How-To Geek - Tuesday, March 3, 2020 at 1:40 AM
How Secure Is Your Home Wi-Fi?
Casezy idea/Shutterstock
When it comes to modern technology, everything is a compromise between
convenience and security. Everyone wants fast access to the internet, which is
why Wi-Fi is everywhere. But how secure is your home Wi-Fi router? What can you
do to protect your network?
Something you rarely hear these days is that as long as you follow a few
common-sense and easily implemented best practices, you probably have very
little to worry about.
“Basically, Wi-Fi is pretty secure,” said Anthony Vance, professor and director
of the Center for Cybersecurity at the Fox School of Business at Temple
University. “People shouldn’t be concerned about it.”
Of course, the devil is in the details, and we’ve got some unpacking to do.
What Your Router Does
You might not think much about your router, but it’s probably the most
important gadget in your home. It’s definitely the most important one connected
to your network.
Most Wi-Fi routers have several functions. First, they’re gateways that connect
a cable modem to the internal network. They’re also wireless access points that
provide connectivity for the Wi-Fi devices in your home. Most routers also
include a handful of Ethernet ports, which make them a network hub or switch.
Netgear
Many cable companies offer the option of an all-in-one modem and Wi-Fi router,
so it’s possible you have a single box that does everything.
However, if you do have an all-in-one modem and router from your cable company,
you might want to reconsider that. Many of them aren’t especially speedy and
might lack the features and security you’d get from a standalone router.
Routers Get a Bad Rap
Many people eye their Wi-Fi router somewhat suspiciously and assume it’s one
simple hack away from spilling their personal files or allowing strangers to
steal their bandwidth. But this is a misconception.
“Wi-Fi access point security in the early days with WEP was really bad,” said
Vance. “I think that has given Wi-Fi security a bad name ever since.”
WEP was the earliest Wi-Fi security protocol, and it did have fatal
vulnerabilities that rendered it barely better than no security at all. It was
retired in 2004 and replaced first by WPA, and then by WPA2, which is what we
still have now. It’s an encryption scheme with no practical vulnerabilities for
home networks.
However, WPA2 will soon be superseded by WPA3, which is just arriving on
shelves. This new standard has a few enhancements, including a resistance to
dictionary attacks. This essentially inoculates your network from brute force
password-guessing. It will be especially helpful for networks controlled by
weak passwords.
RELATED: What Is WPA3, and When Will I Get It On My Wi-Fi?
Use a Guest Network
Not every bell, whistle, and security feature in a modern router is worth the
investment, though. For example, if you already use strong, unique passwords on
your router, Vance doesn’t recommend you upgrade to a WPA3 just yet.
Some other features might be worth it, though. If your current router doesn’t
allow you to enable a guest network, that could be reason enough to upgrade for
many folks. A guest network is separate from your primary one.
“It’s like having two different access points,” said Vance. “They can both
access the internet, but they can’t mingle with each other.”
That’s great for guests (hence, the name), but there’s a much better reason to
use a guest network: smart devices. This way, you would connect all your
primary computing devices, like smartphones, tablets, and computers, to the
primary network. But you would connect all your Internet of things (IoT)
devices, like kids’ gadgets, and actual guests to the guest network.
“Wi-Fi networks are only as secure as the least secure device attached to
them,” said IEEE member, Kayne McGladrey.
Smart devices, like webcams, doorbells, switches, plugs, and other IoT devices
are notoriously insecure.
“Insecure IoT devices can be tricked into divulging a Wi-Fi password,” said
McGladrey.
This isn’t idle hand-wringing on the part of security experts, either. Back in
2016, the Mirai botnet attack infected millions of vulnerable home network
devices, like unsecured routers and IoT devices, like baby monitors and
webcams. The devices were then used to launch a massive DDoS attack. It
crippled the internet for millions of people in the U.S. for many hours.
The only way to ensure your Wi-Fi network’s security is to connect all those
devices to the guest network. That way, even if one device gets hacked, the
hacker is limited to your guest network and can’t access your most important
devices and data.
If you have a guest network that supports it, you can even schedule when it can
allow access.
“Neither children, nor washing machines need an active internet connection at 3
a.m.,” said McGladrey.
Security via Passwords
Casezy idea/Shutterstock
So, yes, your Wi-Fi router is pretty secure, as long as you follow some of the
best practices. First and foremost, you need to be using strong custom
passwords.
“If you’re using WPA2,” said cybersecurity consultant, Dave Hatter. “And you
have a reasonable password, around 15 characters that can’t be easily guessed,
you’re going to be pretty secure.”
Your router has a minimum of two passwords, and you need to care about all of
them. In addition to the primary Wi-Fi password, controlling the admin password
to control the router itself is critical.
“Anytime you leave the default settings, you’re basically asking for trouble,”
said Hatter. “For many routers, it’s not too difficult to find the
manufacturer’s guide and immediately know what the defaults are. Additionally,
tools like Shodan make it easy to find online every router of a particular
brand. So, if you know what those default settings are, you can find those
things pretty quickly and immediately attempt to hack.”
Thankfully, things are getting better. Many newer routers come with randomized
passwords, rather than the same stock set of characters for all models that
roll off the assembly line. In fact, a recent law—the California Consumer
Privacy Act—mandates that all devices must be sold with unique passwords.
Still, you should change the default password—and the longer, the better.
Other Best Practices
Clearly, password hygiene is critical to the security of your Wi-Fi network.
Beyond that, though, there are additional steps you can take to ensure your
network’s security.
One way is to keep your router up to date. Some routers update their firmware
automatically, but many do not. To do this, you have to open the router’s admin
settings in a browser or mobile app and check for updates. Generally, router
manufacturers don’t frequently issue updates, so when there is a release, it’s
probably critical.
You should also disable router features that make your network more vulnerable.
Chief among these is remote access.
“You don’t want anyone to be able to remotely access that thing,” said Hatter.
“You want any access to be done from a machine connected to your local
environment.”
Some security experts have more robust recommendations. McGladrey suggests
replacing your router every two or three years and evaluating IoT devices for
security vulnerabilities before you purchase them.
Not all suggestions are practical for everyone. But if you keep the router’s
firmware updated and occasionally (perhaps twice a year) change the passwords,
this will probably be more than sufficient. And as long as your IoT devices
have their own guest network to play in, you can consider yourself safe.
“If the Iranians or the Russians have decided to make you a target, that might
not be sufficient,” Hatter said. “But it’s going to stop the average kind of
hacking.”
https://www.howtogeek.com/659084/how-secure-is-your-home-wi-fi/
David Goldfield
Assistive Technology Specialist
Feel free to visit my Web site
WWW.DavidGoldfield.info