Tips
How to safe your Wi-Fi network?
Most households and companies go to great lengths to keep unauthorized users off their networks, but Wi-Fi access points and routers can provide hackers with a convenient way in.
Since many companies allow or even actively encourage employees to connect to the network using their own mobile devices – tablets and smartphones as well as laptops – it’s not practical for most companies to switch off Wi-Fi access.
The same applies to home broadband users who might have guests coming over frequently. Instead, here are a few tips to make your wireless network more secure.
1. Use stronger encryption
- Some Wi-Fi access points still offer the older WEP (Wired Equivalent Privacy) standard of protection, but it is fundamentally broken. That means that hackers can break into a WEP-protected network using a hacking suite like Aircrack-ng in a matter of minutes.
- So to keep out intruders, it’s essential to use some variant of WPA (Wi-Fi Protected Access) protection, either WPA or the newer WPA2 standard (or WPA3 when it lands).
2. Use a secure WPA password
- Make sure that any password (or passphrase) that protects your Wi-Fi network is long and random so it can’t be cracked by a determined hacker.
- It is all too easy to set up any equipment with its default settings, especially as the default admin name and password are often printed on the router itself to allow quick access and setup. This means that hackers will try these to access your network. Changing both access names and passwords will make it more difficult for a criminal to gain access.
- You can test the security of your WPA-protected network (without revealing your password or passphrase) by using the CloudCracker service. You’ll be asked to provide some data (the same data that a hacker could capture or “sniff” out of the air with a laptop from anywhere in the range of your network) and the service will attempt to extract your password.
3. Check for rogue Wi-Fi access points
- Rogue access points present a huge security risk. These aren’t your company’s “official” Wi-Fi access points, but ones that have been brought in by employees (perhaps because they can’t get a good Wi-Fi signal in their office) or conceivably by hackers who have entered your building and surreptitiously connected one to an Ethernet point and hidden it.
- In either case, rogue access points present a risk because you have no control over them or how they are configured: for example, one could be set up to broadcast your SSID (the 32 character identifier for a wireless network) and allow anyone to connect without providing a password.