Routers are such an infrequently replaced component of your home network that it’s easy to forget how you had things previously configured and what settings are too important to not overlook. Read on as we highlight the first five things you need to do right after powering up your new router.
Although it’s a quiet and hardly noticed component of your home network, the router is a critical piece of network infrastructure. A few minutes of tweaking and configuration right after unboxing your new router can save you headaches down the road. A Wi-Fi router, left improperly configured and with poor security, can leave your network vulnerable instabilities and malicious users.
The goal of this quick-start 5 option list is to secure your router in significant ways as quickly as possible. Work your way down the following list to establish a solid baseline level of security.
Update the Firmware
Your router has firmware, a set of operating instructions and tools stored on a memory chip inside the device. Although firmware updates are generally infrequent and router firmware is designed to be stable, there are two reasons to check for updates immediately after getting a new router. First, you don’t know how long your router was sitting on the shelf and a new update may have been (and most likely was) released. Second, although not as common as problems on consumer operating systems like Windows, there are exploits and vulnerabilities that crop up in router firmware. Practically speaking, it also means you have access to the most up-to-date features of the router.
Change the Default Login
Just about every router around ships with a common (to that brand/model) default login and password. These defaults aren’t even well kept secrets, a simple Google search query of “Default login for (some router)” will yield immediate positive results. You can even download entire lists of known pairs. There’s even the appropriately named web site RouterPasswords where you can look up just about any make, model, and default login.
Even if the little sneak trying to creep his way into your network doesn’t go to the effort of referencing a list, the defaults for thousands of routers are ridiculously simple like “admin/(blank)”, “admin/admin”, and “admin/root” that the guy hardly needs a list.
The moral of the story is: change your administrator password before someone changes it for you.
Change the SSID
Your router’s SSID can reveal a lot about the router, the most obvious of which is the maker/model number. If someone knows the make/model of your router they can, as highlighted in the previous entry, easily fetch the default login. Even if you’ve changed the default login, they can still use information about the router number to check for vulnerabilities.
Change the SSID to something different from the default, but without any identifying information in it. This means no SSIDs like “Apartment5a” or “321LincolnSt”.
Set a Secure Wi-Fi Password with Quality Encryption
For years, router manufacturers shipped routers with poorly configured Wi-Fi and/or default passwords enabled. Many manufacturers are finally shipping routers with the highest level of Wi-Fi encryption enabled and a randomized password set (so even if new users don’t know what they’re doing or fail to look up a list like this one, they’re still protected).
Not every manufacturer has individualized setups for each router they ship, however, which means it’s your responsibility to make sure your router has properly configured Wi-Fi with a secure password and the best encryption. You’ll typically have options available like WEP, WPA, and WPA2. Select WPA2 (or, to future proof this advice, whatever better encryption comes along). Why WPA2? You can read about Wi-Fi encryption and why it matters here. The short of it is that anything below WPA2 is vulnerable to exploits and WEP is so trivial to crack a child with the right (and widely available) tool could do it.
As far as passwords are concerned, when it comes to Wi-Fi passwords where, when you’re using strong encryption like WPA2 that supports up to 63 characters, it’s more of a passphrase than a password. Forget simple passwords like thedog20, blackcat, or any of the trivial passwords that Wi-Fi nodes used to restrict us to. With a good encryption scheme enabled, you’re free to use passphrases instead of passwords. Passphrases are easier to remember and offer radically more variety. Instead of “thedog20”, use “My Dog Is Twenty Years Old”.
While we’re on the topic of securing your Wi-Fi: if you have a newer router, chances are you have a guest network. If you choose to enable it, the same rules apply for selecting good encryption and a strong password.
Disable Remote Access
If you need remote access for some reason, it’s a pretty handy feature. For 99.9% of home users, however, there’s very little reason they would need to remotely administer their router from afar, and leaving remote access on simply opens up a point of vulnerability. Since the router not only functions as the network management brain of your home network but also the firewall, once a malicious user has gained access, they can open the firewall and gain complete access to your home network.
Again, like better Wi-Fi security, manufacturers are finally taking default security seriously, so you might be pleasantly surprised to find that the remote access/management features are disabled. Still, trust but verify. Look in the advanced settings of your router and confirm that any remote access tools are turned off.
By simply updating your firmware, changing default logins for the router and Wi-Fi access, and locking down remote access, your 10 minutes of effort ensure that your router is now radically more secure than when it came out of the box.
If you’d like to keep pressing forward with tweaks and security enhancements, check out the advanced tricks in the following related articles:
- Secure Your Wireless Router: 8 Things You Can Do Right Now
- HTG Explains: Understanding Routers, Switches, and Network Hardware
- Turn Your Home Router Into a Super-Powered Router with DD-WRT
- Boost Networking Performance by Installing Tomato on Your Router
Have a networking or Wi-Fi related question? Shoot us an email at ask@howtogeek.com and we’ll do our best to help.