How To Secure A New Router


router-login-imageWhen you purchase a new router there are some very basic first steps that must be taken if you are the least bit concerned with the security of your Home Network.

I find it somewhat disheartening that since any decent router can be a great hardware firewall, people still seem to ignore the user name and password associated with it. Why have a great firewall, then leave it wide open to attacks from the malicious among us?

This short post will not attempt to teach you how to connect your router, nor will it try to explain a router’s many possible settings. All I want to do here is point out a couple of security measures that I deem absolutely necessary.

Every router has an interface that can be accessed with your browser– the only exception I am aware of are Apple routers. For that reason, this post doesn’t address those.

I’d like to talk about changing the default User Name and Password to something more sensible; I’d also like to mention a good security method called WPA2. I’ll explain what that is a little later.


How To Access Your Router With Your Browser

The Internet Protocol (IP) address of your router should be available in the  user manual that came with it. If you want Windows to tell you what it is, you can open a Command Box and  type: ipconfig

You should then see something like this:

router-ip-address-image

The entry you are looking for is labeled: Default Gateway

If you enter this address in your browser’s address bar, it should connect to your router interface where you can change all the settings it provides. If not, then you have made a mistake and need to re-read the manual. You did read the manual, right?

Admin and 1234

All routers ship with default user names and passwords. You really need to change them. Every bad guy and his brother know what these are and leaving them at their default settings is really asking for trouble.


If you can’t gain access to your router, then you will have to do one of three things:

  1. Read the manual (ahem)
  2. Go online and search for it– of course, you’ll need Internet access for that…
  3. Call a friend who loves messing with these things

My router has a section called Administrator Password. Yours may be called something else, but you get the idea. Find it, then change the User Name and Password to something unique. Be sure to remember it! If you forget it six months down the road, you will have to reset your router to the factory defaults to gain access and may thereby lose all your personalized settings in the process.

WEP vs WPA vs WPA2

All three are encryption methods designed to protect your wireless connections from prying eyes.

WEP : Wired Equivalent Privacy

If your router only supports WEP, return it and get a better router.

WEP has many security holes which a hacker of nominal skills can break through very quickly. WPA is a much better choice.

WPA: Wi-Fi Alliance

WPA is a newer standard and allows for a stronger encryption method. It was created to counteract the weaknesses in the WEP standard. Unfortunately, hackers broke into a WPA-protected system in 2008. Users are now encouraged to use the better method employed within WPA2.

WPA2: 2nd Generation of the above

Since 2006, all hardware must support the WPA2 standard in order to be called Wi-Fi, a trademark of the industry. As of 2011, WPA2 is the strongest available encryption mechanism.

In 2010, hackers found a way to exploit a weakness in the system which allowed unauthorized access. This was the same weakness as with wired networks so is not an inherent weakness in the WPA2 system.

It would seem that no matter how high a wall you build, somebody will find a way to scale it.

You should be able to find a setting in the router interface regarding wireless security. Once you find it, be sure to enable WPA2 encryption. Router interfaces generally provide help pages to assist you. You could also read the manual… just a thought.

If you don’t care about your neighbors eavesdropping, then I suppose you could ignore this advice. I certainly don’t suggest this course of action however. To the contrary, I strongly recommend heeding it.

The Bottom Line

Performing these two simple steps will greatly help you in your search for better network security.

By changing the user name and password you make it much more difficult for someone to piggy-back or breach your Local Area Network (LAN). Furthermore, by encrypting what you send out over the airwaves, you prevent people from listening in on your private communications.

Ten minutes worth of effort will garner huge rewards,

Richard

Posted in:
About the Author

Richard Pedersen

Richard received his first computer, a C-64, in 1982 as a gift and began dabbling in BASIC. He was hooked! His love for computing has led him from the old “XT” boxes to the more modern fare and from clunky 10MB hard drives to smooth and fast modern day SSD drives. He has run BBS services, Fido mail, and even operated his own computer repair business.

2 Comments

  1. Great article, and one that I recently had to deal with. Was trying to setup a wi-fi connection for a friends laptop but they had no idea what the login was for their router. They had a Netgear like mine so I tried the default login for Netgear routers and bingo I was able to retrieve their password for their router connection. This just underlines the need to change the default login credentials. Daniel.