How to protect wifi from neighbors. Neighbors steal wi-fi. How to protect your wi-fi router. Come up with a strong password to access your router

Ask how to secure a WiFi network. In this article, we will look at several techniques that will make it much more difficult for unwanted users to access your network.

Now, in addition to a stationary computer, many have mobile devices that require an Internet connection:,. It is convenient to use your home Wi-Fi network to connect these devices to the network.

But when you create a Wi-Fi network, there is a threat to the security of your data. Everything that is transmitted over the wireless network is broadcast over a fairly tangible distance and attackers can gain access to this data. In order to protect a WiFi network from such an attack, you need to take a few simple steps.

Use a strong password to access your router settings

When setting up, be sure to change the default password. It does not follow the password path to access the router with a password (key) to connect to the network.

Use strong security mode.

Modern WiFi networks support several security modes. In the WiFi settings, this item may be called "Security mode" or "Security mode".

For maximum protection of your WiFi network, you need to use WPA or WPA2 (Wi-Fi Protected Access) mode.

Use a long and complex key to connect to the network

If the WiFi network works in WPA mode, you need to enter the key to connect to it. In order for the WiFi network to be protected from hacking, the key () must be long and complex enough.

The key must be at least 12 characters long and must contain letters and numbers. Don't use trivial passwords like wi-fi, fi-wi, mywifi, etc.

Hide your SSID

Each WiFi has its own SSID (WiFi network name). If you enable the hiding of the SSID in the settings of the router, then it will connect to such a network, you can only know its name.

Naturally, if you hide the SSID of your WiFi network, then it must be unique. In this case, it makes no sense to use banal phrases like "router" or "dlink" as the SSID. Such names can be easily picked up.

Use MAC address filtering

Each network device is uniquely equipped. This feature allows you to restrict network access to unknown devices. In the settings of the router, you can specifically specify which MAC addresses are allowed to connect to the WiFi network.

MAC filtering is not a major security protection. But together with other methods, it significantly increases the protection of the WiFi network.

It is the most important electronic device in their life. It connects most other devices to the outside world and is therefore of maximum interest to hackers.

Unfortunately, many home and small business routers come with an insecure configuration by default, have undocumented management accounts, use outdated services, and run on older firmware versions that are easy to crack using well-known tricks. Alas, users themselves will not be able to fix some of the problems listed, but nevertheless, you can take a number of actions to protect these devices from at least large-scale automated attacks.

Basic actions

Avoid using ISP-provided routers. First, they are often more expensive. But this is not the biggest problem. These routers are usually less secure than the models sold by manufacturers in stores. Very often they contain hard-coded remote support credentials that users cannot change. Updates for modified firmware versions often lag behind releases for commercial routers.

Change the default administrator password. Many routers ship with generic admin / admin passwords, and attackers are constantly trying to log into devices using these well-known credentials. After connecting to the router's management interface via a browser for the first time - its IP address is usually found on a sticker on the bottom side or in the user manual - the first thing you need to do is change the password.

In addition, the web interface of the management router must not be accessible from the Internet. For most users, there is simply no need to manage the router from outside the local network. However, if you still have a need for remote management, consider using a VPN to create a secure LAN connection before accessing the router interface.

Even within a local network, it is worth limiting the range of IP addresses from which the router can be controlled. If this option is available in your model, it is best to allow access from a single IP address that is not in the pool of IP addresses assigned by the router via DHCP (Dynamic Host Configuration Protocol). For example, you can configure your router's DHCP server to assign IP addresses from 192.168.0.1 to 192.168.0.50, and then configure the web interface to accept an administrator from 192.168.0.53 only. The computer must be manually configured to use this address only when it is necessary to administer the router.

Enable access to the router interface via https if secure connection is supported, and always exit by closing the session when the configuration is complete. Use your browser in incognito or private mode to prevent cookies from being automatically saved, and never let the browser save the username and password of the router interface.

If possible, change the IP address of your router. Most often, routers are assigned the first address in a predefined range, for example, 192.168.0.1. If available, change it to 192.168.0.99 or some other address that is easy to remember and not part of the DHCP pool. By the way, the whole range of addresses used by the router can also be changed. This helps protect against cross-site request forgery (CSRF), when an attack occurs through the user's browsers and using the typical IP address usually assigned to such devices.

Create a strong Wi-Fi password and choose strong protocol security. WPA2 (Wi-Fi Protected Access 2) is superior to older WPA and WEP, which are more vulnerable to attacks. If your router provides such an option, create a guest wireless network, also protecting it with WPA2 and a strong password. Let your visitors or friends use this isolated segment of the guest network, not your main network. They may not have malicious intent, but their devices can be jailbroken or infected with malicious programs.

Disable the WPS function. This rarely used feature is designed to help users set up Wi-Fi using the PIN code printed on the router sticker. However, in many implementations of WPS versions provided by various vendors, a serious vulnerability was found several years ago that allows hackers to break into networks. And since it will be difficult to determine which specific router models and firmware versions are vulnerable, it is better to simply disable this function on the router if it allows you to do so. Instead, you can connect to your router through a wired connection and through the web management interface, for example, set up Wi-Fi with WPA2 and a custom password (no WPS at all).

The fewer your router's services are open to the Internet, the better. This is especially true in cases where you didn’t enable them, or perhaps don’t even know what they are doing. Services such as Telnet, UPnP (Universal Plug and Play), SSH (Secure Shell) and HNAP (Home Network Administration Protocol) should not be activated for the external network at all, as they potentially carry security risks. However, they should also be turned off on the local network if you are not using them. Online services like Shields UP from Gibson Research Corporation (GRC) can simply scan your router's public IP address for open ports. By the way, Shields Up is able to scan separately for UPnP.

Make sure your router's firmware is up to date. Some routers allow you to check for firmware updates right from the interface, while others even have an automatic update function. But sometimes these checks can occur incorrectly due to changes on the manufacturer's servers, for example, after several years. Therefore, you should regularly check the manufacturer's website manually to find out if there is a firmware update for your router model.

More complex actions

You can use network segmentation to isolate it from a risky device. Some consumer routers provide the ability to create VLANs (virtual local area networks) within a large private network. Such virtual networks can be used to isolate devices from the Internet of Things (IoT) category, which are full of vulnerabilities, which has been repeatedly proven by researchers (Bird Kiwi discussed this problem in the previous issue of World of PCs - ed.). Many IoT devices can be controlled with a smartphone via external cloud services. And since they have access to the Internet, such devices, after the initial setup, should not interact with smartphones directly over the local network. IoT devices often use insecure administrative protocols for a local network, so an attacker can easily hack into such a device using an infected computer if they are both on the same network.

By filtering MAC addresses, you can keep dangerous devices out of your Wi-Fi network. Many routers allow you to limit the list of devices eligible to join a Wi-Fi network by their MAC address - a unique identifier of a physical network card. Enabling this feature will prevent an attacker from connecting to a Wi-Fi network, even if he manages to steal or guess the password. The disadvantage of this approach is that manually managing the list of allowed devices can quickly become an unnecessary administrative burden on large networks.

Port forwarding should only be used in conjunction with IP filtering. Services running on a computer behind a router will not be available from the Internet unless port forwarding rules are defined on the router. Many programs try to open router ports automatically via UPnP, which is not always safe. If you disable UPnP, these rules can be added manually. Moreover, some routers even allow you to specify an IP address or a whole block of addresses that can be connected to a specific port in order to gain access to a particular service within the network. For example, if you want to access an FTP server on your home computer while at work, you can create a port forwarding rule for port 21 (FTP) in your router, but only allow connections from a block of IP addresses of your company.

Custom firmware may be more secure than factory firmware. There are several Linux-based, community-supported firmware projects for a wide variety of home routers. They tend to offer advanced features and tweaks over the stock firmware, and the community fixes their shortcomings faster than the router manufacturers themselves. Since these firmware are marketed for enthusiasts, the number of devices that use them is much smaller than devices with manufacturer's firmware. This greatly reduces the likelihood of extensive attacks on custom firmware. However, it is very important to keep in mind that downloading the firmware to your router requires a good technical background. It is very likely that you will void your warranty, and in the event of an error, the device may fail. Consider this, because you were warned!

How to protect yourself

Check if the remote access function is enabled on your router. It is often found in devices provided by communication providers. Providers need remote access for business: it makes it easier for them to help users with network configuration. However, providers can leave the default password on the web interface, making you an easy target for hacker programs.

If you can enter the web interface with the standard username and password admin / admin, be sure to change the password and write it down. When the provider configures your router remotely, just say that you changed the password for security reasons, and dictate it to the operator.

Router protection instructions

Put a strong password on the WiFi.
Change the default administrator password.
If the router is not from a provider, disable remote access.
If you do not know how to do this, call a computer technician whom you trust.

Protecting your own Wi-Fi network is the right and responsible step. Yes, the Internet can be distributed to everyone, neighbors and passers-by. But, in this way, you will reduce the lifespan of your router, slow down the speed, jeopardize your own files and confidential data. If you do not know how to protect Wi-Fi from other users, then e-mail, Internet surfing history and bank details - all this information can get to outsiders. In addition, if they really turn out to be intruders, they will be able to break the law from your IP, which is fraught with problems for you.

Even if Wi-Fi is kind of password protected, there are still many loopholes to connect to it. They don't have to be criminal hackers. Even neighbors' children who read about it on the Internet can take advantage of such vulnerabilities. If they get access to your network, they can download terabytes on torrents, which will significantly slow down the speed. They can also "joke" with the router or your files so that the consequences will have to be eliminated for a long time and with the participation of specialists. Therefore, the best prevention of problems is knowing how to control your own Wi-Fi, and in what ways you can increase its security.

general information

For a regular home network, a few simple methods are enough that solve 80% of potential problems:

Change the username and password for entering the router.
Set a strong password.
Choose the correct encryption type.
Disable connection without password (WPS).

If you need more control and want to make Wi-Fi "unapproachable", there are more advanced methods:

Update your router's firmware regularly.
Disable remote access to the router.
Divide access into subnets (guest access).
Make Wi-Fi hidden.
Organize filtering by MAC addresses.
Reduce signal coverage area.
Buy a router with a firewall.
Buy a router with VPN.
Change the network password periodically.
Check the list of connected devices for strangers.
Install special hardware and software.

So how is Wi-Fi hacked? For those interested, watch the following video:

Protect access to settings

If someone else connects to the network, they can gain access to the router. If successful, he will learn about the security settings and will be able to change them at will. Or just change the Wi-Fi password and you will have to reset the settings. Therefore, the actions of how to secure the router from unauthorized access are the first item from the list of necessary ones.

Step 1 . You can connect to the router using a wire or Wi-Fi. The first way is safer. The wire is connected to the yellow LAN port, the opposite end to the computer.

Step 2 . By default, the router menu is entered by typing 192.168.1.1 or 192.168.0.1 in the address bar of the browser. Usually, the IP is indicated on the sticker of the device. If you changed these addresses earlier (or the "uninvited guest" did it), then there are two ways to enter the "admin panel":

Reset settings. You need to find the Reset button. Long press (up to 10 seconds) will return all parameters to factory defaults. Perhaps this is where you should start securing your Wi-Fi network. Now the standard address 192.168.1.1, 192.168.0.1, or specified on the router will work.
You can see the IP address through the command line. It will be opened by the Win + R key combination and the entered command "cmd" + Enter. Then you need to type "ipconfig" and also press Enter. The “Default Gateway” is the address to be entered.

Step 3. You need to specify a username and password. By factory settings, these are either empty fields, or "admin" and "admin", "1234" and the like. They are indicated on the router itself, or in the documentation. If you do not remember them, or someone replaced them, you will have to perform a factory reset.

Step 4. You have entered the WEB interface. It is slightly different in different devices, but the principle is the same. In the menu on the left, select System Tools / System / Administration / Management or a similar label. Then you can enter a new username and password and save the changes.

Strong password

How to set a password on Wi-Fi is described in the following video:

A well-crafted network key is the most important thing to secure Wi-Fi. A strong password uses uppercase and lowercase letters ("a" and "A" are different characters for it), as well as numbers and special characters (-, _,!, ~, @, $, #, &,%, * ). Avoid simple combinations such as numbers or letters typed in a row from the keyboard.

Step 1. Go to the control panel of the router, as described in the first paragraph.

Step 2. Find the menu item "Wireless", "Wireless", etc. and the tab (or submenu) "Security", "WLAN". Sagem [email protected] 1744 v2.2, which Rostelecom uses, you can protect Wi-Fi with a password using the WLAN Settings - Security items.

Step 3. In the Password / PSK / Password field, enter the code of your choice. It will have to be entered when connecting new devices or guests.

Step 4. Save your changes. The router will reboot. After that, you will have to re-enter the password for all devices that you want to connect to Wi-Fi.

Additionally. At this stage, you can change the network name (SSID) to a unique one - at your discretion. This is necessary if the name of the router was specified in the standard name. In some control panels, the SSID is not changed in this menu item. Then check the neighboring ones.

Correct encryption type

This is also the most important point, how to protect the router from unauthorized access. . The settings are available on the same page where the network password is changed. There are several types of encryption. Some are needed for legacy devices:

WEP is not worth choosing under any circumstances. Sometimes this item is absent altogether. This is an obsolete type of encryption from the 90's and was designed to transmit a portion of the password with every transmission. Hacking it is a matter of a few minutes.
WPA is a relatively reliable but legacy protocol. It does not support high speed Wi-Fi. However, it may be necessary for some devices. In this case, the router will offer "WPA / WPA2 Mixed Mode".
WPA2 is a modern and recommended Wi-Fi connection protection. There may be variants of it - Personal (PSK) and Enterprise. Typically the first type is needed for home networks. One password is assigned for all connected gadgets. In the second case, you need a special RADIUS server that issues the keys. This type is used in enterprises.
Encryption - Two types can be offered: TKIP and AES. TKIP is deprecated, only needed for older devices. In this case, you can select "Auto" in the settings. In most cases, AES is recommended.

Thus, the most modern type of encryption is WPA2 – Personal with AES encryption. But sometimes another point needs to be noted.

Disable No Password Login (WPS)

WPS (QSS) seems like a handy function. You need to press the button of the router, and the devices can be connected to the network without entering a password. However, using this method, Wi-Fi becomes extremely vulnerable. You can pick up a pin code of 8 digits very quickly, which means that the probability of cracking the password (if someone wants it) is close to 100%.

You can disable WPS on the same page where the Wi-Fi password and encryption are set, or in the adjacent menu items. It is enough to uncheck the corresponding item.

Additional protection measures

In addition to the basic, additional measures allow you to add a few more circles of protection around Wi-Fi. They are usually not required for home networks. But if you think it's better to be more prudent, then you can use them too.

Update the firmware regularly

From time to time on the Internet there are news like "The WPA2 protocol has been cracked, now everything is under threat." In fact, security protocols and specific device models may have undiscovered vulnerabilities. But equipment manufacturers always have their finger on the pulse. As soon as they become aware of the problem, they immediately prepare a service pack to help customers protect Wi-Fi routers from other users. If you regularly update the firmware, you can be sure of the most up-to-date protection.

To upgrade, it is extremely important to follow these rules:

the connection to the router should be only by cable;
it is very important to choose the correct firmware version. You need to rewrite the model name and version number from the sticker on the machine. On the manufacturer's website, use these numbers to select the appropriate software version;
during the firmware, you need to disconnect the router from the external network (blue port).

After the file is downloaded, in the router's menu you need to find the item "System Tools" / "Management" or similar, and then - "Update". Select the firmware file and start the process.

Incorrect operations can cause the device to stop functioning. Therefore, take this step responsibly.

Disable remote access

The option allows you to control the router via an external signal via the WAN cable. Simply put, via the Internet. This means that you do not need to be on the same network to access the settings. This function is sometimes needed by the provider to solve any problem on the router for you. However, for complete control over your equipment, it is better to turn it off. This can be done from the security settings section ("Security" / "Network security").

Create subnets (guest access)

Some models provide the ability to create a second network. It has nothing to do with your main one. The password can be easily shared with guests and friends.

To enable this function, check “Wireless Network Settings” or “Home Network Settings” in the settings menu. Some wireless devices do not have it.

Make Wi-Fi hidden

Close Wi-Fi through "Basic Settings" / "Wireless Network" in the router menu. Here you can "Hide the access point" / "Disable SSID broadcasting" - for this, just check the box. After that, your network will not be in the list of available for connection. After rebooting the router, in order to connect to Wi-Fi, you will have to perform the following procedure:

select "Other networks" in the list of networks;
enter the SSID;
enter the password;
the computer is connected to Wi-Fi;
for mobile gadgets - in the Wi-Fi item of the settings there is a section "Other network" or "Add network". You need to select it, enter the name and password.

Setting an invisible SSID is not a recognized way to improve security. Special programs will still be able to see the network. However, this method will save you from annoying neighbors.

Organize filtering by MAC addresses

You will learn how to disconnect unauthorized users from Wi-Fi in the following video:

MAC address is a unique device number. Routers provide the ability to create "white" and "black" lists of gadgets. There is a separate item "Filtering by MAC addresses" in the menu. Thus, we protect the wireless network and close it from other devices.

You can view the MAC address in the "About device" item (for mobile gadgets), or in the connection properties, in the "Advanced" section (on a computer). It looks like "A0-BF-5C-7B-33-64": 6 blocks of 2 characters each - numbers 0-9 and letters A-F (these are all 16-bit numbers).

This method does not guarantee security. The MAC address can be intercepted and "cloned" by simulating your device. However, in a home network environment, it can reduce the chances of being hacked.

An inconvenient moment - each new device must be registered separately in the router settings.

Reduce signal coverage area

You can make Wi-Fi less visible by lowering the signal strength. Usually the signal can be “caught” just on the street, in the next house. However, you only need it in your apartment or office. This limitation, among other things, will reduce the amount of interference to other networks and devices. This will also help, without changing other settings, protect Wi-Fi so that neighbors can no longer use it.

Buy a firewall router

Any additional security measures related to firewall, firewall, firewall, DoS protection can be very effective. These are defenses that specifically prevent attacks. If they are in the router, they are enabled by default. You can also configure additional settings to create an even more secure Wi-Fi network.

VPN router

VPNs are considered one of the most effective ways to protect data in transit. VPN creates an "encrypted tunnel" for communication between nodes on the network. This feature is not present on all devices, but it allows you to immediately protect all devices on your network.

Change your password periodically

For high security, it is considered "good practice" to periodically change your passwords, PIN codes and encryption keys. The Wi-Fi password can (theoretically) be compromised, or it can be brute-forcing to be hacked later. By managing Wi-Fi passwords every three months, you can be more confident in the security of your network.

Check the list of devices in the list of connected

You don't have to use the methods listed above, but just periodically review which devices are connected to the network. Here you can see immediately if there is “unauthorized access” to your Wi-Fi.

Install special hardware and software

If you store information that is really valuable, then you should not hope that simple methods will protect it. You should contact specialists, buy special equipment and software. But this type of security goes beyond the home network. These methods are enough to make you feel safe.

Conclusion

Protecting Wi-Fi is a simple process if you don't get carried away. It is enough to set good passwords, correct encryption and disable WPS access. The rest of the methods can be applied at will. You can, of course, create your own "digital fortress" - a hidden network with full control over everything that happens in it. In any case, all this can be done only by following simple step-by-step instructions.

Today, one in three users of the world wide web widely uses entanglement throughout the house, offering high-speed Internet access for all devices. And rightly so, why not use this opportunity when sitting in an armchair, lying on a couch or in bed before going to bed, there is an Internet connection from a smartphone or.

There is one big "BUT" in the whole, practically profitable, situation - users very rarely follow the safety rules that directly relate to access to Wi-Fi. Over time, we begin to notice that the speed of the Internet connection has slowed down, and the printer suddenly began to take an interest in the "photo of the nude genre", occasionally printing them! The actions of a "joker" connected to your network are not limited to simple access to the Internet or to a printer, a little skill and more confidential information becomes available to a third-party user, for example, your funds in electronic wallets. Therefore, securing the wireless network and yourself is the number one task, especially for users living in an apartment building.

How to secure access to Wi-Fi from external intrusion

Usually, the user, having noticed the incorrect operation of the computer associated with the network, rushes to apply a reset. This is apparently by analogy with the system unit, which suddenly froze. And here, we are looking for a delicate object to get to the hidden "Reset" button on the body of the network equipment. Often, such actions save for a short time, and the situation is in a hurry to repeat itself ...

Ways to protect Wi-Fi access:

The main step to security will be to simply change the access password to. After all, after setting up by a specialist (or self-configuration), the equipment continues to store the factory credentials. And here, you don't have to be a "computer genius" to enter the settings panel via the web interface!
Note! The ability to customize the control panel of the router is not available in all equipment models, so the following advice is more practical.
The next wish concerns the network access password. Users are frivolous in choosing this cipher. Sometimes we refer to our weak memory, but at the same time we reset it with enviable consistency!
Therefore, it is better to configure the WPA2 encryption algorithm once, and come up with a 10-digit password that you will at least occasionally change. For him, pick up a random set of letters and numbers, and just write down the combination you have invented on a piece of paper or on a box from the router.

Note! Don't create readable passwords. Surnames and names in the English layout are hard to come up with, but easy to find!
Further, it would be nice to abandon the WPS function, which creates a digital PIN code for new devices. The feature is active by default on most models of access points. If you do not have to constantly connect various smartphones or tablets, then there will be no difficulties.
Note! Even if there is a need for regular connection of new gadgets, it is enough to enter the access password every time! Low cost for home network security.
The next recommendation is more about attentiveness. Get in the habit of leaving the router's web interface correctly, that is, not just closing the browser tab, but namely, “exit the control panel”.
This precaution is associated with some features of Internet browsers. When visiting pages, browsers save cache and cookies, which are responsible for storing temporary files and resource information. You may have noticed earlier that after leaving the site, re-authorization is not required. So this is another loophole for the casual attacker!
Note! It would be nice to get into the habit of clearing the cache and cookies of the browser that you actively use (read how to do this in the article :,).
The next steps are more likely for advanced users, as they carry a share of risk. So, first, let's change the subnet of the router, since it is set by default and is known to many. Usually, it is an address:
- 192.168.0.0
- 192.168.1.0
- 192.168.1.1
Moreover, the address is indicated on the device case, nothing prevents us from changing the IP address via the web interface and giving the local subnet a new name, different from the factory one.

When you connect to a public Wi-Fi network, such as a coffee shop, the data is transmitted unencrypted. This means that your passwords, logins, correspondence and other confidential information become available to intruders. Email addresses can be used to send spam, and the data on your social media page can be changed.

Home Wi-Fi networks are also at risk. Even the highest level of security for wireless networks, WPA2 encryption, can be “hacked” with a Key Reinstallation Attack (KRACK). For more details, see the article

When connecting to any Wi-Fi network, always follow these guidelines:

Make sure you have Firewall installed and enabled. This protection component scans network traffic and protects your computer from network attacks.
Firewall is included in Kaspersky Lab applications: Kaspersky Internet Security, Kaspersky Anti-Virus, Kaspersky Total Security, Kaspersky Security Cloud and Kaspersky Small Office Security.
Use a secure HTTPS connection. Make sure there is a green or gray lock icon in the address bar of your browser. For more details, see the article in the Kaspersky Lab blog.
Secure your connection with a VPN by adding another layer of encryption. To do this, install Kaspersky Secure Connection on your device and enable secure connection every time you connect to the Internet.
If you are using a Windows operating system, turn off File and Printer Sharing for all public networks you connect to. Instructions on the Microsoft support site.
Use mobile internet instead of public Wi-Fi whenever possible.

Come up with a strong password to access your router

As a rule, a standard username and password are used to access the settings of the router. An attacker can find out the login and password from your router by downloading the user manual for the device from the manufacturer's website. To prevent this from happening, change the password for the router.

For example, we show the configuration of the TP-Link TL-WR841N router. To change the password for accessing the router:

System Tools -> Password (System Tools → Password).
Enter the username, old and new password to access the router. Recommendations for creating a strong password in the article.
Click on Save (Save).

The password for accessing the router will be changed.

Come up with a unique name (SSID) for your Wi-Fi network

Rainbow tables are often used to crack passwords. Pre-built rainbow tables for popular SSIDs store millions of possible passwords. If your SSID and password are in such a table, an attacker can instantly recover the network password using special programs.

To improve the security of your home wireless network, create an uncommon SSID.

Router interfaces differ depending on the manufacturer, specific model and firmware version. To navigate the settings of the router, use the user manual for your model. As a rule, it comes with the router, or you can download it from the device manufacturer's website.

For example, we show the configuration of the TP-Link TL-WR841N router. To change the name of the Wi-Fi network:

Enter the IP address of the router in the address bar of your browser. You will be taken to the authorization page for the router settings. The router's IP address is located on the back of the device and in the user manual.
On the authorization page, enter your username and password. If you have not changed them, they are indicated on the back of the router.
On the router settings page, go to the section ( Wireless → Basic Settings).
In field Wireless network name (Wireless Network Name) come up with and enter a name for the Wi-Fi network.
Click on Save (Save).

The name for the Wi-Fi network will be changed.

Make your Wi-Fi network invisible

Hide the network name in the router settings. Your Wi-Fi network will not appear in the list of available wireless networks. It will be impossible to detect it without special software.

For example, we show the configuration of the TP-Link TL-WR841N router. To make your Wi-Fi network invisible to other devices:

Enter the IP address of the router in the address bar of your browser. You will be taken to the authorization page for the router settings. The router's IP address is located on the back of the device and in the user manual.
On the authorization page, enter your username and password. If you have not changed them, they are indicated on the back of the router.
On the router settings page, go to the section Wireless → Basic Settings (Wireless → Basic Settings).
Uncheck the box Enable SSID Broadcast (Enable SSID Broadcast).
Click on Save (Save).

Your Wi-Fi network will be invisible to other devices.

Disable WPS

WPS is designed to make it easy for devices to connect to Wi-Fi networks. Using WPS, you can connect to the router without a password. We recommend disabling WPS in your router settings.

For example, we show the configuration of the TP-Link TL-WR841N router. To disable WPS:

Enter the IP address of the router in the address bar of your browser. You will be taken to the authorization page for the router settings. The router's IP address is located on the back of the device and in the user manual.
On the router settings page, go to the section Wireless → WPS (Wireless → WPS).
Click on Disable (Disable).

WPS will be disabled.

Turn on encryption

When working on a network with weak encryption, your data can be intercepted by attackers. If you are connecting to your home network and you receive a message about weak encryption, change the encryption type to a stronger one. Common types of wireless encryption: WEP, TKIP, WPA, WPA2 (AES / CCMP).

The main difference between them is the level of protection. We recommend WPA2 as it is the most reliable one on offer.

For example, we show the configuration of the TP-Link TL-WR841N router. To change the encryption type of a wireless network:

Enter the IP address of the router in the address bar of your browser. You will be taken to the authorization page for the router settings. The router's IP address is located on the back of the device and in the user manual.
On the authorization page, enter your username and password. If you have not changed them, they are indicated on the back of the router.
On the router settings page, go to the section ( Wireless → Wireless Security).
Please select WPA / WPA2 - Personal.
In field Version (Authentication Type) select WPA2-PSK.
In field Encryption (Encryption) select AES.
Click on Save (Save).

Wi-Fi encryption will be enabled.

Create a strong Wi-Fi password

Without a password, your Wi-Fi network will be available to everyone. A strong password will not allow unauthorized people to connect to it. Recommendations for creating a strong password in the article.

For example, we show the configuration of the TP-Link TL-WR841N router. To create a password:

Enter the IP address of the router in the address bar of your browser. You will be taken to the authorization page for the router settings. The router's IP address is located on the back of the device and in the user manual.
On the authorization page, enter your username and password. If you have not changed them, they are indicated on the back of the router.
On the router settings page, go to the section Wireless → Wireless Security (Wireless → Wireless Security).
Please select WPA / WPA2 - Personal.
In field Wireless password (Wireless Password) create and enter a password for the Wi-Fi network.
Click on Save (Save).

A password for the Wi-Fi network will be generated.

Turn on MAC address filtering

Each device with a network card or network interface has its own MAC address. Create a list of MAC addresses for trusted devices or deny connections to devices with specific MAC addresses.

For example, we show the configuration of the TP-Link TL-WR841N router. To configure MAC filtering for trusted devices:

Enter the IP address of the router in the address bar of your browser. You will be taken to the authorization page for the router settings. The router's IP address is located on the back of the device and in the user manual.
On the authorization page, enter your username and password. If you have not changed them, they are indicated on the back of the router.
On the router settings page, go to the section Wireless → MAC Filtering (Wireless → Wireless MAC Filtering).
Click on Add (Add New).

Enter MAC address, device description and select status Included (Enabled).
Click on Save (Save).

Click on Turn on (Enable).
Please select Allow access to stations specified in the included rules from the list (Allow the stations specified by any enabled entries in the list to access).