Routers are admittedly one of the essential gadgets in our homes today. It provides connectivity to our line of devices. From phones to desktops, it checks all of our online traffic. It works as a gateway to ensure our network’s security. With our increasing reliance on the internet and smart devices, we do not even pause to think about the underlying threat associated with these devices. All these devices need internet connectivity to work; hence connected to our Wi-Fi. If someone malicious gains access to our wireless network, they can hold all these devices hostage. Wireless routers are an irreplaceable component of our digital life. Thus, it is imminent to us that we ensure our digital well-being by protecting our wireless router. We can do so by employing various methods, which we will explore more closely in this article by understanding the threat towards wireless routers and the remedies needed.
Routers have become popular with the advent of the internet. Users now prefer wireless connection over secure ethernet. There is no doubt that Wi-Fi has made our lives considerably simple. However, at the same time, it has also opened gates to severe potential risks, which include but are not limited to – malware, data theft, identity theft, ransomware, etc. In this guide, we will address concerns pertaining to routers; And the steps needed to ensure a safe online experience.
What are wireless routers?
A wireless router is an internet device that allows the user to connect to a wireless network. Known as Wi-Fi routers, they combine the networking functions of a wireless access point and that of a router. Wireless routers can connect to other LANs or the internet wirelessly by using radiofrequency. As such, they are also called WLAN devices.
A Wi-Fi router enables network packet forwarding and routing while serving as an access point in a LAN. It operates exactly like a wired router but uses wireless radio instead of wires to communicate within and to an external network environment. A router can, at times, act as a switch, a gateway, an internet router, and an access point.
Note — A Wi-Fi router can also function as a firewall with the ability to block, monitor, control, and filter incoming and outgoing network traffic.
Types of Wi-Fi routers
Nowadays, a Wi-Fi router doesn’t need to be an external and bulky tool. It can even be an internal radio receiver and work fine. These are what we people call Wi-Fi hotspots. With this technology, you can get access to a router anywhere. With just a single click, your smartphone can turn into a wireless router. Mainly, there are three types of Wi-Fi routers:
- Desktop Wi-Fi router — Your traditional routers that are needed to connect to the internet but without wires.
- Mobile hotspots — Your mobile phone comes with the capabilities to share its internet connection.
Common problems a wireless router faces
People are aware of the threats they would face if their data falls into the wrong hands. From financial loss to identity theft, there is a variety of cybercrime possible. However, one needs to get access to your device for it to be effective. In the case of a router, though, its security issues are a bit different from your typical desktop. It is easy to circumvent the security of your standard router if one has the motivation alongside the necessary tools. You may feel that the password-protected Wi-Fi network is very secure but is it? Listed below are the major problems common across all the Wi-Fi routers.
Problems with the ‘consumer’ router
Even when a router is an integral part of a consumer’s daily online habit, many fail to realize the device itself is a powerful computer with its OS, software, and vulnerabilities. A router that has fallen victim to malpractice can replace individuals in performing cyberattacks on your systems. From spying to altering unencrypted data, a compromised router is capable of unnerving feats. Most consumer-grade gateway devices fail to notify the user if and when a firmware update becomes available, which can patch glaring security holes. As such, someone can utilize this breach in security and gain access to your routers. The contemptible issue is a lack of awareness of the public regarding the usage and maintenance of wireless routers.
Wireless routers come with Universal Plug and play configuration (UPnP)
Wi-Fi routers come configured with the standard UPnP networking protocol. While it makes it easier to install and use, it leaves the device exposed to external threats. LANs have been using UPnP protocol forever, which in itself isn’t a bad thing. However, for a security-conscious consumer, it certainly spells a big no.
WPS feature makes routers riskier
WPS or Wi-Fi protected setup is an easy-to-use feature that allows users to bypass the network password and connect to the Wi-Fi by simply entering a simple 8 digit password. This pin remains valid even if you change the network username or password. It means that as long as the router supports WPS anyone can make approx 11000 guesses to access your wireless router.
Simple tips to improve the security of Wireless routers
You can take some simple yet crucial steps to ensure the security of your wireless router. Such as –
Make a complicated password
Most users prefer to use easy-to-remember passwords like a string of numbers, but that itself is a very insecure thing to do. Always use a strong password for your wireless routers to maximize security. Your friends and family often than not have your Wi-Fi password. And you have no actual control over who else they would pass it on. As such, using a strong password not only makes it harder for people to communicate, but it is also impossible o guess. You can also use a password generator to aid you with this task.
Limited access to password
Although it seems a bit hard, try to limit the number of people who have your password. Don’t give out passwords to everyone. Try to screen the number of people who have access, for it is a potential threat.
Frequently change your password
Another thing to note is to keep changing the password regularly; for it to be effective. Using the same password for a lengthy period will make it less secure. You can comb the number of users with access to your router with a regular change.
Change admin credentials
You can access your router’s administrative panel with any device connected to it. Manufacturers tend to use a universal username and password for every router they sell. Anyone connected to your network can gain access to the administrative control of your router with some guesswork and google. After that, it will be all too easy for them to lock you out even.
The default username and password may be printed on a booklet; or on the box itself. Or you can find it on the manufacturer’s website. In case you are unable to, try these:
- sys/admin
- system/admin
- admin/admin
- user/user
- system/password
- admin/password
If everything else fails, try and contact your manufacturer. The username and password are needed to access the administrative panel of your router. It controls the security of your device. When you gain access, the first thing you need to do is to change the admin credentials.
Change the network name of your wireless routers
A network identifies by its name, also known as SSID. Manufacturers often put the name of the brand or the model as the SSID. A hacker can use the SSID to look up the default username and password to gain access to your Wi-Fi. For continued safety, the best method is to change your SSID. You can do so by accessing the administrative panel discussed in the previous step.
Hide network
You shall know that your network doesn’t have to broadcast its SSID. If you block your network from sending out its identifier, your home Wi-Fi becomes a hidden network. It ensures that your network won’t be visible to anyone else. As such, any new potential user won’t be able to connect to your Wi-Fi.
Use better encryption methods
Weaker encryption equals poorer security. Some tools can easily circumvent outdated and vulnerable encryption, and that too for free. There are three types of encryption commonly used by routers.
- Wired Equivalent Privacy (WEP)
- Wi-Fi Protected Access (WPA)
- Wi-Fi Protected Access 2 (WPA2)
Use a router with WPA2 or, better yet, the modified version, known as WPA2 AES, which uses the AES cipher to protect the transmission, and the encryption is impossible to crack.
Turn off WPS
As we have already discussed above, the WPS can be a lethal threat to your wireless network. The best bet is to turn off WPS from your router. However, it is a convenient feature to have, so as a compromise, you can use the WPS button on your router but turn off the password feature.
Turn off UPnP
Again, we have already mentioned that UPnP (universal plug and play) is a feature that is a potential threat. While it is a must-have for IoT (Internet of Things) devices, it can also open a channel for hackers to launch a DDoS attack. UPnP works with your router to provide connectivity to your gadgets, which lack password authentication. As such, these “smart” appliances can become a vulnerability.
UPnP has enabled hackers to infect household devices and include them in botnets. A botnet is an army of devices that can send access requests to a single computer, all at the same time, thus blocking its availability.
Turn off remote management on wireless routers
A standard router setting enables remote access by default. It may lead to uncertain risks; thus, it’s better to turn this function off.
Update Firmware regularly
A firmware update ensures that your device receives regular security patches. Although a manufacturer claims to provide regular automatic updates on your router, you should take the initiative and check for regular updates. You can either do this by accessing the administrative panel on your router or directly check the manufacturer’s website for any related updates.
Keep Firewall on
Most of the routers have an inbuilt firewall. It is off by default, so check your router admin panel and enable the firewall.
Wireless routers operate on a system called NAT (network address translation). It means that every device on your network, connected with the same router, will have its unique address known only to the router itself. This address doesn’t identify your devices on the internet. It is possible because the router has its address, which it uses to communicate on the web. NAT prevents outsiders from identifying the devices connected to your router (their actual address). It can forestall the flow of unsolicited traffic on your device.
Use VPN for wireless routers
VPNs are known for their privacy and security functions. By using a VPN, you can circumvent all these potential threats associated with a router. VPNs offer end-to-end encryption that goes through the router. As such, even if you have a router with weaker encryption, your security won’t be affected.
A VPN can save you from wireless packet sniffers and prevent infamous cyberattacks like man-in-the-middle. With the growing popularity of the segment, commercial VPN providers offer a lot of customizability. You can run VPNs on your devices separately or set up a VPN on your router directly (or buy a pre-installed router VPN).
For a seamless operation, we recommend using a VPN on your router; for those of you who use multiple devices on the same network.
VPN routers
Today, a lot of credible providers make sure that users can get their services on a router. They either implement the service or provide a pre-installed router VPN.
The base difference between a VPN service on routers and a pre-installed one is that the former is essentially a service. That way, you will have to manually configure and set up a VPN on your wireless router. The latter one is a product or a device. It is a router from a manufacturer which has a tie-up with a particular service provider, and they have configured the router for an out-of-the-box VPN experience. In this method, all you need to do is install the router, run the VPN client, and done. Here are our best VPN routers.
Note – You can access VPN services on a router only after flashing it with firmware that supports OpenVPN. Without resetting the architecture of the router, it won’t be able to support the OpenVPN protocol. And without protocol support, a router can’t run a VPN service.