Securing your Wi-Fi connections is an important element of securing your personal data. A Wi-Fi network using WPA2™ provides both security (you can control who connects) and privacy (the transmissions cannot be read by others) for communications as they travel across your network. The security level of a home network is determined by the least capable device - for maximum security your network should include only devices capable of WPA2. Wi-Fi CERTIFIED™ devices implement the latest in security technology - Wi-Fi Protected Access® 2 (WPA2).
Most Wi-Fi equipment is shipped with security disabled to make it very easy to set up your network. Most access points, routers, and gateways are shipped with a default network name (SSID), and administrative credentials (username and password) to make configuration as simple as possible. These default settings should be changed as soon as you set up your network.
Of course, it’s also important to consider employing other measures to secure your communications after they travel beyond your Wi-Fi network. Tools like personal firewalls, Virtual Private Networks (VPNs) and HTTPS can help reduce the risk of compromised privacy and security for internet traffic.
Security Made Easy: Wi-Fi Protected Setup™
The skill level and time required to protect a Wi-Fi network depends on the complexity of the network. A home user installing a simple, new network and configuring it for security can expect to spend 5 to 15 minutes on the task.
Wi-Fi Protected Setup is an optional feature that simplifies and standardizes the process of configuring and securing a Wi-Fi network. It configures the network name (SSID) and WPA2 security for the gateway and client devices on a network and makes adding a new device to your network as easy as pushing a button or entering a personal information number (PIN). Products certified for Wi-Fi Protected Setup are available at major electronics retailers and display this logo on their packaging.
Securing a New Network
Change the network name (SSID) from the default name
Change the administrative credentials (username and password) that control the configuration settings of your Access Point/Router/Gateway
Enable WPA2-Personal (aka WPA2-PSK) with AES encryption
Create a network passphrase that meets recommended guidelines
Enable WPA2 security features on your client device and enter the passphrase for your network
Checking Security on an Existing Network
When you add a new device to your Wi-Fi network, it’s a great time to make sure you’re taking advantage of the highest level of security your devices are capable of. Take the opportunity to ensure your network is configured for WPA2.
If your network was set up some time ago, or a service provider (e.g consultant or cable provider) configured your home network, it may be worth checking that it’s configured for the highest level of security. If your network is configured for an older generation of security (WEP or WPA) the Wi-Fi Alliance recommends you move to WPA2. WPA2 has been required on all Wi-Fi CERTIFIED products since 2006 – the vast majority of Wi-Fi CERTIFIED devices in service today are capable of WPA2.
Passphrase Quality & Lifespan
A secure network passphrase greatly enhances network security, so it is a good investment of time to select an effective passphrase. In general, increasing length, complexity and randomness all improve the quality of a passphrase. We recommend that your passphrase is at least 8 characters long, and includes a mixture of upper and lower case letters and symbols. Your passphrase should not contain a word found in a dictionary and should not include personal information (identification number, name, address, etc).
Periodically changing the passphrase on your network also increases security.
Once users have experienced the convenience and freedom of working wirelessly, they want to take their Wi-Fi on the road. Here are some tips for securing your Wi-Fi devices when using them away from your home network.
- Enable WPA2 security: All of your Wi-Fi client devices (laptops, handsets, and other Wi-Fi enabled products) should use WPA2.
- Configure to approve new connections: Many devices are set by default to sense and automatically connect to any available wireless signal. Configuring your client device to request approval before connecting gives you greater control over your connections.
- Disable sharing: Your Wi-Fi-enabled devices may automatically enable themselves to sharing / connecting with other devices when attaching to a wireless network. File and printer sharing may be common in business and home networks, but you should avoid this in a public network such as a hotel, restaurant, or airport hotspot