How to protect a router from hacking. How to protect Wi-Fi network? Key and effective tips

Useful programs

What today can be more important than protecting your home Wi-Fi network 🙂 This is a very popular topic on which more than one article has already been written on this site. I decided to collect all the necessary information on this topic on one page. Now we will examine in detail the issue of protecting Wi-Fi networks. I’ll tell and show how to protect Wi-Fi with a password, how to do it correctly on routers of different manufacturers, which encryption method to choose, how to choose a password, and what you need to know if you plan to change the wireless password.

In this article we will talk specifically on securing your home wireless network. And about password protection only. If we consider the security of some large networks in offices, then it’s better to approach security a little differently (at least another authentication mode). If you think that one password is not enough to protect Wi-Fi networks, then I would advise you not to bother. Set a good, complex password according to this instruction, and don’t worry. It is unlikely that someone will spend time and effort to break into your network. Yes, you can, for example, hide the network name (SSID), and set up filtering by MAC address, but these are unnecessary troubles that in reality will only bring inconvenience when connecting and using a wireless network.

If you are thinking about protecting your Wi-Fi, or leaving the network open, then the only solution here is to protect. Yes, the Internet is unlimited, but almost every home has its own router, but over time, exactly someone will connect to your network. And why do we need this, because extra customers, this is an extra load on the router. And if it’s not expensive with you, then it simply cannot withstand this load. And if someone connects to your network, he will be able to access your files   (if LAN is configured), and access to the settings of your router (After all, the standard password admin, which protects the control panel, you most likely did not change).

Be sure to protect your Wi-Fi network with a good password with the correct (modern) encryption method. I advise you to set up protection immediately when configuring the router. And also, it would be nice to change the password from time to time.

If you are worried that someone is hacking your network, or has already done so, just change the password and live in peace. By the way, since you will all be logged into the control panel of your router, I would also advise which one is used to enter the router settings.

Proper protection of your home Wi-Fi network: which encryption method to choose?

In the process of setting a password, you will need to choose a method for encrypting Wi-Fi networks (authentication method). I recommend installing only WPA2 - Personal, with encryption according to the algorithm AES. For a home network, this is the best solution, at the moment the newest and most reliable. This is the kind of protection that router manufacturers recommend installing.

Only under the condition that you do not have old devices that you want to connect to Wi-Fi. If after setting up some old devices you refuse to connect to the wireless network, you can set the protocol WPA (with TKIP encryption algorithm). I do not recommend installing the WEP protocol, as it is already outdated, not secure, and can be easily cracked. Yes, and there may be problems connecting new devices.

Protocol combination WPA2 - Personal with AES Encryption, this is the best option for a home network. The key itself (password) must be at least 8 characters. Password must consist of English letters, numbers and symbols. Password is case sensitive. That is, “111AA111” and “111aa111” are different passwords.

I don’t know which router you have, therefore, I’ll prepare small instructions for the most popular manufacturers.

If after changing or setting a password you have problems connecting devices to a wireless network, then see the recommendations at the end of this article.

I advise you to immediately write down the password that you will set. If you forget it, you will have to install a new one, or.

We protect Wi-Fi with a password on Tp-Link routers

We are connected to a router (via cable or Wi-Fi), launch any browser and open the address 192.168.1.1, or 192.168.0.1 (the address for your router, as well as the standard username and password are indicated on the sticker on the bottom of the device). Enter your username and password. By default, these are admin and admin. In, I described in more detail the entrance to the settings.

In the settings, go to the tab Wireless  (Wireless) - Wireless security  (Wireless Security). Place a checkmark next to the protection method WPA / WPA2 - Personal (Recommended). In the drop down menu Version  (version) select WPA2-PSK. On the menu Encryption  (encryption) install AES. In field Wireless password  (PSK password) provide a password to protect your network.

In the settings we need to open the tab Wireless network, and make the following settings:

  • In the "Authentication Method" drop-down menu, select WPA2 - Personal.
  • "WPA Encryption" - install AES.
  • In the field "Preliminary key WPA" write the password for our network.

To save the settings, click on the button To apply.

Connect your devices to the network already with a new password.

Protecting the wireless network of the D-Link router

Go to the settings of your D-Link router at 192.168.0.1. You can watch detailed instructions. In the settings, open the tab Wifi - Security Settings. Set the security type and password as in the screenshot below.

Setting a password on other routers

We have more detailed instructions for ZyXEL and Tenda routers. Look at the links:

If you did not find instructions for your router, then you can configure Wi-Fi network protection in the control panel of your router, in the settings section, which is called: security settings, wireless network, Wi-Fi, Wireless, etc. I think I’ll find it will not be difficult. And what settings to install, I think you already know: WPA2 - Personal and AES encryption. Well, the key.

If you can’t figure it out, ask in the comments.

What to do if devices do not connect after installation, password change?

Very often, after setting, and especially changing the password, devices that were previously connected to your network do not want to connect to it. On computers, this is usually an error "Network settings stored on this computer do not meet the requirements of this network" and "Windows could not connect to ...". On tablets and smartphones (Android, iOS), errors like “Failed to connect to the network”, “Connected, protected”, etc. may also appear.

These problems are solved by simply removing the wireless network, and reconnecting, already with a new password. How to remove a network in Windows 7, I wrote. If you have Windows 10, then you need to "forget the network" by. On mobile devices, click on your network, hold, and select Delete.

If connection problems are observed on older devices, then set the WPA protection protocol and TKIP encryption in the router settings.

Not necessarily the neighbors steal wi-fi, but someone does it unscrupulously. And it seems that the connection speed allows you to share with your neighbors, but sometimes it drops. What needs to be done to load the network like this? At the very least, lose conscience and use someone else’s Internet without permission. But closer to the point.

The situation - you are sitting on the Internet through your wi-fi router. And suddenly the speed drops so that the pages hardly open. And this is not the first time. It is a reasonable idea that someone is stealing wi-fi. How to find out if someone is connected to my file and how to disconnect strangers.

Important! All router descriptions are not universal - we are talking about a specific TP-LINK model and may vary for other devices. If you are not confident in your actions - do not continue.

Find out if anyone is connected to wi-fi

The first way. Program. SoftPerfect WiFi Guard

This method is for those who do not want to bother too much and who will conduct diagnostics through a personal computer. To determine who connected to the router, you need SoftPerfect WiFi Guard. We find it, for example, through Google and install. The program is in Russian, it installs quickly. Minimum settings required.

In the “basic” tab of the “settings” item of the program, we find the column - “network adapter”. We select the item, in my case it is Qualcomm Atheros. Click OK. After that, in the program window, click “scan”.

The program will show all the devices that are connected to our wi-fi. If only you are connected, you will see two devices (column “Info”), which will be designated as “This computer” and “Internet gateway”. That is, your computer and the router itself.

If there are strangers, the program will show them - the devices of neighbors will be displayed in red circles. These are either neighbors or your other devices.

The second way. Router admin

This method does not require additional software. We go to the admin panel of the router. After connecting to the file network, we type the IP address of the router. As a rule, this is 192.168.1.1. On different models, the address may be different - you can specify it on the device’s case. After we enter the username / password. As a rule, this is admin / admin (you can specify on the device case).

This is where the difficulty begins. On different models of routers, the menu may be different. On my device, in the “Status” tab, we find the item “Wireless”. There is a plate with the MAC addresses of the connected devices. If you are connected one, then in this table there is only one MAC. There are other addresses - neighbors steal Wi-Fi. But it’s important - at this point you can get information about devices that are connected right now.

More information can be seen in the “Interface Setup” tab, “DHCP” item.

How to disconnect neighbors from wi-fi

We offer the easiest and most effective way to protect your Internet. Namely, we set the password. The neighbors connected to our Internet either by hacking your password, or you did not set it at all.

The algorithm may be different on different devices. In my case, in the admin panel of the router, go to the “Interface Setup” tab, the “Wireless” item. In the column “WPS Settings” we find the item “Authenticatio n Ty pe. " If it is “Disabled”, then change it to “WPA-PSK”. Then in the same tab appears the column "WPA-PSK" below. In the “Pre-Shared Key” field, enter the password - at least 8 characters. It remains only to click "save". We are reconnecting to our Wi-Fi, now we are required to enter a password.

As a rule, the password on each device (laptop, tablet, smartphone) needs to be entered only once. The device will remember it and enter it automatically.

If you forgot your wi-fi password

If you forgot the password from wi-fi, then it is impossible to restore it - it is stored in the device itself. It can only be reset. To do this, hold down the reset button for a few seconds. The settings of the router will be deleted and it will need to be configured again.

Now in most apartments and houses there is more than one device that is connected to the Internet. This led to the popularity of routers and wireless access points, which almost completely replaced the connection of the ISP cable directly to a single computer. Now the wire of the Internet connection service provider is included in a special device that allows you to use the same connection for several computers at once, as well as connect mobile devices, laptops and ordinary computers via Wi-Fi, combining them in a local network.

Routers are at home, warm and comfortable, and this gives rise to a false feeling that the routers are safe. This is not at all true, each router stands on seven winds - in a very aggressive environment: any (literally ANY) within the reach of a wireless signal can interact with your router, record the transmitted traffic; you also need to remember that routers have Internet access, where numerous automated scanners can scan ports, running services dozens of times a day, sort passwords, and perform exploits in relation to your router.

Your router needs protection - without your help, it can become a victim of hackers, this article will tell how to protect and configure a Wi-Fi router so that it is impossible to crack.

What can hackers get by hacking a Wi-Fi router?

Many users are frivolous about protecting the router, because they do not understand the danger that a hacking router can entail. It is curious that most users understand the danger of hacking their computer, since an attacker can gain access to their personal data, photos, passwords. It is very important to understand that hacking a router is a previous step towards hacking a computer. Having penetrated the router, a hacker can:

  • perform a man-in-the-middle attack, which is aimed at intercepting passwords and other data that you transmit over the network;
  • perform a man-in-the-middle attack aimed at infecting the user's computer with a backdoor or trojan;
  • perform phishing attacks aimed at obtaining logins and passwords from sites, luring money, infecting your computer with a backdoor or trojan;
  • monitor network activity of users;
  • block the Internet connection completely or to individual sites;
  • use an Internet connection for criminal activity (law enforcement agencies will see your IP as the address of a cybercriminal);
  • access webcams and other peripheral equipment connected to your router
  • make changes to the firmware of the router.

Hacking a router is a serious threat that can lead to serious consequences for the user.

How to get into the router settings

In most cases, a web interface is used to manage routers, i.e. You can make all the settings directly from the browser. Your computer and your router are on the same local network (it doesn’t matter if you use Wi-Fi or a wire). To get "inside" your router, type in the browser bar

If this address does not work, then sometimes it can be

You will be greeted by a form for entering a username and password. You can see them in the device passport, on the box, on the case. Or just look for the default (factory) credentials for your router on the Internet.

Each model has its own peculiarities of interface design and grouping of settings, but usually there are always items “Wireless Network”, “Local Area Network” and “Internet”. Menu items and settings may be called a little differently, but if you understand the meaning of the settings, you can easily find it at home.

Recommendations for protecting your router and Wi-Fi access point from hacking

Use a password to access your network.

Do not leave your wireless network open (“Open”), choose encryption (authentication method) WPA or WPA2.

Stop using WEP

WEP is an outdated, virtually unused Wi-Fi security algorithm. It can be hacked in minutes. Nevertheless, access points with WEP still come across, so check yours and if it uses WEP for encryption, switch to WPA or WPA2.

Disable WPS

WPS (Wi-Fi Protected Setup) provides an easy but not secure way to create a wireless network. Depending on the degree of vulnerability, WPS, and then Wi-Fi password, can be cracked in a day or even in a matter of minutes.

Set a strong password

Since, by its very nature, a Wi-Fi network is accessible to anyone within its range, anyone can try to connect to it by trying different passwords (called online brute force). Another technique is also popular, which is based not on attempts to connect, but on the capture of certain data that a legitimate user and access point exchange at the time of connection and their subsequent hacking (offline busting). The use of the latter allows you to bust at a speed of tens and hundreds of thousands of passwords per second. You can protect yourself from such an attack only by setting a long and complex password.

The following rules will allow you to almost guaranteedly protect yourself from any hacks by brute force:

  • use a long password. Wi-Fi password cannot be less than eight characters. If possible, try to use passwords of 10 or more characters;
  • the password should not be a meaningful phrase, consist of several united meaningful words, since such a variant of the password can be cracked using a dictionary;
  • use four character classes in the password: numbers, uppercase and lowercase letters, punctuation marks;
  • from time to time, for example, once every few months, change your password to a new one.

The screenshot above shows that routers often use generated passwords consisting of eight characters and including three classes of characters (uppercase and lowercase letters, numbers): L95atyz7, 6rQTeRBb, YssvPT4m, WJ5btEX3, dn8MVX7T. To crack these passwords on a typical home computer, it will take 1-3 years of continuous enumeration. BUT having assembled the computer on several top-end video cards (by doing something like a “farm” for mining), a complete search of such a password can be reduced to one to several months. In my opinion, such passwords cannot be considered reliable. As already mentioned, add a fourth class of characters (syntax characters) and increase the number of characters - this will guarantee you that your Wi-Fi network will not be hacked even with very powerful equipment.

Check 5 GHz network settings

Many users do not know that their router operates in two frequency ranges: 2.4 GHz and 5 GHz. If you have secured one range, but forgot about the other, then the attacker can take advantage of this. Set a strong password for the 5 GHz network, disable WPS for it. If you are not using the 5 GHz band, you can simply turn it off.

Set a strong password to log into the admin panel of the router

As already mentioned, your router is connected to local and global networks, where anyone can try to connect to it. To prevent an attacker from picking up a password, set a long password using different character classes.

Change admin name

Change the username from Admin / admin to another, less predictable one - this will further complicate the task of password selection.

Disable access to the router control panel from the Internet

In the vast majority of cases, you just need access to the admin panel of the router from the local network. If you do not need access to the router settings from an external network (from the Internet), disconnect it, this will not allow the attacker to try to find the login password. This setting may be called Enable Web Access from WAN.

Update the firmware of your router

Even with a strong password, an attacker can gain access to the router or get this password in clear form if the router contains a vulnerability. New firmware from manufacturers should eliminate vulnerabilities and other errors, improve stability and functionality, so regularly (every few months) check for new firmware and update them on your router.

Search for vulnerabilities in the router

Unfortunately, sometimes vulnerabilities are found after the manufacturer ceases to support the router. This can lead to a situation where hackers are aware of a vulnerability in your router, but there are no firmware updates.

You can check your router for vulnerabilities with Router Scan by Stas’M. This is a pretty easy to use GUI program.

If you are familiar with Linux, then you can use a similar program RouterSploit, it may contain exploits that are not in Router Scan. Instructions for use:

If your router is vulnerable without the possibility of updating the firmware, it is recommended to abandon its use and replace it with a new one.

Disable unused network services

The more complex the device, the more potential points for the application of the hacker's efforts. Many of the network services and additional features are not used by most users, and some of them also contain known vulnerabilities. Therefore, disable SSH, FTP, Telnet, file sharing from the Internet (for example, AiDisk), file / media server (for example, UPnP), SMB (Samba), TFTP, IPv6 and others that you do not need.

Enable HTTPS for administrative connections

On most routers, it is disabled by default. This setting will allow you to prevent the interception of your password from the admin panel of the router if you connect to it from the Internet, or in the middle of an attack if the attacker has already penetrated your local network.

Exit (log out) when you finish working on the router

Simply closing the page may leave the authorization session in the router open.

Turn on logging

It is a good habit to check the logs for suspicious activity from time to time. Correctly set the clock and time zone so that the logs are more accurate.

Check logs, control connected devices

This already applies to identifying a router hack - this issue will be discussed in more detail below.

Set up a Guest Network

Many modern routers can create separate guest networks.

Make sure that it has access only to the Internet, and not to the local network. Naturally, use WPA2 and, of course, the password should be different, not the same as your main Wi-Fi.

Additional steps to protect the router

If you still have little previous, then here are some more tips.

Change the default IP address range for your local network

All routers for users that I saw have the same range of local addresses. This is 192.168.1.x or 192.168.0.x. This facilitates an automated attack using a script.

Available ranges:

  • Any 10.x.x.x
  • Any 192.168.x.x
  • 172.16.x.x to 172.31.x.x

Change the default local address of the router

If someone penetrates your network, they know for sure that the address of your router is x.x.x.1 or x.x.x.254, making it difficult for them.

Restrict administrative access over a wireless network

This is not for everyone. For example, it may be that absolutely all computers are connected only over a wireless network. But if this can be done, then this will greatly complicate the task of the attacker.

Using MAC Filter

A little effective way of protection, because an attacker can easily find out MAC addresses that are skipped and fake them. No need to rely on this protection.

Network hiding

Security-ineffective reception. It does not impair security, but it does not increase it, because an attacker can easily find out the name of a network.

Signs of a hacked Wi-Fi router

Change router settings without your knowledge

If any settings were changed by illegitimate users, and especially the password for entering the administration panel, DNS, VPN settings was changed, then this is a sign that the hacker has gained access to your router.

Control devices connected to your local network

Programs such as NetworkConnectLog and Wireless Network Watcher () can be used for this.

An unauthorized connection means that your network is compromised.

View the router log

If your router supports logging, which records the device administrator’s input, then regularly review it to identify suspicious activity.

Man-in-the-middle attacks and weird network outages

Advanced users, in addition to discovering new devices on the network, can also take actions to identify attacks that have begun against them “)”.

Strange network disruptions can also indicate changes to the network equipment settings and interception / modification of traffic by the attacker.

It is the most important electronic device in their life. It connects most other devices to the outside world and that is why it is of maximum interest to hackers.

Unfortunately, many home and small business routers come with an insecure configuration by default, have undocumented management accounts, use outdated services, and run on older versions of firmware that are easy to crack using long-known tricks. Alas, the users themselves will not be able to fix some of these problems, but nevertheless, a number of actions can be taken to protect these devices from at least large-scale automated attacks.

Main actions

Avoid using routers provided by providers. Firstly, they are often more expensive. But this is not the biggest problem. Such routers, as a rule, are less protected than those models that manufacturers sell in stores. Very often, they contain hard-coded credentials for remote support that users cannot modify. Updates for modified firmware versions often lag behind releases for commercial routers.

Change the default admin password. Many routers come with typical administrator passwords (admin / admin), and attackers constantly try to log into devices using these well-known credentials. After connecting to the router’s management interface via a browser for the first time - its IP address is usually located on the sticker on the bottom or in the user manual - the first thing you need to do is change the password.

In addition, the web interface of the management router should not be accessible from the Internet. For most users, managing the router from outside the local network is simply not necessary. However, if you still need remote management, consider using a VPN to create a secure channel for connecting to a local network and only then refer to the router interface.

Even within the local network, it is worth restricting the range of IP addresses from which you can control the router. If this parameter is available in your model, it is better to allow access from one IP address, which is not included in the pool of IP addresses assigned by the router via DHCP (Dynamic Host Configuration Protocol). For example, you can configure the router’s DHCP server to assign IP addresses from 192.168.0.1 to 192.168.0.50, and then configure the web interface to accept the administrator only from the address 192.168.0.53. The computer must be configured manually to use this address only when it is necessary to administer the router.

Enable access to the router interface via https, if there is support for a secure connection, and always exit by closing the session upon completion of the configuration. Use the browser in incognito mode or in private mode so that cookies are not saved automatically, and never let the browser save the username and password of the router interface.

If possible, change the IP address of the router. Most often, routers are assigned the first address in a predefined range, for example, 192.168.0.1. If this option is available, change it to 192.168.0.99 or some other address that is easy to remember and which is not part of the DHCP pool. By the way, the whole range of addresses used by the router can also be changed. This protects against fake cross-site requests (CSRFs) when an attack occurs through users' browsers and using the typical IP address usually assigned to such devices.

Create a complex Wi-Fi password and choose strong protocol protection. The WPA2 (Wi-Fi Protected Access 2) protocol is better than the old WPA and WEP, which are more vulnerable to attacks. If the router provides such an opportunity, create a guest wireless network, also protecting it with WPA2 and a complex password. Let visitors or friends use this isolated segment of the guest network, not your main network. They may not have malicious intent, but their devices may be hacked or infected by malicious programs.

Disable the WPS function. This rarely used feature is designed to help users set up Wi-Fi using the PIN code printed on the router sticker. However, in many implementations of WPS versions provided by various vendors, a serious vulnerability was discovered several years ago that allows hackers to break into networks. And since it will be difficult to determine which specific router models and firmware versions are vulnerable, it is better to simply disable this function on the router if it allows you to do this. Instead, you can connect to the router via a wired connection and through the web-based management interface, for example, configure Wi-Fi with WPA2 and user password (without WPS at all).

The fewer services on your router open to the Internet, the better. This is especially true in cases where it’s not you who turned them on, and perhaps you don’t even know what they are doing. Services such as Telnet, UPnP (Universal Plug and Play), SSH (Secure Shell) and HNAP (Home Network Administration Protocol) should not be activated for an external network at all, since they potentially carry security risks. However, they should also be turned off on the local network if you are not using them. Online services like Shields UP from Gibson Research Corporation (GRC) can simply scan the public IP address of your router for open ports. By the way, Shields Up is able to conduct separate scans specifically for UPnP.

Keep your router firmware up to date. Some routers allow you to check for firmware updates directly from the interface, while others even have an automatic update function. But sometimes these checks can occur incorrectly due to changes on the manufacturer’s servers, for example, after several years. Therefore, it is worth regularly checking the manufacturer’s website manually to see if a firmware update for your router model has appeared there.

More complex actions

You can use network segmentation to isolate it from a risky device. Some consumer routers provide the ability to create VLANs (virtual local area networks) within a large private network. Such virtual networks can be used to isolate devices from the Internet of Things (IoT) category, which are full of vulnerabilities, which researchers have repeatedly proved (Bird Kiwi addressed this problem in the previous issue of PC World - ed.). Many IoT devices can be controlled using a smartphone through external cloud services. And since they have access to the Internet, such devices after the initial setup should not interact with smartphones directly over the local network. IoT devices often use insecure administrative protocols for the local network, so an attacker can easily crack such a device using an infected computer if they are both on the same network.

Thanks to MAC address filtering, you can prevent dangerous devices from entering your Wi-Fi network. Many routers allow you to limit the list of devices that have the right to enter the Wi-Fi network by their MAC address - a unique identifier for the physical network card. Enabling this function will not allow an attacker to connect to a Wi-Fi network, even if he manages to steal or pick up a password. The disadvantage of this approach is that manually managing the list of allowed devices can quickly become an unnecessary administrative burden for large networks.

Port forwarding should only be used in conjunction with IP filtering. Services running on a computer behind a router will not be accessible from the Internet unless port forwarding rules are defined on the router. Many programs try to open router ports automatically through UPnP, which is not always safe. If you disable UPnP, these rules can be added manually. Moreover, some routers even allow you to specify an IP address or an entire block of addresses that can connect to a specific port in order to access a particular service within the network. For example, if you want to access the FTP server on your home computer while at work, you can create a port 21 forwarding rule (FTP) on your router, but only allow connections from the IP address block of your company.

Custom firmware may be more secure than factory firmware. There are several Linux-based and community-supported firmware projects for a wide range of home routers. They, as a rule, offer advanced functions and settings compared to those available from the factory firmware, and the community corrects their shortcomings faster than the router manufacturers themselves. Since these firmware are positioned for enthusiasts, the number of devices that use them is much less than devices with firmware from the manufacturer. This greatly reduces the likelihood of extensive attacks on custom firmware. Nevertheless, it is very important to keep in mind that downloading firmware to a router requires good technical knowledge. It is likely that you will lose the warranty, and in the event of an error, the device may fail. Keep this in mind, because you were warned!

How to protect yourself

Check if the remote access feature is enabled on your router. It is often found in devices provided by communication providers. Providers need remote access for business: it’s easier for them to help users with network configuration. Nevertheless, providers can leave the default password in the web interface, which makes you easy prey for hacker programs.

If you can access the web interface with the standard username and password admin / admin, be sure to change the password and write it down. When the provider will configure your router remotely, just say that you changed the password for security reasons, and dictate it to the operator.

Router Protection Instructions

  1. Put a strong password on wifi.
  2. Change the default administrator password.
  3. If the router is not from the provider, disable remote access.
  4. If you don’t know how to do this, call a computer wizard whom you trust.

Hello! I decided to prepare an article in which to collect all the basic and most importantly effective tips and answer your question, how to protect wifi network. From whom will we protect? From the neighbors, of course, but if you need to protect the Wi-Fi set in the office, then from colleagues from a neighboring company :). But seriously, the issue of protecting wireless networks is now very relevant, I drew conclusions on the article in which I described. The article quickly became popular, and gathered a lot of comments.

Set a password to access the settings of the Wi-Fi router

This is the first thing to do when setting up Wi-Fi wireless security. In the settings of the router, look for the tab “System Tools” then go to the tab “Password”.

We enter the old username and password, then in the form below we enter a new name for access and two times a new password. Come up with a good and complex password. Consisting of letters and numbers. And most importantly, remember yourself :). To save, click “Save”. We continue to configure Wi-Fi network protection.

We put the password on the Wi-Fi network and set the encryption type

Without fail, you need to specify the type of encryption that you will use for the network, and set a strong password. Well, except that you have some kind of cafe and you want to make open Wi-Fi access for visitors.

Go to the “Wireless” tab, and “Wireless Security”. Near the WPA / WPA2 - Personal protocol, put a mark, set the settings as in the screenshot below and in the line, opposite “PSK Password:” we come up with a good password. This password will be used to connect to Wi-Fi. To save, click “Save”.

The router will offer to restart it, but if you still make settings, then you can not reboot yet. But the new settings will only work after a reboot.

Another great way to protect. We hide the name of the Wi-Fi network, and you can connect to it only if you know what it is called. Your network will not appear in the list of available networks.

We search and go to the “Wireless” tab. And in order to hide the SSID, just uncheck the box “Enable SSID Broadcast”. So, everything is simple. Click the “Save” button to save the changes.

Turn on device filtering by MAC address

Enabling this function allows you to connect to the router only those devices whose MAC addresses are registered in the settings and allowed. This is a very effective protection, but if you often connect new devices, it will not be very convenient to go into the router settings every time and write down the MAC address of the device.

First you need to find out the MAC addresses of the devices that you want to allow connection to a Wi-Fi network. You can see them in the settings, read more. If it’s a phone or tablet, you can see the address in the settings, in the “About the phone” section. And if the device is already connected to the router, then all the necessary information can be found on the “DHCP” - “DHCP Clients List” tab.

So, go to the “Wireless” tab, and go to “Wireless MAC Filtering”. First, enable this service by clicking on the “Enable” button. Then set the mark near the item ”Allow the stations specified by any enabled entries in the list to access.”. This means that only devices that are on the list will be able to connect to Wi-Fi.

And we click the “Add New ...“ button in order to add the MAC addresses of devices that need to be allowed access. Enter the MAC address, description (optional), leave the Enable status enabled and click the “Save” button.

In this way, we add all the devices that you want to allow to connect to your router.

Disable QSS (WPS)

Details about this service, and how to use it, I wrote in the article. But if you do not connect new devices very often and it is not difficult for you to enter a password for a Wi-Fi network, then it is better to disable this service.

To disable it, go to the “QSS” tab, you may also call it “WPS”, or something like that. And click on the “Disabled QSS” button.

This was the last point that I advise you to do to fully protect the Wi-Fi network on your router. It remains only to reboot the router by clicking on the “click here” link, or to do this by clicking on the router itself.

That's all friends, that's all I wanted to advise you on to protect your wireless network. I hope that the information that I have prepared for you is useful to you. Good luck

More on the site:

How to protect Wi-Fi network? Key and effective tips  updated: February 7, 2018 by: admin

Do you like the article? To share with friends:
You may also be interested.