In the UK news, we always hear about big companies that have had data stolen or their network hacked. This gives the impression that home networks aren’t hacked, or at least it’s not common for them to be hacked. Having worked in the IT industry for over two decades, I have seen many home networks that have been hacked. Here are some practical tips on how to secure your home network.
Change Your Router Default Password
In the UK, when you receive a router from an Internet Service Provider, the router will be preconfigured with an administrator password. This password should be changed as soon as possible.
The new administrator password for your router should be secure. This means using a password of at least 12 characters long and a mixture of letters, numbers and special characters. The easiest way to generate and store a secure password is to use a password manager like BitWarden.
Ideally, the router password should be changed regularly.
To find out how to change a router password, check the documentation that came with your router or go to your Internet Service Providers support pages.
Below are links to the main UK ISPs on changing a router password.
Change BT Hub Router Admin Password
Change Sky Router Admin Password
Change TalkTalk Router Admin Password
Change Virgin Router Admin Password
Note: The router admin password is different to the WiFi password
Test Your Home Router Security
Home routers should be configured so that computers, mobile devices etc connected to your home WiFi can go out to the internet, but devices on the internet can not get to your home network.
An easy way to check that devices on the internet can’t access your home network is to run a free scanner from the UK National Cyber Security Centre (NCSC).
To use the free scanner, go to the NCSC.GOV.UK website and click on ‘Check Now’.
The scan will take a few moments and come back with a report, informing you of any security issues and information on how to resolve them.
Router Updates
All the big UK Internet Service Providers (BT, Sky, Virgin, TalkTalk) automatically update the routers they supply to their customers. However, internet routers have an End Of Life (EoL) date. After the EoL date, no more updates will be applied to the router.
The EoL date isn’t a problem if you switch Internet Service Provider after your contract expires. This is because every time you sign up with a new Internet Serivce Provider, they will supply a new router.
If you’ve been with the same Internet Service Provider for years, then there is a good chance that your router has reached its EoL and is no longer updated. It would be nice if ISPs told you that the router reaches EoL and replaces it, but they don’t. If your router is old speak to you ISP about getting a replacement.
If you have replaced the ISP router with your own router, then you will need to check that either ‘Auto update’ has been enabled on the router or regularly visit the manufacturer’s support website to get the latest router update.
Disable Remote Route Access
Many routers have an option that allows them to be accessed remotely from a computer on the internet. Your ISP sometimes uses this to provide support if there’s an issue.
Remote router access requires a username and password, but a skilled hacker might find the username and password or bypass it altogether.
It is, therefore, sensible to have remote router access enabled only when required and disabled the rest of the time. Visit your ISP support pages to find out how to disable remote router access.
Strong WiFi Password
When you receive the router from your ISP it will be configured with a WiFi name (SSID) and a password. It is recommended that you change the WiFi password. The supplied WiFi password usually isn’t very secure.
Change the WiFi password to something that is both easily typable and secure. Instead of a complex mix of characters, opt for a memorable phrase, like ‘Tall&GreenTree77’.
Use A Guest WiFi
Most UK ISP supplied routers can be set up with a guest WiFi network. Setting up a guest Wi-Fi network at home offers several benefits in enhancing home network security:
-
Any network device that doesn’t have personal or private information should be connected to the Guest WiFi network. This includes devices like smart TVs and smart home devices which should be on your guest WiFi.
Separating these less secure devices from your main WiFi network helps in protecting your data from potential cyber threats. -
The guest WiFi should be used by visitors connecting to your home internet connection. Having a guest WiFi means that you don’t have to share your main WiFi network password and that visitors are unable to access any of your personal information.
Naming Your WiFi Network
It is a good idea to name your WiFi network something random so it can’t be identified as your network. For example, don’t call it ‘JonesFamily-WiFi’, instead call it something like ‘BlueWiFi’.
Hide Your WiFi Network
Its possible to hide your WiFi network name (SSID), so it does not show up when scanned. In order to connect to a hidden WiFi the name has to be known and manually entered into the device that is connecting.
With the right tools, it is possible to see a hidden network.
Conclusion: How To Secure A Home Network and WiFi
The suggestions I’ve listed above are all around securing the broadband router and will greatly improve your home network security. But, it work make your home network 100% secure.
It is also a good idea to make use of other cyber security tools like antivirus software, a VPN and web filtering