I find it somewhat disheartening that since any decent router can be a great hardware firewall, people still seem to ignore the user name and password associated with it. Why have a great firewall, then leave it wide open to attacks from the malicious among us?
This short post will not attempt to teach you how to connect your router, nor will it try to explain a router’s many possible settings. All I want to do here is point out a couple of security measures that I deem absolutely necessary.
Every router has an interface that can be accessed with your browser– the only exception I am aware of are Apple routers. For that reason, this post doesn’t address those.
I’d like to talk about changing the default User Name and Password to something more sensible; I’d also like to mention a good security method called WPA2. I’ll explain what that is a little later.
How To Access Your Router With Your Browser
The Internet Protocol (IP) address of your router should be available in the user manual that came with it. If you want Windows to tell you what it is, you can open a Command Box and type: ipconfig
You should then see something like this:
The entry you are looking for is labeled: Default Gateway
If you enter this address in your browser’s address bar, it should connect to your router interface where you can change all the settings it provides. If not, then you have made a mistake and need to re-read the manual. You did read the manual, right?
Admin and 1234
All routers ship with default user names and passwords. You really need to change them. Every bad guy and his brother know what these are and leaving them at their default settings is really asking for trouble.
If you can’t gain access to your router, then you will have to do one of three things:
- Read the manual (ahem)
- Go online and search for it– of course, you’ll need Internet access for that…
- Call a friend who loves messing with these things
My router has a section called Administrator Password. Yours may be called something else, but you get the idea. Find it, then change the User Name and Password to something unique. Be sure to remember it! If you forget it six months down the road, you will have to reset your router to the factory defaults to gain access and may thereby lose all your personalized settings in the process.
WEP vs WPA vs WPA2
All three are encryption methods designed to protect your wireless connections from prying eyes.
WEP : Wired Equivalent Privacy
If your router only supports WEP, return it and get a better router.
WEP has many security holes which a hacker of nominal skills can break through very quickly. WPA is a much better choice.
WPA: Wi-Fi Alliance
WPA is a newer standard and allows for a stronger encryption method. It was created to counteract the weaknesses in the WEP standard. Unfortunately, hackers broke into a WPA-protected system in 2008. Users are now encouraged to use the better method employed within WPA2.
WPA2: 2nd Generation of the above
Since 2006, all hardware must support the WPA2 standard in order to be called Wi-Fi, a trademark of the industry. As of 2011, WPA2 is the strongest available encryption mechanism.
In 2010, hackers found a way to exploit a weakness in the system which allowed unauthorized access. This was the same weakness as with wired networks so is not an inherent weakness in the WPA2 system.
It would seem that no matter how high a wall you build, somebody will find a way to scale it.
You should be able to find a setting in the router interface regarding wireless security. Once you find it, be sure to enable WPA2 encryption. Router interfaces generally provide help pages to assist you. You could also read the manual… just a thought.
If you don’t care about your neighbors eavesdropping, then I suppose you could ignore this advice. I certainly don’t suggest this course of action however. To the contrary, I strongly recommend heeding it.
The Bottom Line
Performing these two simple steps will greatly help you in your search for better network security.
By changing the user name and password you make it much more difficult for someone to piggy-back or breach your Local Area Network (LAN). Furthermore, by encrypting what you send out over the airwaves, you prevent people from listening in on your private communications.
Ten minutes worth of effort will garner huge rewards,