Home Wi-Fi network security: 4 ways to avoid big trouble

Locking down your home Wi-Fi network with a password is like making sure you eat your broccoli. It's probably good for you, but you probably think it's not much of a priority or a big deal. Well, it's time to make an attitude adjustment. It turns out that you can cause yourself a good deal of trouble by leaving that door to your system unlocked.

Don't believe me? Just listen to the story of a homeowner in Buffalo, N.Y., who endured an ugly encounter with a weapons-waving coterie of law-enforcement agents who swarmed into his house in February and accused him of downloading a huge trove of child pornography, a federal crime.

As you might have guessed, the man (his name has not been released) was guilty of nothing more than failing to secure his Wi-Fi network. After an extensive grilling and the seizure of his family's computers and smart phones, the real culprit emerged. It was a 25-year-old neighbor who had secretly latched on to the innocent man's wireless network and used it to download thousands of images, according to an Associated Press story that's been making the rounds. The same story recounts similar incidents in North Syracuse, N.Y. and Sarasota, Fla.

I'm not saying there's a creep outside of every unlocked electronic door just waiting to download kiddie porn. The incidents in New York and Florida were obviously unusual events. But there are plenty of people who think it's acceptable to freeload on someone else's network.

A recent survey commissioned by the Wi-Fi Alliance, an industry group, found that nearly one-third of the respondents said they have tried to get on a Wi-Fi network that wasn't theirs - that's up 18 percent from a December 2008 poll.

20 Crazy Things People Do to Get Wi-Fi Connections

At the very least, those folks will slow down the connection for which you're paying. They could also gain access to files on your computer that you thought were private. Or, they could be using a peer-to-peer network to download illegal copies of music or movies, an activity taken seriously by the music and film industries (and their lawyers) these days.

So why take a chance? Here are four key steps you can take to secure your home wireless network.

1.Set Wi-Fi for the highest level of security your router and PC allow: Wi-Fi Protected Access 2 (WPA2) is the latest in network security technology. It controls who connects to the network and encrypts data for privacy. Older wireless routers won't give you that option, but most support WPA encryption. Your router may support the older WEP standard, but it's really rather weak and should be avoided unless you have no other choice. It is important to note that the security level of a home network is determined by the least capable device and many devices ship with security options disabled as the default.

2.Create strong passwords: Ensure that your network password is at least 8 characters long, does not include any dictionary words or personal information, and is a mix of upper and lower case letters and symbols. A tip that might make password management easier is to create an acronym from easy-to-remember phrases. For example, "my daughter's birthday is July 7, 1987" could become the password "MDBi7787."

3.Be smart about hotspot use: Most public hotspots leave security protections turned off, so while connecting to a public Wi-Fi hotspot is great for general Internet surfing, users should not transmit sensitive data, such bank account login information.

4.Turn off file sharing: You'll notice that Windows lets you share files across a wireless network. That's useful, of course, when you want to share music and videos around the house. But it gives hackers a straight line into your private stuff. If you keep it on, be sure to limit the files that can be shared on the network to material that you don't mind exposing to the rest of the world.

Most of the measures I'm recommending can be made by accessing your router via the Internet. That address is generally set by default and is the same for all, or most of all, routers made by the manufacture of the router. Linksys routers, for example, use for their internal IP address. D-Link and Netgear routers typically use Some US Robotics routers use, and some SMC routers use

The default password for many routers is "admin." D-link routers give you a choice of logging in as "admin" or "user." If you log in as "user" simply leave the password field blank, unless you set a password earlier.

A third-party application called Network Magic (now owned by Cisco) makes it even easier to handle these chores. I've been using it for years to add devices to my network, repair wireless connections, get alerts when an intruder sneaks in, and to install passwords and share files and printers securely.

The software comes in a number of versions, but for most users Network Magic Essentials, priced at about $24, is all you need. One caveat: Cisco is cutting back its consumer operations, so it's possible that it will stop selling, and maybe stop supporting, Network Magic.

San Francisco journalist Bill Snyder writes frequently about business and technology. He welcomes your comments and suggestions. Reach him at bill.snyder@sbcglobal.net.

Follow Bill Snyder on Twitter @BSnyderSF. Follow everything from CIO.com on Twitter @CIOonline.

Read more about security in CIO's Security Drilldown.

Join the CSO newsletter!

Error: Please check your email address.

Tags Wi-FiTechnology Topics | SecurityNetworkingsecuritywirelessTechnology TopicsWLANs / Wi-Fi

More about BillBuffaloBuffaloCiscoD-Link Australiaetworki2i2LinksysNetgear AustraliaSMCUS Robotics

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Bill Snyder

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place