Using a VPN in itself won’t protect you from hackers who try to break into your home or office wireless network. Although this is a common way to get online these days, tools like Hak5’s Wifi Coconut can be used by bad actors to monitor your WiFi traffic and break into your network. Here you’ll learn eight ways to keep your wireless network safe.
1 – Fix your Firmware
Most people using Wifi do so with the router their ISP provided and don’t check to see if there are any ‘firmware’ updates available. This makes your router vulnerable to “zero day” exploits, where hackers target older security bugs in older devices.
Use a device connected to your Wifi network to log in to your router settings and check for updates. If there are none available and you’ve had your router for a while, consider upgrading it to a more advanced model.
This could be a good time to invest in a VPN Router, as that way not only will you have more recent firmware but your router itself can connect to the VPN. That means any device using its WiFi network will automatically connect to the internet via your VPN server too.
2 – Hide your SSID
Hackers who engage in “WarDriving” (searching for wireless networks to hack) usually find their job very easy. This is because by default routers broadcast the SSID (Service Set Identifier). This is what shows up when you scan for available WiFi networks on your device.
If hackers don’t detect your wireless network though, there’s no way they can try to break in. You can do this by setting your router to hide your wireless network. The WiFi network will still be there but won’t show up in regular scans.
You can still connect new devices to the network by manually entering both the password and SSID in network settings. Bear in mind though that if a hacker is monitoring these devices as this happens, they may be able to discover your SSID, even if it’s hidden.
3 – Maximize your Encryption with WPA3
Since hiding your SSID isn’t foolproof, you also need to armour up your wireless security just in case your network is detected.
The most modern routers support WPA3 encryption, which is designed to resist the kind of monitoring we outlined above where bad actors wait for devices to connect to the wireless networks and steal your credentials.
However, WPA3 isn’t supported by most routers and devices, so if this isn’t an option use WPA2-AES instead. AES (Advanced Encryption Standard) provides military-grade encryption and is even used by the US government.
4 – Use a Strong Password
The very best encryption won’t protect you if you use a weak password for your WiFi network. This is because hackers can use “brute force” or “dictionary” attacks to try common words or combinations of letters to break your wireless security.
Conventional wisdom is to use a password which is a combination of numbers, upper and lowercase letters and symbols. You can use hide.me’s random password generator to create an 18-character password like this e.g. “37oI|3q8e6EMQ6vd$p”.
Remember though, you’ll need to type this password into each new device you want to connect to the network. Random passwords of this kind can be difficult to remember and input.
Consider using Diceware to generate four random dictionary words for your wireless key e.g. “hefty reabsorb pristine paragraph”. Not only is this passphrase easier to type and remember but it’s actually harder to break.
Whatever method you use to generate your wireless key, make sure to change it regularly.
5 – Disable WPS
WPS (WiFi Protected Setup) is a supposedly convenient feature on routers where you can quickly connect devices. Usually, you press a dedicated WPS button on the router whilst the device is in pairing mode and it automatically connects. Sometimes you have to enter an 8-digit PIN.
While this makes life easy for connecting devices, it also makes life very easy for hackers who only have to use a dedicated program like Reaver to cycle through various PINs until they hit on the right one. As there are only so many 8-digit PINs this can be done in minutes.
Luckily there’s an easy fix for this: disable WPS in your router settings.
6 – Disable Remote Administration
While we’re on the subject of router settings, some allow you to connect from outside your home network. This might be useful if you’re a network administrator for a large organization.
In most cases though, you don’t need this feature. By disabling remote access to your router, you’re only causing yourself the small inconvenience of having to use a device already connected to your network each time you want to change router settings. For a hacker though, you’re making it far more difficult for them to break into your network from outside.
7 – Change your Router Password
Most routers ship with a default password like “admin” or the actual word “password”. Popular websites like Portforward even keep lists of default passwords for major router models.
The manufacturer may intend for people to change these passwords but most never do. This means if a hacker does successfully connect to your WiFi network they can access the router itself and change its settings.
When choosing your new password, make sure to choose a strong unique combination of letters, just as you did for your wireless key.
8 – Use a VPN
If a bad actor does somehow connect to your wireless network and/or change your router settings, using a VPN on your devices can help.
This is because the VPN ‘client’ software on your device establishes a secure, encrypted tunnel to the VPN server. If a hacker is lurking on your network and monitoring your data packets, all they’ll see is encrypted data. They may work out you’re using a VPN but they won’t know which sites you’re visiting or be able to steal information like passwords in this way.
We love bringing you this content and hope it helps keep you safe and secure online. Feel free to share it with your friends, too.
Here at hide.me we are all about internet freedom, and we are happy to be in a position to bring that to everyone. That is why we give you a 30-day money-back guarantee on our Premium plan. No questions asked and no logs recorded.
If you have any questions, please feel to contact our 24/7 support team either at support@hide.me or via live chat.
Avery Davis 
