1 Change Default Credentials
Most routers ship with default admin passwords that are publicly known. This is the first thing attackers try.
- Access your router's admin panel (usually 192.168.1.1 or 192.168.0.1)
- Change the admin username if possible (many routers allow this)
- Set a strong, unique admin password (different from your Wi-Fi password)
- Write it down and store it securely - you'll need it for future changes
2 Use Strong Encryption
Wi-Fi encryption prevents neighbors and attackers from intercepting your traffic.
- WPA3: Best option if your router and devices support it
- WPA2-AES: Second best, widely compatible
- WPA2-TKIP: Avoid if possible (older, weaker)
- WEP: Never use - can be cracked in minutes
How to Check
On most devices, click the Wi-Fi icon and look at the network properties. It will show the security type being used.
3 Create a Strong Wi-Fi Password
Your Wi-Fi password is the key to your network. Make it strong enough that it can't be guessed or cracked.
- Use at least 14 characters (longer is better)
- Mix uppercase, lowercase, numbers, and symbols
- Avoid dictionary words, names, or obvious patterns
- Consider using a passphrase: "Coffee#Makes$Morning!Great2024"
4 Set Up a Guest Network
A guest network isolates visitors and IoT devices from your main network, limiting damage if they're compromised.
- Most modern routers have a "Guest Network" option in settings
- Give guests the guest network password, never your main password
- Put IoT devices (smart TVs, cameras, thermostats) on the guest network
- Disable guest-to-guest communication if the option exists
5 Update Router Firmware
Router manufacturers regularly release updates that fix security vulnerabilities. Many routers never get updated.
- Check your router's admin panel for firmware updates
- Enable automatic updates if available
- Set a calendar reminder to check manually every 3 months
- If your router is 5+ years old and no longer receiving updates, consider replacing it
6 Disable Dangerous Features
Some router features that seem convenient are actually security risks.
- WPS (Wi-Fi Protected Setup): Disable it - can be brute-forced
- Remote Management: Disable unless you specifically need it
- UPnP: Disable if you don't need it - allows devices to open ports
- SSID Broadcast: Hiding your network name provides minimal security but can reduce casual connection attempts
7 Monitor Connected Devices
Know what's on your network. Unknown devices could be neighbors stealing Wi-Fi or attackers who've gained access.
- Check your router's "Connected Devices" or "Client List" regularly
- Give devices recognizable names so you can identify them
- If you see unknown devices, change your Wi-Fi password immediately
- Consider using MAC address filtering for an extra layer (not foolproof)
8 Physical Security
Don't forget the physical side of router security.
- Place your router in a secure location, not by a window
- Don't leave the default network name that reveals the router model
- If you have a small business, consider locking the router in a network closet
- Keep the router's reset button out of reach of unauthorized people
Need a Professional Wi-Fi Security Assessment?
Our team can test your wireless network for vulnerabilities and help you secure it properly.