wifiIf you own a wireless home or office network, then you know that this is maybe the most easiest way to connect your computers to each other. Wireless networks allow you to share files (such as documents or multimedia files) or even Internet connection between your computers, providing access to them  from anywhere in your home or office. This can be incredibly convenient because of the elimination of the wires connecting the various network devices like computers, game consoles or multimedia systems and as you know all those Ethernet cables stretching from room to room may cause some inconvenience. But wireless LANs also have some disadvantages one of which is their security. Of course this doesn’t mean that your network will be of interest to hackers, just waiting for an opportunity to steal your information. In most cases low level of security could cause unauthorized access to your network, which can reduce the speed of your Internet connection. In other words the security level of your wireless network determines who can access it. That’s why here I will post some best practices you can follow to enhance the security of your wireless network.

Note: Before taking the next steps it’s recommended to consult the user manual of your wireless device.

1. Change the default administrator name and password of your wireless router or access point.

As you probably know when you buy a new device it comes with a default administrator name and password that are the same for most manufacturers (for example: in most cases the default name is admin and the password is also admin or 1234 or just blank field). This could be used by someone to gain access to the admin panel of your router. To avoid that risk, just change the default administrator user name and password for your router.

2. Change the default name of your network (SSID).

Wireless routers come with default SSID which is usually the model of router. Since the SSID is typically shown in the list of available networks you should change this name in order to make it easier for you to find your router in places where there are many other wireless networks. Furthermore – if someone decides to connect to your network the unchanged SSID is a very good sign that nobody has changed the default router settings. Another option available in most brands of routers is the ability to hide the network SSID so when you try to connect you have to manually enter the SSID because it will not appear in the list of available networks. This option is slightly more complicated especially for inexperienced users but is a good additional protection.

3. Use WPA or WEP encryption.

Use one of  the above methods of security to encode the data transmitted between your PC and your wireless router. The Wireless Protected Access (WPA) protocol and more recent WPA2  provide more security since WEP is relatively easy to crack. Use WPA with a strong encryption key (such as a combination of letters and numbers) that only you know. You have to use the same form of encryption on all devices in your network which means that you can’t mix WEP and WPA. If you are planning to buy wireless equipment, look for a router that supports both WPA + WPA2 modes, which lets you to use the stronger WPA2 encryption with adapters that support it, while still maintaining compatibility with WPA adapters.

4. Turn OFF the DHCP service.

Dynamic allocation of IP addresses is very convenient if you often need to include various network devices to your router. In such case it would be better to leave it on. However, if you have multiple computers connected to the router and  you don’t have to change very often the configuration of your network is more convenient to assign their IP addresses manually. This means that you will need to enter IP address in the network connection settings of any of your computers, which could be quite difficult especially for inexperienced users. In addition – assignment of static IP addresses further increases the security since users wishing to connect to your network should to know the exact settings (like IP address range, subnet mask and gateway).

5. Use MAC address filtering.

You’ve probably came across wireless networks looking like open, but when you try to connect, the router doesn’t allow you to do so. That’s because the router has enabled  MAC filtering. As you may know each network device has a unique MAC address that distinguishes it from the other devices connected to the network. To set up MAC address filtering, you must configure a list of clients that will be allowed to connect to the network. First, obtain the MAC addresses of each client from its network connection settings or from its documentation. Then, enter those addresses into the list,  within the appropriate configuration screen of your wireless access point or router. Once enabled, the wireless router compares the MAC address of  each client sending request for connection to the network  with the MAC addresses in the administrator’s list. Clients on the list connect as normal and clients not in the list are not allowed to access the network.