TickYouOff
Sign in
Back
📡

Secure Your Home Wi-Fi

Easy 18 items · 30 min
testuser's avatar
testuser Published 4 weeks ago
Technical

This checklist walks you through the key steps to secure a home wireless network. It’s aimed at general users and covers admin credentials, encryption, guest networks, firmware, and common hardening steps. Follow it to reduce your home’s exposure to common Wi‑Fi threats.

Progress
0 / 18
  1. Log in to your router admin interface — Connect via Ethernet or visit the router IP (often 192.168.0.1 or 192.168.1.1).
  2. Change default router admin password — Use a unique 12+ character password and store it in a password manager.
  3. Change default admin username if supported — Replacing 'admin' makes credentials harder to guess.
  4. Enable WPA3 or strongest available encryption — If WPA3 isn't available, choose WPA2-AES (avoid TKIP/WEP).
  5. Set a non-identifying Wi‑Fi network name (SSID) — Avoid names with your full name, address, or other personal info.
  6. Create a strong Wi‑Fi password (passphrase) — Use 12+ characters or a memorable phrase; avoid common words.
  7. Enable a separate guest network with its own password — Keep visitor devices isolated from your main devices.
  8. Restrict guest network to internet-only access — Disable LAN access so guests can't reach your printers or NAS.
  9. Disable WPS (Wi‑Fi Protected Setup) — WPS PIN and push-button modes can be exploited; turn it off.
  10. Update router firmware — Check the vendor site or enable auto-updates to patch vulnerabilities.
  11. Backup router configuration before major changes — Save a config file so you can restore settings if needed.
  12. Reboot router to apply updates and saved settings — A restart ensures firmware and setting changes take effect.
  13. Disable remote management and cloud admin access — Turn off remote/web admin access unless you explicitly need it.
  14. Enable the router's built-in firewall — Turn on SPI/NAT firewall functions and keep default protections.
  15. Disable UPnP and other unused services (Telnet/SSH) — Turn off features you don't use to reduce attack surface.
  16. Use MAC filtering or static DHCP reservations — Not foolproof, but useful for small home networks to control devices.
  17. Place IoT devices on a separate network or VLAN — Isolate smart devices to limit exposure if they are compromised.
  18. Enable logging and schedule periodic security checks — Review connected devices and logs monthly for anomalies.
Sign in to save
📝 My Notes