Software bugs or improperly configured interfaces can turn your home router into a gateway for hackers. here are ten Security tips that users should definitely consider when setting up their home network.
Once the router has been configured, the little box is often quickly forgotten, unless the internet suddenly fails or there is a problem.
It’s worth checking the security settings on your home network from time to time. Because if you neglect the security of the router, you endanger the entire home network.
Photo series with 14 photos.
Hackers can exploit vulnerabilities to infect connected computers, smartphones, or smart home devices and add them to a botnet, for example.
Thus, without the knowledge of the owners, home networks become ejectors of spam and viruses, centers of crypto mining or starting points for telephone and Internet fraud.
Therefore, the Federal Office for Information Security (BSI) has published a guide for increased router security. On the “BSI for Citizens” website, the authority provides advice on how consumers can protect their home WLAN network against attackers.
Although there is no absolute certainty. But each user can significantly improve the protection against misuse of their telephone and Internet connections by following the ten tips below:
1. Keep your operating system up to date
A router also has an operating system. Updates bring new features and security fixes. Therefore, you should, if possible, turn on automatic updates in the router menu or regularly check for updates on the router settings page.
2. Disable remote access
For example, many routers offer to connect hard drives connected to the Internet. This handy feature may be a vulnerability and should be disabled in the settings menu, like any unused router features. Shows if and which remote access options are active on the router Security test of the specialized portal “Heise online”.
3. Set up the wireless router via a wired connection
Even if it is more practical via WLAN, you must connect your computer to the router via LAN or USB cable for configuration before the first start-up and for all maintenance work.
4. Change WiFi password immediately
Preset WiFi passwords are insecure, can be guessed and cracked. Therefore, users must assign their own complex password with at least 20 characters.
If it is not changed, there is a risk that attackers will read the password specified by the manufacturer, for example, with the help of special applications. When making changes, you should also check whether WPA2 secure encryption is enabled.
5. Change admin password
The password with which you can access the device’s confidential settings menu is usually the same for many or all routers from a manufacturer. Or the password protection is not even activated. It is essential to set an individual and strong password here.
6. Change the network name
Users must give their WLAN a new network name (SSID) because the default often contains the name of the manufacturer and the type of device, which could be exploited by attackers if the vulnerabilities are not patched.
The new SSID must not have anything to do with the owner of the Internet connection, that is, it must not contain any first or last name, street, location or anything similar.
7. Open the settings menu via https
The router menu can be opened with any browser by entering the address specified by the manufacturer, for example, 192.168.2.1 or “fritz.box”, in the address line.
However, you must ensure that you open the menu over a secure connection. This can be recognized by the abbreviation “https”. To be safe, no other websites should be open while you are setting up.
8. WPS PIN disabled
“Wi-Fi Protected Setup” (WPS) is a standard for simply setting up an encrypted WLAN network. However, WPS with a PIN that can be read on a label or screen on the device can be quickly cracked and should be turned off.
9. Don’t leave WiFi 24/7
The security principle is simple but effective: turn off the WLAN when you don’t need it, for example at night, when you are away for a long time or on vacation. Because what is not connected cannot be attacked. Many routers offer handy timers in the settings menu.
10. Browse safely while traveling
With free WiFi, users can now surf in public in many places, for example in hotels, cafes or department stores. But be careful if several similar entries appear in the list of available networks.
The magazine “Computerbild” warns about it. Fraudsters could offer their own access points with those names to obtain passwords or other private data by confusing them. Therefore, it is better to ask the provider what the correct WLAN is called.