This article is about wireless technology in general, and is not product specific.
Unlike data transmissions over a wired network, wireless data transmissions extend beyond your walls and can be received by any device with a compatible wireless adapter (radio).
For this reason, it is very important to implement security measures to prevent unauthorized access to your network and data. Most wireless routers and access points provide the following wireless security options:
- No wireless security.
- Turn off wireless radio.
- Disable SSID broadcast.
- Restrict access by MAC address.
- Wireless security (WEP, WPA, WPA2).
- Wireless Protected Setup (WPS).
No wireless security:
Out of the box, many wireless routers and access points have the wireless radio enabled, but no security enabled.
This means that anyone within range can connect to the network wirelessly. Unless you want to provide open access by anyone (for example, at a cafe or hotel), change these defaults.
Turning off wireless connectivity:
You can turn off the wireless radio by pressing a button on the router or by a setting in the GUI.
Streamlining Security and Home Automation
With the wireless radio turned off, no one, including you, can access the network wirelessly. This is the best option if you don't need wireless access.
See your product manual for more information on how to turn off wireless connectivity.
Disable SSID broadcast:
By default, a typical wireless modem router broadcasts its wireless network name (SSID) so that wireless devices can find it. If you change this setting to not allow the broadcast, wireless devices cannot connect to your wireless network unless they are manually configured with the correct SSID.
Note: Turning off SSID broadcast nullifies the wireless network discovery feature of some products such as Windows XP, but the data is still fully exposed to a determined snoop using specialized test equipment like wireless sniffers.
Block access to wireless devices by MAC address:
You can enhance your network security by allowing access to only specific wireless devices based on a list of their Media Access Control (MAC) addresses.
You can restrict access to only trusted computers so that unknown computers cannot wirelessly connect to the wireless modem router. MAC address filtering adds an obstacle against unwanted access to your network, but the data broadcast over the wireless link is fully exposed (unencrypted).
MAC filtering is not widely used because it is labor-intensive to maintain the list of allowed MAC addresses, and it is not secure against a determined snoop using specialized equipment.
Wireless Security: (WEP, WPA, WPA2)
A security protocol requires users to enter a password or key before connecting to the wireless network and encrypts data transmissions to prevent them being read by snoopers.
Three wireless encryption standards are currently offered: Wired Equivalent Privacy (WEP), WiFi Protected Access (WPA), and an improved version (WPA2).
Best Wireless Security Cameras in 2019 [Top 5 Options For Your Home & Office]
WPA and WPA2 are easier to use and more secure than WEP, so use WEP only be used when necessary, such as allowing access to a legacy wireless device that does not support WPA, or when creating a wireless bridge. Currently, WPA2 is the best way to secure a wireless network.
Wireless Protected Setup: (WPS)
This protocol is designed to allow non-technical users to operate a secure wireless network.
Both the wireless router and the client device must support WPS. You can connect a client device to the wireless network in one of two ways:
- PIN. A personal identification number (PIN) must be read from either a sticker or the GUI on the wireless router or access point and entered into the new client device when it tries to connect.
- Push button.
The user pushes a WPS button, either physical or virtual, on both the wireless router or access point and the new wireless client device.
Last Updated:11/28/2016 | Article ID: 20049