Home Wi-Fi security tips – 5 things to check - Sophos

Many people think that “no hacker would be interested in my home network.” But everyone has something that’s valuable to attackers: personal information, bank details, financial data, perhaps even a webcam that could let criminals know when you aren’t at home, or that might let creeps spy on you when you are.

And if you’re working from home, it’s worth remembering that for a skilled attacker it’s just a hop, skip and jump across the network from your personal computer or connected device to your work laptop, and possibly from there to the whole company network.

Tip 1. Apply those updates

“Patch early, patch often” is a regular mantra on Naked Security, and it applies to all access points, modems, and routers you use for your home network, as well as all the devices that can connect to it.

Take a moment to check when your firmware was last updated. If it’s not up to date, patch without delay.

Set your devices to automatically install updates where possible. If you discover that you are unable to update (for instance, if the manufacturer is no longer providing support), consider migrating to a device that is properly supported.

Tip 2. Check your encryption settings

We recommend using at least WPA2-PSK (AES) encryption, also known as WPA2-CCMP. (PSK stands for Pre-Shared Key, which is the password you need to connect to the network in the first place.)

WPA2 was first ratified by the Wi-Fi Alliance in 2004. If the router you’re using doesn’t support WPA2, upgrade to a newer model that does.

Never use WEP, short for Wired Equivalent Privacy, because the encryption system it uses was cracked completely many years ago – it gives nothing but a false sense of security.

Tip 3. Pick a proper password

Pick a proper password for your Wi-Fi network.

It’s tempting to use a short and obvious password so it’s easy to type in on devices such as phones or to read out for friends who want to join your network while they’re visiting.

But an obvious password makes it easy for people you haven’t invited onto your network to connect up as well. You only need to enter it once, so a little bit of extra hassle putting in the password in the first place is worth it to make it harder for outsiders to guess the password in the future.

Remember also that if you have allowed a guest to access your network but then decide that you don’t want them connecting anymore, you will need to change the password to keep them out.

Tip 4. Check who’s on your network

It’s worth taking a moment to see which devices have accessed your Wi-Fi network recently. Many routers have an option in their management pages, usually accessed via your browser, that will show you which devices have connected recently.

Are there any rogue computers online? Perhaps the teenager next door is still connected from their last babysitting session? Are there any home devices such as webcams or baby monitors that you’d forgotten about or thought you’d turned off?

If there are devices accessing your network that shouldn’t be, disconnect them. Changing the Wi-Fi password will stop any unwanted devices from getting back online automatically.

Tip 5. Review your IoT devices

IoT is short for the Internet of Things, and it refers to devices that didn’t use to be computers in their own right, such as webcams, smart speakers, and doorbells, but that now connect to your Wi-Fi network by themselves and operate independently.

Paul Ducklin’s recent article on 8 tips to tighten your work-from-home network included some great advice for securing IoT devices such as webcams and smart speakers. The main takeaways are:

• Only connect devices that you really need to have online. Power down devices when you’re not using them.
• Make sure you know how to update your devices.
• Configure your devices correctly,
• Change any risky settings, such as default passwords.
• Check how much data you are sharing.
• Put IoT devices on a ‘guest’ network if you can.
• Turn on ‘client isolation’ if available.
• Make sure you know who to turn to if you have a problem.

That said, we must take a deeper look at our security and check that everything is as it should be.