The features of your router make it easier to operate, but they also make it less secure.
Thousands of routers have been hacked in recent years using weaknesses in the ubiquitous Universal Plug and Play (UPNP) protocol, which permits communication between devices on a network.
Likely, your device is still vulnerable to this and other security flaws.
The problem becomes worse if you use an older model that may not have updates for freshly revealed flaws.
If you haven’t upgraded your router since the early 2000s, you should probably consider doing so soon.
In the meanwhile, follow these instructions for changing your router’s settings to safeguard your home network from intruders.
Reset to factory settings and update your firmware
Although your PC updates itself, many routers do not. Instead, they have you go through a lengthy process to update your firmware.
As inconvenient as it is, this practice is necessary for effective security. So, before you do anything else, we recommend that you restore your router to factory settings (if it hasn’t previously been hacked) and update the firmware.
The procedure will differ slightly depending on the router, but here’s a general idea. Enter the IP address of your router into the address bar of your browser (typically something like 192.168.0.1, 192.168.1.1, or 10.0.0.1) and hit Enter.
Check your router’s manual or try one of the IP addresses on our TechSpot list if you’re experiencing problems.
To access the router’s web interface, enter your username and password—if you don’t know what they are, look on the side of your router or in your handbook.
If you still can’t find it, the RouterPasswords.com database might be able to help.
Poke around the menus until you find the administrative settings once you’ve arrived at the main interface. You’ll want to do the following while you’re there.
- Firmware should be updated. You may be able to update this with a single button press, or you may need to go to your router’s help page, download the newest firmware, and manually upload it. While you’re at it, write down the date the firmware was released—if it was issued a few years ago, the manufacturer likely no longer supports your router, and you’ll need to upgrade it soon.
- Restore factory defaults. If your router allows you to back up your settings, do it right now. Then look for the option to reset your router to factory settings and select it. This will clear your settings, but it will also ensure that any past hackers have been removed from your machine. If you have problems later setting up the router from scratch, you can always restore from a backup to see what settings you may have neglected to re-enable.
- You should change your password. Your router will revert to the default password when you restore factory settings. This is problematic because these codes are widely available on the internet. As a result, hunt for a way to alter the router’s login password. This is the password you use to connect to this web interface, not the Wi-Fi code, which we’ll get to in a minute. This option should be accessible through the same administrative settings as the firmware update you just completed. Create a distinctive username and a strong password, and write them down somewhere safe so you don’t forget them—preferably in a password manager like LastPass.
If an option for automatic updates appears, select it. This is unlikely to be important because many routers lack this capability and those that do have it switched on.
Create a secure password.
It’s time to set up your Wi-Fi after you’ve upgraded the firmware on your router.
Find the Wireless section of the router’s settings and give your network a name, using the web interface.
Something personal to you and your family, not just “Linksys.” Make that the password type is WPA2 or WPA3 rather than WEP, which is unsafe and extremely easy to crack. After that, create a secure password and save your changes.
You might be tempted to “hide” your network’s name, or Service Set Identifier (SSID), while you’re in this part to keep it hidden from nearby bad guys.
However, you should not do so. Not only are SSIDs inconvenient to manage (certain devices don’t support hidden networks), but your laptop or phone may also leak that “hidden” name when you’re out and about, making your network less secure.
Even the most novice of hackers will have little trouble finding a hidden network, therefore it’s better to turn this option off.
WPS, UPnP, and Remote Administration should all be disabled.
You’re almost finished! Finally, go into your router’s settings and disable the following features.
- WPS (Wi-Fi Protected Setup): With WPS, you may join a new device to your network simply by pressing a button and entering a PIN—no password required. Isn’t that convenient? Unfortunately, it’s famously unsecured, making it significantly easier for someone to gain access to your network without your knowledge. Because most people don’t utilize this feature, you may just disable it.
- Universal Plug and Play (UPnP): This lets devices on (and occasionally off) your network communicate more readily with one another. This feature’s entire description may be found here. In conclusion, while it has its advantages, it has also been the site of countless security vulnerabilities over the years, including recent widespread router attacks. You’re better off removing this option unless you truly need it and know your router gets regular updates. Look up how to manually forward ports if specific programs cease working after removing UPnP.
- Many routers allow you to access their settings page from outside the network via remote administration. This isn’t a good concept in general, and most people won’t need it anyway. If it isn’t already turned off, do so now.
Changing all of these settings will get you a long way, but nothing beats a well-built device with up-to-date firmware.
If you’ve had your router for more than a few years, the firmware may be permanently out of the current.
It will leave you susceptible if you do not have the most recent security fixes installed. As a result, you’ll need to upgrade soon.
Consider a system like Eero or Google Wifi if you do need a new router.
These not only get regular automatic updates, but they also improve your range and allow you to control your settings right from your phone.