period of time when you do not use the wireless network, you can turn it off. These settings are located in the section Wireless network — Professionally

Also in the section Administration —System disable access via Telnet And web access from WAN. This will make it difficult to connect to the router remotely. If there is a firewall in the settings, then enable it.

To be continued.

(3 ratings, average: 4,33 out of 5)
Anton Tretyak Anton Tretyak [email protected] Administrator website - reviews, instructions, life hacks