SECURE YOUR OWN WI-FI NETWORK

Prepared by: SHIVAM KUMAR

Date: 10/04/25

A home network is a group of devices (computers, game systems, printers, smartphones,

tablets, and wearable devices) that connect to the internet and each other.

A home network can be connected in two ways:

1. A wired network which is used to connect printers and scanners, or,

2. A wireless network that connects devices like tablets and mobiles without wires.

A secure home network is an essential aspect of internet safety. Hackers can exploit vulnerable
networks to carry out a range of cybercrimes such as installing malware, carrying out data and
identity theft, and creating botnets. In this guide, we talk you through the main steps you need
to take to secure your home network — helping you and your family use the internet safely.

How to change the name of your default home network

The first step in securing your home network is to change your network’s name. Your network’s
name is known as an SSID – this stands for Service Set Identifier. If you open the list of Wi-Fi
networks on your laptop or smartphone, you will see a list of nearby SSIDs. Routers broadcast
SSIDs so nearby devices can find any available networks.

SSIDs can be up to 32 characters in length. Typically, manufacturers create default SSIDs by

combining a company name with random numbers and letters. It’s a good idea to change your
SSID name because:

• If criminals know the manufacturer of your router, they may know the model's
vulnerabilities and how to exploit them.

• A non-generic name may keep network attackers or hackers away since it shows your
router is more carefully managed than routers using default generic names.

Change the SSID so that it doesn’t disclose the router brand or model. Avoid an identifier that
includes any personal information, such as your name, address, or phone number. It's good to
use a bland name for your SSID – one which won’t attract the attention of hackers scanning Wi-
Fi networks in your area.

Use a strong password for your router

Wireless routers typically come pre-set with default passwords. Hackers can guess these,
especially if they know the manufacturer of your router. Therefore, changing your password as
soon as you can helps with home router security. You can usually do this by connecting to the
router’s management interface through your browser – the address should be the router’s
default IP address found on its bottom sticker or in the set-up guide.

A strong password is at least 12 characters long – ideally more – and contains a mix of upper-
and lower-case letters, numbers, and symbols. For a secure home network, it is a good idea to
change your password regularly – every six months or so.

Strengthen your Wi-Fri encryption

Encryption is an important aspect of any Wi-Fi-protected set-up. Most wireless routers come
with an encryption feature, which is usually turned off by default. Turning on your home
router’s encryption setting can help secure your network. There are four types of Wi-Fi
protection systems commonly used to secure transmissions so that only the user’s device and
the Wi-Fi router can read the contents of the transmission.

They are:

• Wired Equivalent Privacy (WEP)

• Wi-Fi Protected Access (WPA)

• Wi-Fi Protected Access 2 (WPA 2)

• Wi-Fi Protected Access 3 (WPA 3)

WPA 2 and WPA 3 are the better options for those wondering how to secure Wi-Fi, as they are
newer and more secure. The older WPA and WEP versions are vulnerable to brute force attacks.

If your router gives you the option, consider creating a guest wireless network, also using WPA 2
or WPA 3, and protected with a strong password. Use this guest network for visitors: friends and
family will most likely not want (or need to) hack your network. Still, they may be using devices
that have been compromised or infected with malware before using your network. A guest
network helps to enhance home network security.

Use a VPN for additional network security

Virtual private networks or VPNs are mainly used to improve privacy on the internet. VPNs
encrypt your data so that a hacker can’t tell what you are doing online or where you are
located. The protection offered by the VPN goes through the router, so even if the encryption
provided by the router is compromised, you still have the VPN encryption to make your data
unreadable.

For those considering how to secure your IP address, a VPN can help. A VPN alters your IP
address, making it appear that you are using your device from another location than your home
address. VPNs can be used on desktops, laptops, phones, or tablets.

Keep your router firmware up to date

It is good cybersecurity practice to keep your software up to date – and that includes your
router firmware. Older firmware will have vulnerabilities that hackers can exploit. Some routers
allow users to check from the management interface if firmware updates are available, and a
few may offer automatic updates. You can also check the vendor’s support website to see if
updates for your router model are available.

Sometimes the triggers for firmware updates are news stories about significant virus attacks.
The outbreak of a severe attack will motivate the router manufacturer to review its firmware
codes to ensure its equipment is not vulnerable to the new attack. If it is, they will issue a
security patch – hence the need to stay updated.

Use a firewall to protect the devices on your network

A home firewall protects the devices connected to your network from intruders on the internet.
They effectively act as a one-way digital barrier by blocking access to your network from devices
on the internet while simultaneously allowing devices on your network to connect to devices on
the internet.

Most routers come with network firewalls enabled, so check that yours is enabled. If your router
doesn’t have a firewall, you can install a good home firewall solution on your system to prevent
router attacks.

Consider changing your router’s IP address

Default router IP addresses are easy for hackers to find. Sometimes they can even be found
online. For extra protection from router attacks, you can change your router’s address.

Log into your router admin console and search for network settings or LAN/DHCP. Change your
IP address and save. Note the new address.
It should be sufficient simply to substitute a couple of numbers. Once changed, you use the new
address to access your router settings. If for any reason, you need to change your IP address
back again, you can restore your router to its factory settings.

Set up a separate network for IoT devices

The Internet of Things (IoT) is a term used to describe physical devices other than computers,
phones, and servers, which connect to the internet and can collect and share data. Examples of
IoT devices include wearable fitness trackers, smart refrigerators, smart watches, and voice
assistants like Amazon Echo and Google Home.

The Internet of Things has cybersecurity implications:

• The greater the number of devices connected to the internet, the more potential entry
points for hackers.

• Not all IoT devices have a great security track record.

For those looking to maximize their router security and avoid router attacks, you could set up a
separate Wi-Fi network for your IoT devices. This is known as a VLAN – a virtual local area
network. With a VLAN, you can ensure your most valuable devices – computers and phones,
which contain the most sensitive data – are on one network, and your less secure IoT devices
are on another. This removes the risk of poorly secured IoT devices acting as potential entry
points for hackers to compromise your computers or phones.
Using a VLAN doesn't limit functionality since most IoT devices are controlled through
smartphone apps connected to cloud services. Most of these devices don't need to
communicate with mobile phones or computers directly over the local network after their initial
set-up if they have internet access.

Turn off Universal Plug and Play

Universal Plug and Play (UPnP) helps devices in your home discover your network and then
communicate with their manufacturer for firmware updates and supplies. UPnP is a critical
element of the Internet of Things, but unfortunately, it's also a channel for hackers to infect
devices and include them in botnets. UPnP can also be used by malware programs to obtain
high-level access to your router's security settings.

Your router has to cooperate with the UPnP system so that your household gadgets receive
access to the internet. Because many devices don't have password protection or use the same
password for all devices, these smart pieces of equipment can be a security vulnerability.

UPnP helps a device get set up, but once it is working, it's advisable to switch off its UPnP
capabilities and turn off UPnP compatibility in your router.

Disable remote access to protect your network from intruders

Many routers come with features designed to make remote access from outside your home
more straightforward. However, unless you need admin-level access to your router from
somewhere else, you can usually safely turn these features off from the router settings panel. If
you have remote access disabled, you reduce the risk of people remotely accessing your router
and tampering with it.

To do this, open your router's web interface and look for the "Remote Access," "Remote
Administration," or "Remote Management" feature. Ensure it's disabled — often, it is disabled
by default on many routers, but it's worth checking.

If it turns out that some of the apps and devices on your network rely on remote access, you
can always enable the feature again if you need to.

Use MAC address filtering to keep unwanted devices off your network

Many routers allow users to restrict which devices are allowed on their Wi-Fi networks based on
their MAC address. MAC stands for “media access controller”, and a MAC address is used to
identify devices on a network. Enabling MAC address filtering can prevent attackers from
connecting to a Wi-Fi network even if they know its password.

Your router’s console will contain a menu item called “MAC filtering” or “MAC address filtering.”
Every device that can connect to a network has a MAC address that is unique. You must find the
address of each device you wish to allow on your network and then enter those addresses into
the router and turn on the MAC address filtering option.

It is worth noting that MAC addresses can be faked, and sophisticated attackers know how to
exploit this. An attacker still needs to know one of the valid addresses for that network to break
in, but this is not difficult for anyone experienced in using network sniffer tools. That said, MAC
filtering prevents average hackers from gaining network access – so it provides another layer of
protection when securing a router.

Think about where you position your router

If you can, locate your router in the center of your home. Not only does this distribute network
access more evenly, it also helps to put your network out of reach/view from hackers. It’s a
good idea to keep routers away from windows and external doors if you can.

Remember that routers radiate above and below as well as horizontally. If you have a two-story
home, placing the router on a high shelf on the lower level will help ensure that the upper level
will receive coverage as well as downstairs.

Turn your network off when not at home

One of the easiest ways to protect your home network is to turn it off when you're not at home.
Turning your Wi-Fi off while you're away reduces the chances of hackers attempting to break
into your home network when you're not at home.

As well as reducing security risks, unplugging the router when you’re not there also prevents it
from being damaged by power surges.

Keep your devices healthy

The computers and other devices in your home can provide entry points for hackers to get onto
your router. Many of the devices connected to your network will be portable – for example,
laptops, tablets, and smartphones. Portable devices are more likely to get infected since they
connect to other networks and potentially use public Wi-Fi. There is more risk of virus infection
and hacking attempts outside your home. Equipment that never leaves your home is only
exposed to one internet access point, making it less likely to be infected. To keep your home
router safe, remember to practice good cybersecurity hygiene:

• Keep software up to date and allow automatic updates. Patches and new releases for
operating systems and applications are often issued to plug security weaknesses.

• Protect devices with long, difficult-to-guess passwords which are all different from each
other. A password manager can help with this.
 • Make sure your devices are protected by comprehensive antivirus software. For
example, Quick Heal Total Security protects your devices against hackers, viruses, and
malware.

By following the steps mentioned above, you can maximize wireless network security – giving
you added peace of mind when using the internet at home.