OK. Let’s walk through a couple of examples of the types of things you’re likely to be confronted by when you step into the router’s configuration interface. Let’s take a look at an example of a Netgear router and a D-Link router.

Security Options configuration walk-through – Netgear

By way of an example, here are the four available security options for one of Netgear’s units. 

For 'None' read 'Hackers Welcome'. Do not select 'None'.

The list below shows which option we need to select, with a short explanation as to why:

None

We are not going to select this because ‘None’ is to be AVOIDED. For 'None' read 'Hackers Welcome'

WPA-PSK [TKIP]

We are not going to select this because ‘WPA’ and ‘TKIP’ are to be AVOIDED.

WPA2-PSK [AES]

We are going to select this because 'WPA2' and 'AES' and 'PSK' are all GOOD.

WPA-PSK [TKIP] + WPA2-PSK [AES]        

We are not going to select this because ‘WPA’ and ‘TKIP’ are to be AVOIDED. Plus, this is in fact a ‘Mixed’ option and another reason to AVOID the option.

In this example, there is only one possible secure option that we can select - WPA2-PSK [AES]. The other three options are insecure.

Q: What’s the difference between Personal and Enterprise?

A: Some routers give the option of picking WPA2-Personal or WPA2-Enterprise. The Enterprise option is for business, the Personal option is for you. You won’t be able to use the Enterprise option in a home environment. This fact does not impact your security.

Q: What do I do if I can’t avoid some of the AVOID options?

A: If your router won’t allow you to select exclusively GOOD technoglyphs in the configuration, then your choice is simple – accept the fact that your wireless network is insecure (i.e. vulnerable to breach) or buy a new router that supports WPA2 and AES.

Next up - Router configuration walk-through #2