In her previous post Wireless: Hot Spot Safety Tips, Sheila Blackford explained how to connect safely from a café, airport or other public place. Here’s her advice on the precautions you need to take at home as well.
The router you get to run your wireless network at home comes with default settings to make it easy to install and use. But they make it easy to attack your network, too. The fact is that the hackers out there know the default settings for every router—and they’re just waiting for you to give them access to yours.
The problem isn’t limited to just high-tech maldoers, either. In a recent national survey commissioned by the Wi-Fi Alliance, 32 percent of respondents admitted to “borrowing” a neighbor’s unencrypted Wi-Fi connection. While you might not think of your neighbors as a threat to your security, you still want to be very cautious. Much more than your privacy could be at stake—particularly if you work on client files from home.
There are four especially vulnerable security holes to plug in your home network.
1. Network Administrative Username and Password. Change these two defaults and make sure you select a strong password. How to remember it? Choose a phrase that is meaningful to you such as “Oregon Attorney October 4, 2000!” which can become the passphrase: “Oa100400!” Follow the current password guidelines:
- Make it at least 8 but preferably 12 characters long.
- Use a mix of uppercase and lowercase letters and symbols.
- Change it every six to eight weeks.
2. Wide Area Network (WAN). You can think of this as “Wide Open Network” because if it’s left on default, this setting allows a hacker anywhere out there on the Internet to “see” your settings. The default setting needs to be reset to turn the WAN switch off. This locks down your network to just computers with your network safe password. You can work online but no wireless hitchhikers can join in.
3. Universal Plug and Play (UPnP). This lets you easily add devices like printers to your network. Unfortunately, it can also be used by a hacker to change your router’s settings even if you turned that WAN switch off. So, once you’ve added or set up your printer, turn off the Universal Plug and Play setting on the router, too. If you need to add another plug-and-play device, just turn it on while you do the setup and then close it again when you are done. (You should see a message “Add another device?” You select “No.”)
4. Encryption. There is a setting on wireless routers to encrypt all traffic between the router and connected computers. If the connection is not encrypted, any Wi-Fi capable computer in the area can connect to your router, use your Internet connection, and capture data traffic between the router and any of your connected computers. Choose WPA encryption and, again, a strong password.
It’s not just that you don’t want to share more than a cup of sugar with your next-door neighbor. Someone nearby may be using a simple eavesdropping tool called Firesheep—it’s a free Firefox extension that has been downloaded more than 1 million times since last year. And, of course, even without Firesheep, a moocher may decide to swipe your computer logons, passwords and account numbers. And in some countries, it’s reported that terrorists are using open Wi-Fi networks to run their cells.
The good news is that many new devices are now being shipped with a Wi-Fi Protected Setup that simplifies and standardizes the configuring and securing process of a Wi-Fi network. Look for a black-and-white logo on the box that says “Wi-Fi Protected Setup” and then follow the instructions.
Here’s to some really good private time with your computer when you’re home!
Sheila M. Blackford is an attorney and Practice Management Advisor for the Oregon State Bar Professional Liability Fund. She writes the Just Oregon Lawyers Blog.