Bolstering Your Router’s Passwords: Defend Your Network

Now that we have tightened our network’s security, we are ready to beef up our router’s passwords.

Our wi-fi network has two passwords. One that we use to join the network, and get access to the internet. And another that is used to configure the router. Both need to be changed from the defaults that the router shipped with.

Strengthen the wi-fi network password

The 'wi-fi network password' is the password that you use to join the wireless network. Unless you’ve set your network to “No security”, you are already using a wi-fi network password. If you’re using the router’s default password or a memorable one that you’ve set yourself, then you should consider replacing this password with a strong password.

Remember, that we do not consider the router’s default password to be strong.

To upgrade the wi-fi network’s password, find the WIRELESS settings, usually located in the BASIC section.

adding strong passwords to your wireless network is essential

In the example above, the less than awesome password Rex1984 has been used to secure, in this case, two networks. We are going to change Rex1984 to a strong password and then hit SAVE. Again, don’t expect your screen to look like this. Unless your using a TP-Link Touch P5 your screen is probably going to look different to this example. Also, you may only have one network to secure. Regardless, the concept is the same – find the right screen, update the wi-fi password(s) and hit SAVE.

Strengthen the router’s “admin” account password

The router’s admin account is the account that you use to log into the router to make configuration changes. Your router shipped with a default “admin” password. To upgrade the “admin” account with a strong password, go to the ADMINISTRATION section. It’s usually the first option.

changing your router's default password is essential

On most routers, you can also change the administrator user name from admin. This will make things harder for hackers, but if you’ve got a 12 character strong password in place, then having people be able to guess what your admin user id is called isn’t going to do them much good.

Why should you change your router’s default network password?

There are a couple of great reasons why you should change your router’s default network password - security and security.

The first reason why you should change your router’s default password

The router’s default password is printed on the side of the router, and so is on display to anyone within touching distance of the unit. As we already know, sharing passwords or leaving passwords in sight is absolutely not good security practice. Given that our highly important network password is on view to everyone walking past it, we need to change the default as a matter of urgency.

The second reason why you should change your router’s default password

In creating network passwords, router manufacturers often prefer convenience over security. This means that they will prefer shorter passwords over longer ones. Shorter passwords are easier to discover (by a method known as brute-force) than longer ones. Whilst all router manufacturers have different standards for default password generation (and some may be secure) we will always err on the side of caution and assume that the default wi-fi network password is going to be easy for attackers to discover, and replace it with something strong and unique.

How long should your wifi password be?

Wi-fi networks are susceptible to what are referred to as brute-force attacks. To break into your home wi-fi network, an attacker starts by collecting a small sample of your network’s encrypted data (which is easy to do when in range of the router). That data is then taken away and hundreds of million of passwords are fired at that data until one eventually unlocks the encryption. When that happens, the attacker has your network password and can start accessing your data and devices.

Here’s the thing with password length - the longer the password, the longer the brute-force process takes. A password of 6 characters can be brute-forced in a day. A password of 12 characters will take a lifetime. Most router default passwords are less than12 characters. For reference, most Government security policies require Government employees to use passwords that are at least 15 characters long. Whilst shorter passwords are more convenient, they are less secure and we recommend that your router’s new network password is a random mix of upper and lower case letters, numbers and symbols, 12 or more characters in length. If you use the Password Coach’s system to generate your router’s new network password, you are going to meet all of these criteria without breaking sweat. And plus, you’ll have the added benefit of not having to write the password down anywhere.

Next up - Other important security measures