Information Services > Security > Protect Yourself > WiFi-Security

Wireless (WiFi) Security

Wireless router tips:

Use encryption. There are three main types of encryption: WEP, WPA, and WPA2. These methods of encryption are options in most modern routers. WEP and WPA are considered insecure methods of encryption and should not be used. The average WEP encryption can be cracked in the matter of seconds. WPA2 encryption with a passphrase (password) of 16 or more characters is recommended.

Change the default SSID. Knowing the SSID does not by itself allow an attacker to break in, but it is a start. Having a default SSID may make your network a target because it is seen as poorly configured.

Change default router administration username and password. To configure a router, you have to access an administration page. The majority of routers have default credentials such as "admin - password" or "admin - admin" (username - password). Change these credentials as soon as the router is installed.

Disable remote administration. Remote administration allows you to access your router from outside your network. This usually comes disabled on most routers, but it is a good idea to check. If you can access your router from outside your network, that also leaves a wide open avenue for an attacker to do the same.

Disable SSID broadcast. If you want to join your wireless network, you will have to input it manually with this option enabled. It can be useful, however it is relatively easy to find your SSID even with it hidden.

Disable "Guest" wireless networks. Some routers (usually from larger ISPs) are pre-configured with a "Guest" wireless network that is wide open. Make sure to disable if applicable.

General WiFi tips:

Try not to use "free" or "open" wireless networks (i.e. Starbucks, McDonalds, etc.). The traffic passing through these networks is wide open for anyone to see. If you have to use one of these networks, avoid using sites that might include sensitive data: financial sites, school sites, etc.

Mobile phones and laptops usually come pre-configured to connect to any wireless network available. This means you can be connected to an open wireless network that is in range without knowing it. This could be dangerous for the same reasons mentioned above. This setting should be disabled. Change the setting to ask before connecting.‚Äč