On a high number of Internet-connected DVRs and IP cameras, altering the default passwords on the unit’s Web-based administration panel does little to actually change the qualifications hard coded into the devices. Routers, on the other hand, normally have a bit more security built in, but users still have to take several measures to harden these devices out-of-the-box.
For starters, be sure to change the default qualifications on the router. This really is the username and password pair that was factory installed by the router manufacturer. If neither of those work, try looking up the instruction manual at the router manufacturer’s site, or checking to see if the address is listed here. The address you’ll need should be next to Default Gateway under The Local Area Connection.
If you don’t understand your router’s default username and password, you can look it up here. Leaving these as-is out-of-the-box is an extremely poor idea. Most modern routers allow you to change both the default user name and password, so do both if you can. But it’s most important to pick a strong password.
When you have changed the default password, you’ll need to encrypt your connection if you are using a wireless router (one that broadcasts your modem’s Internet connection so that it can be obtained via wireless devices, like tablets and smart phones). Onguardonline.gov has released some video how tos on empowering wireless encryption on your router. WPA2 is the strongest encryption technology available in the majority of modern routers, followed by WPA and WEP (the latter is fairly trivial to decipher with open source software, so do not use it unless it’s your only option).
Nevertheless, WPS additionally may expose routers to simple compromise. Read more about this vulnerability here. If your router is among those listed as vulnerable, see if you can disable WPS from the router’s administration page. If you are not sure whether it can be, or if you’d like to see whether your router manufacturer has shipped an update to fix the WPS problem on their hardware, assess this spreadsheet.
Ultimately, the hardware inside consumer routers is controlled by software known as “firmware,” and occasionally the firms that make these products send updates for his or her firmware to correct security and stability issues. When you are logged in to the administrative panel, if your router prompts you to update the firmware, it’s wise to care for that at some point. If and when you decide to take this step, please make sure to follow producer’s directions to the letter: Failing to do so could leave you having an oversize and expensive paperweight.
Personally, I never run the inventory firmware that ships with these devices. Over the years, I’ve replaced the firmware in various routers I bought with an open source choice, such as for example DD-WRT (my favorite) or Tomato.
These flavors generally are more protected and offer a much broader collection of choices and layouts. Again, though, before you embark on swapping out your router’s stock firmware having an open source choice, take some time to research whether your router model is compatible, and which you understand and carefully watch all the instructions involved in upgrading the firmware.
Since October is officially National Cybersecurity Awareness Month, it likely is sensible to notice that the preceding tricks on router security come directly from a piece I wrote a while back called Tools for a Safer PC, including numerous other suggestions to help beef up your private and network security.