Say, when was the last time you thought about your WiFi router? Let me guess: When your internet connection got sketchy and you did your magic move – disconnecting the power cord, waiting 10 seconds, and then reconnecting the cord. Poof! You were able to reboot it, and were up and running again, after a sigh of relief. But I know hackers, and you won’t believe how much they care about your lil’ old router. In fact, they treasure it – because they’re just drooling to pave it into a speedway of stolen data:

  • All of your devices? Hacked.
  • Everyone who ever visits your home? Personal information breached.
  • All of your most sensitive financial and personal data? Robbed – and then sold for a fraction of its worth on the dark web.

So, don’t be surprised if somebody makes a huge donation in your name to a fake front organization, or gets a new mortgage after taking your identity.

And the problems can go way beyond just theft. Once hackers break into your home network, they have access to your laptops, smart security cameras, and other connected devices – including the webcam you use to Zoom or Skype with friends and family.

Not only will the hackers easily discover where you live – but they’ll know the age of your children and where they go to school. And they might sell your internet access to pedophiles and perverts on the dark web, turning your home into a perv theme park.

These risks began even before your home network was up and running

Like many other home internet users, you probably got your WiFi router from your Internet Service Provider (ISP). To pad their bottom line, ISPs are notorious for providing some of the most basic routers on the market – while still giving you 2G or 5G connection speeds.

They provide millions of these basic, techno-skimpy routers – making them a prime target for both spy agencies and the bad guys. In fact, because hackers put most of their nefarious research efforts into finding new ways to crack them, the odds that they’ll find a new router exploit in one of these basic devices increases astronomically. This exploit will give them a master key for millions of homes.

What’s more, the ISP router comes with default keys and passwords that enable the company itself to spy on you. You would think that the company that gives you secure internet access is also protecting your privacy. But it isn’t. The ISP may say that it needs your information to maintain the quality of service it gives you. But your ISP is also in the business (to pad the bottom line) of keeping your information accessible for target-marketing purposes.

And on top of all that, the IP address that identifies any specific router’s access to the internet contains nodes and gateways that give hackers back and side doors to find out who are.
However, while you need an IP address to have internet access, it’s also possible to hide it to hackers – even to your ISP itself.

So, I’m here to help.

I’ve created this router-interface guide based on my experience in studying and applying advanced internet security tactics for many public entities as a federal specialist. But I’m also a family man – with a deep devotion to protecting what families do around their homes. So while some of my tactical tips to take control of your router may require some special tools and services, the vast majority will cost you NOTHING and they can be done by any of you who are reading this.
Best of all, they’ll wipe the smiles from the smug faces of hackers. Here’s what I’ll cover:

  • Router and WiFi passwords
  • WiFi network names
  • Encryption security settings
  • Automated security updates
  • Unique guest internet access codes
  • Parental controls
  • Backdoor Ping hacker access

Plus, I’ll give you some other tips along the way to choose and manage your passwords. And in general, I’ll also give you some basic tips for browsing and searching more privately than you do now, including the use of Virtual Private Networks – or VPNs.

1. Take Control of Your Router

The main purpose of my guide is to make your WiFi router access to the internet more secure from hackers—using the “codes and credentials” that only you know, not your ISP as well, or even the guests who may visit your home and need to log onto to your internet with their own mobile devices.
However, along with the quality of that “residential gateway” you’re renting from your ISP, you’re also using all of its gateway codes.
Some of the gateway codes your router controls are set in stone—just to make internet access possible for you.
But others are controllable—your password, your network name (or SSID), your guest access, your encryption standards, and the like.

To control these, you need to get into your router’s interface—its console. But to get into the router console, you also need a username and password – Administration Credentials.
Every ISP router comes with a default username and password. The idea is to let you or your ISP technician set up your router by using “universal” administrative credentials. These credentials are public knowledge.

However, if you keep these defaults to access your router, you’re also saying, “Yo, Mr. Fox-please guard my hens”, as every hacker can use the default access codes and every tech-savvy visitor to your home could easily log into your router and mess with its innards.

How to Access Your Router’s Settings

Your router consists of embedded service software that controls it. The term techies use for that relationship is firmware. A router’s firmware consists of a console of commands that is your router’s interface.

The basic way to get to your router’s console is to open your browser (whichever one you use), go to the address bar and type in the following:
“192.168.1.1”
This number is normally the IP address of the router, bringing you to the log-in screen of the router console. The screen will look something like this:

 

Netgear login screen

 

Sometimes, however, routers use a different IP address. If you don’t know this address, here’s what to do: 

  1. Type “cmd” in your windows start menu and c lick Enter. This opens the command prompt.
  2. Type “ipconfig” in the command prompt, and click Enter.
  3. Scroll to “Ethernet” or “WiFi”—and find the listing for “Default Gateway.” That’s your IP address.
  4. Copy the address and then paste it into your browser address bar and you’ll get access to the settings screen.At this point, you need to enter your user name and password. The entries are the default codes that come with the router. (They could be the codes you yourself have assigned to it if you purchased your own router.)
  5. If your router is the one that you rent from the ISP, you’ll probably be using the router manufacturer’s default codes. In that case, you’ll need to consult the manual that came with the router, or ask your ISP for the codes.
  6. Don’t know where the manual is? No problem: just pick up the router and look under it for the serial number. Then, search online for “Router [Manufacturer] [Serial number] Operating Manual”. You can also visit a universal list of router default user names and passwords https://cirt.net/passwords and find the codes for your specific router.

Obviously, these passwords are well known to hackers—and of course to the ISP technician who may be in your home to help you set up the router.
However, don’t worry – Only the router you’re using on-site at your home will accept these defaults.
Still, if you have visitors to your home-who bring their techie but bad-seed child along with them–then you may have a problem.
So—change the user name and password that you use to access your router.
Note thet all routers have a specific way of changing their default administrative credentials. I encourage you to use the manual that comes with your router (or search engine information) to make the changes.

Important Note: Not all Routers were created Equal!

  • Before I proceed, I should mention that the rest of the tips I give you in this guide are in fact accompanied by screenshots of a router console – But your router might look a bit different: router makers have unique interfaces and sometimes use their own terminology for setting options. For example, NetGear puts its router password option under the “Wireless” menu, while Edimax puts it under “Administration” and D-Link has it under “Manual Wireless Security Setup”.
  • I’ve chosen to use screenshots of Netgear’s AC1450 router (an older router, of 2014 vintage), because its firmware interface provides fairly straightforward tabs and options for taking control of your own router and enhancing your internet-access security. The intent here is to make you more familiar, and comfortable, with the types of tabs and settings you’ll see in your own make and model.
  • In order to make the required changes, consult your router’s manual. You can also visit PortForward or Setuprouter for screenshots you can eyeball first to make you more comfortable with changing settings in your specific console.

In Netgear AC1450, logging onto the router console brings you to the following screen:

 

Say hello to your router interface

 

You can see the options along the left-hand tabs, plus the icons across the middle, which also give you the “status” of these options.
Routers normally offer two top tabs – “Basic” and “Advanced”.

The Basic tab would give you information about the router and your internet access stats. The Advanced tab would give you the options for changing the settings.
Again, don’t be timid. In fact, click on all of the available tabs to see what your router offers.

Yes, I know you think you’ll screw something up, and you’ll have to admit to your ISP that you just didn’t trust the router or the settings the ISP palmed off on you.
Bah! Take control. It’s really easy—and as with any step to make your PC, laptop, tablet, or device work the way you want it to, you will always have the choice of making your decision permanent (“Apply” usually), or “Cancel” to go back to the previous screen.
Trust me: I’m here to make sure you won’t need to go backwards.

2. Change the Two WiFi Internet Access Identifiers

You use a WiFi password to access the internet through your router, but did you know that your network have another identification code, that can be a serious risk? 
That is your WiFi’s “network name” (Service Set Identifier, or SSID) which is used to designate the “channels” (or the networks) your ISP is giving you to access the web. In short, that’s the network name your neighbors can see; Oh, and also cybercriminals and pervs who want to hack your nanny cam. 

You’ll find the SSID on your computer or mobile device by clicking on the icon that shows your “Network and Internet Settings.” (When you get disconnected from your internet connection, you click on this setting->your network name to reconnect. Most people are using both the password and the SSID your ISP gave them as default codes with the router. The problem is, your ISP probably doesn’t provide each consumer a unique password. For instance, it may assign “stormynight 465” to one user, while assigning “stormynight327” to another. In addition, an ISP normally assigns an SSID designation that includes the name of the ISP itself – for example, “MyComcast5G1234.”

Yup, you guessed it. These defaults are what hackers look for. If they know who your service provider is, they can start guessing the type of router you have. That’s when they start brute-force attacking  – inputting all possible combinations of alphanumeric codes to locate a password. Of course, knowing some of the password prefixes your ISP assigns may be a drool factor for any hacker.

Why would you let anyone else assign you a personal password? So change these two internet-access identifiers now – and make a point of it to change them on a regular, periodic basis.

How to Change Your WiFi Password

Before you start, take a look at your manual (or your search engine information) for the router tabs to change your specific password. Here’s how it goes with my example router:

  1. At the “Basic Home” screen, click on the “Advanced” tab on top. It brings you to the “Advanced Home” screen:
  2. Click on “WPS Wizard.” Scroll down to the side tab “Administration.” Click.
  3. Sub-options include “Set Password,” bringing you to the following screen:
  4. Click “Old Password” and enter the password.

Click “Set Password” and enter your fresh, unique new password (see Textbox 1).Click on “Repeat New Password” and re-enter your fresh, unique new password

Note: Clicking on “Enable Password Recovery” will help you retrieve it if you forget it down the road. However, it also gives your password back to “Administration” – that is, your ISP, which you don’t want to have your password (See Textbox 2 for password management tools that will enable you not to check this box).

Before I tell you how to change your SSID – your network name – I have to say something about how so many of you (not you, of course!) don’t put enough thought into the passwords you choose.

How do I choose the right Password?

Passwords are passwords are passwords, No? That’s what hackers hope you believe. Instead, though, just think of how many passwords you use. How many social accounts do you have? How many purchase accounts do you have? You also have an email password, an internet password, and passwords to access your browser app stores.
Wow, so much to remember. You might become “password-weary”—that’s we experts call it. It simply means that you use combinations of the same alphanumeric codes over and over again.

Many users – even high-ranking government officials – tend to choose a password they can’t forget, like “123456789.” This is the most archaic, most well-known password since “Open Sesame.” Perhaps with less creativity, users will choose their phone number. So by presenting a fake family emergency, attackers can easily manipulate you or people close to you to get the digits. You must choose the right password. Here are my best tips for handling passwords:

  1. Use complicated (“longtail”) passwords –  containing alphanumeric and symbology designations for the passage.
  2. Don’t become password weary – use a different password for each different account or application that requires one.
  3. Choose a difficult security question for any account – or use false answers to easy questions.
  4. Recognize the difference between “http” and “https” sites. The added “s” in http means that it is a secured website. Don’t ever set up password-protected accounts or make any purchase on “http”-only sites.
  5. Consider using easy-to-remember passphrases. Name the phrase after a line in your favorite movie or literary piece: “hastalavistababy” or “statelyplumpbuckmulligan”. But add another element to make it harder to guess – and stick it in the middle. For example, a ransom number. So “hastalavistababy” becomes “hastalavis7103tababy”.
  6. Don’t give people your WiFi password –  especially people who just came in for a sec, like salesmen and repairmen. Tell them to just use their mobile data.
  7. Change your passwords (even your router’s) on a regular, periodic basis.

Better: Use a Password Management App

  • The number of passwords you probably have almost forces you to use weak or repetitive phrases just to remember them all, despite your intelligence. Long strings of alphanumeric passwords cost time and energy to recall which one corresponds precisely with its application.
  • A password management tool remembers all of your phrases for you. And best yet, it remembers them in encrypted form. All you need is one master password to access the tool.
  • While most web browsers do provide a password management service, it almost goes without saying they’re not nearly as secure, or private, as a password management app under your own control.
  • Make the investment; It’s cheap and simple, and can literally save you from hackers in case of emergency. Here you can find the Best Password Managers around.

Your password to access the internet is the brute-force attack point where hackers are making their living by pounding away furiously at their keyboards until their mass combinations of alphanumeric code strings hit on one that works. Bing, bing, bing—it’s their Vegas slot machine.

3. How to Change Your SSID

Again, finding your network name on your PC, laptop, or mobile device is easy. You can get to it by clicking on a WiFi icon on your lower taskbar or on your desktop, or by going to your Settings and clicking on the “WiFi“ tab.

If you haven’t changed the designation from the default name provided by your ISP, then you can easily recognize it as your ISP’s name with probably a bunch of other numbers or codes. However, when you click on the icon that shows you your SSID, that particular screen shows not only your own network, but also those that may be in broadcast range of your route – including your neighbors.

But let’s say your residence is near a public WiFi hotspot – like a café. Any intruder may click on that network and also see the other nearby network names.
So if you’re still using your ISP’s default, that intruder will now have the name of your ISP. He or she can also now narrow down the type of router you use, just from knowing the type of rudimentary routers that the ISP is renting out.

It’s important that, as with your router password, you change the network name to something secure.

Don’t use your last name, name of your street, or phone number digits. Don’t use your pet’s name or anything that may link your or your family’s identity to the network name. Just to have fun with your neighbors, my favorites are “Nunyobusiness,” “FBIKeepOut,” “Whyyawantoknow,” and “Iknowwhoyourare”.

One last tip: Your ISP’s manual may caution you against changing the network setting. Why? In my tactical experience, the reason is the same as why your ISP doesn’t want you to change their defaults – changing the manufacturer’s “network” name means that it will no longer be able to track you so easily.

For the Netgear AC1450, you can change the network name in the “Basic tab“ (contrary to expectations):

  • Go to the “Basic” home screen (already shown) and click on “Wireless”—whether the side tab or the central icon. Here’s the screen you’ll get:
  • Scroll down to the bottom box “Passphrase.” Type in your new network name.

Scroll back up toward the top and click “Apply.”

NOTE: This name is beyond the password management tool. So save the new name change. Or, no worries: log onto your router again (with your new password that your new password-management tool will remember), and change it once more using these same steps.
You’ll see that, later on, you’ll get the hang of manipulating your network name when you change your Guest Network to let visitors have their own access—not yours—to your home internet.

 

4. Enhance the Router Encryption

Encryption protocols scramble the data that take you forth and back to and from websites. Intruders and hackers who are trying to intercept your whereabouts on the internet may know that you’re on the internet itself, but the scrambled data is unrecognizable, making it basically useless for attackers to follow you to Amazon to purchase a product by credit card.

Your router controls the encryption standards for your WiFi access. However, ISPs don’t always turn on these protocols by default. Why not?
Well, some fear it will impact performance, or just not aware of its importance. Others want to keep an eye on your internet whereabouts, because they can sell your website preferences to data brokers as part of the massive Consumer Data Analytics Industry. But don’t worry; You can easily do it yourself.

The most common WiFi security types are WEP, WPA, and WPA2.

WEP stands for Wired Equivalent Privacy. It was the initial wireless encryption protocol to emulate the encryption available on traditional wired networks. However, hackers were fairly quick to crack the WEP’s encryption security codes, and the WiFi Alliance (which establishes and sets wireless encryption standards) came up with a new protocol – WPA.
When you go to router’s encryption settings, don’t ever have that WEP checkbox marked.

WPA – or WiFi Protected Access – debuted in 2004, and fixed many of the security gaps of WEP. However, it was merely a stopgap protocol, because it wasn’t equipped with Advanced Encryption Standard (AES) technology.

AES is essentially a set of cryptographic ciphers, or data packets, that are encrypted by algorithms between a server and a device. The WiFi Alliance fixed that problem a couple years later with the release of WPA2 (AES). That was the standard and strongest wireless encryption protocol until 2018, when the Alliance released WPA3, offering much stronger AES technology. WPA3 is not available on all routers, obviously, but it is meant to provide greater security protection for weak passwords and for public WiFi spots like hotels and airports.

The bottom line is: if your router offers only WEP or only WPA – go and get yourself a new router. If it offers a choice between WPA2 and WPA3 – go with WPA3.
How to turn on the WPA encryption standard
Because the Netgear AC1450 router was manufactured in 2014, it doesn’t offer a WPA3 option. Rather, it offers several WPA “security options” for WPA2.

NOTE: consult your router manual or search-engine information to find the correct interface for “Security Option.” (It may be listed under “Website Security” or another name—so just search for “Setting/Changing your WPA.”)

On the Netgear AC1450 – Go to the main page of the router console.

  1. Click on the top tab “Advanced.”
  2. Click on the side tab “WPS Wizard.” This brings up the following screen:
  3. Click “Next.”
NOTE: On any router interface console, you may get this type of screen asking you for permission to keep setting things up by yourself.
That’s what you want to do – take control. But remember: you can always cancel a screen or have a “return to previous” screen option if you’re on the wrong track of change – in your specific router. Be encouraged, however – if you’re following the 6-year-old Netgear router screenshots I’m showing you, then you’ll be able to find the handful of router settings you’ll be in control of in a router that may be newer.

So now set your AC1450 encryption standard:

  1. Scroll down to “Wireless Setup” and click.
  2. Go to the side tabs under “Security Options,” and click on WPA2-PSK (AES).
Note: On this particular router, you’ll also have to enter a passphrase, in the underneath box. Newer routers no longer have this requirement. If your router does, just write the password down somewhere if you ever have to change this again. (Or use a password management program.) Once you click on the highest security standard offered on the router, you won’t change it again anyway.

You may see other options. “TKIP” is a legacy key that would enable the router to go beyond WEP if necessary. “Enterprise” means only that the security option is one that a company, not a residence, would use.

It’s important only to remember – choose your WPA2 or WPA3 router buttons (without or without the PSK designation) that also have “AES” in parentheses.

While you’re at it, shut down “WPS” on any router; WPS means WiFi Protected Setup. It started as a good idea – a protocol that enables you to bypass passwords to connect devices (gaming consoles, in particular) to your router. Instead, you connect the device and simply press a button on the router or enter an 8-digit PIN where prompted on the device screen.

However, because it is a password bypass, hackers found ways to exploit it, cracking it using brute force – in turn revealing your WiFi password.
The other problem is – this WPS feature normally is turned on by default with your ISP router.
Turn it off.

On the Netgear AC1450 –

  1. Go From where you are in changing your “Security Options” (the “WPS Advanced Wizard” tab), scroll down to the “Wireless Settings” and click on it.
  2. Scroll down to “Advanced Setup.”
  3. Click on “Wireless Settings”
  4. Click on the box that says: “Disable Router’s PIN.” (Note: on this specific computer, the router’s PIN is controlled by WPS, so disabling the PIN disable WPS.)
  5. Again, consult your router manual or online information for locating and disabling WPS.
Note: If Available, Click the Checkbox for Updating Security Protocols Automatically. Cybersecurity is an ongoing process; hackers keep finding new ways to creep in, and the good guys discover and block them using security updates.

ISP routers should offer automated firmware updates to ensure every security fix will get to your network. Not all of the routers offer this feature, however, depending on their age. Those that do have this feature may not have this box checked as a default setting.
Just go to the firmware section and turn it on.

5. Create your Own Guest Network

You love your friends and love to have them visit you. For at least some of their visit time, however, they’ll have their nose in their mobile device, or will want to hook up their laptop to your network – hopefully not to present a slideshow of their vacation photos. In any case, the inevitable question will be: “What’s your WiFi password?

You probably haven’t thought much about that. In fact, it might be the case that you’ll tell them what is when they first walk in the door. But the major caution is: Do you know that their device is absolutely free of malware or other bugs? If it’s not, then your network will become infected – which you may in turn carry with you to work or other friends, contaminating their networks. In addition, you’re not sure what sites they might visit during their visit – sites that may also contain malicious codes.
Fortunately, most routers offer guest networks that you can isolate from your regular home network.
On the Netgear AC1450:

  1. Go to the home screen, and click on the top “Advanced” tab.
  2. Scroll down the side tabs to “WPS Wizard”. (By now, you’re familiar with that.) Click.
  3. Scroll down to “Setup.” Click; Scroll down to “Guest Network.” Here’s the screen you’ll see.

 

 

Not all the tabs are displayed. If you scrolled down, you’ll find the tab for creating your guest network name.
Again – as with your own network name (the SSID) – don’t create a guest network name that compromises your identity. Since you’ve been following me, you’ll also note the security option side tabs that need to be clicked; Again, “WPA2-PSK (AES)”. You see how easy this is becoming?

6. Enable Parental Controls as Necessary

Most routers provide access to commands that let you monitor or set parameters on your children’s internet access and usage.
The tab for “Parental Controls” will also likely be on your Home page, under “Basic”. On the Netgear AC1450, the screen is the same one you’ve seen already (and many other router makers also make the parental controls easily visible).

You can see that the status box for Parental Controls is “not enabled”. However, after you click on it, it will take you to a separate website to set up your control standards. Not all routers will take you offsite, but they will give you a detailed explanation of control choices and straightforward ways to implement them.
When you’ve configured your Parental Control, you’ll click the button for “Apply” or “Take Me to the Status Screen.” The Parental Control” status icon will now indicate “enabled”.

7. Disable the Ping Option to Prevent Snooping

The last setting you have to deal with is what is known as Ping.

Ping is a component of the Internet Control Message Protocol (ICMP). The ICMP is an IP diagnostic application that your router uses to create error messages when server network problems are blocking the flow of data to or from websites. It consists of several error codes.

Ping, however, is not an “error” – Its basic function is merely to indicate whether a server is online. Ping consists of two codes – echo request and echo reply.  You make a request by sending data packets to the server; the server replies with data that acknowledges the request. Some users apply Ping to test their connection speed.

Beyond this dubious utility of Ping, it also provides a way for hackers to “Ping” public WAN IP addresses to check whether they’re valid. So turning it on in your router (or not disabling it) runs the risk of being identified by IP scanners.

The Ping function resides in the Wide Area Network (WAN) interface of a router.

  1. Go to the home page. and click on the “Advanced” tab on top.
  2. Scroll down to the side tab “WPS Wizard,” and click.
  3. That brings you to the “Settings” tab. Click, and then scroll down to “WAN Setup”. Click, and you’ll get the following screen:

 

Note: On this screen, the Ping option is called: “Respond to Ping on Internet Port”; You’ll see that the checkbox boxed isn’t marked—meaning that Ping is already disabled, so you don’t need to check it. On other routers, the WAN setup option for Ping may be “Disable Ping” (so check the box if it’s not already).

8. Practice safer Browsing

All of the router-configuration tips and tools I’ve just given you will make your home network much more secure, and that’s a fact. But remember, these are just the first important steps along the way to online safety and security.

Hackers have other ways of cracking your privacy. And if you have kids, the different online threats they face – and the special attention they require -will make you strongly consider the following online security tips I’m offering.

Use private search engines

The most popular search engines that you may be using to find the information you need at specific sites – Google, Bing, and Yahoo – have access to your search history and the websites you visit, and leave tracking cookies on your device. Their intent is to create profiles of you that are instrumental for targeted advertising in league with data brokers.

However, several high-quality search engines are available alternatives that don’t release information about your searches or website visits. You’ll find the safest, most private right here.

Startpage, a secure search engine

Use private browsers

As with search engines, the most popular browsers for navigating to websites – Chrome, Safari, and Internet Explorer – also collect and process information that can reveal your identity, including the personal passwords they promise to manage securely for you. Look into the following private browsers for better, more secure browsing.

Invest in a Virtual Private Network (VPN)

The most secure way to go online and navigate safely and anonymously is to subscribe to a VPN. In a nutshell, here’s how a VPN protects you:

  • VPNs Mask Your IP Address – An IP address is the access point you use to connect to the internet. VPNs offer a vast network of remote servers throughout the world, sometimes numbering in the thousands. Each server offers its own IP address. VPNs let you choose which IP address you want to use, legally, to mask the one your prying-eye ISP offers. The masking IP address hides your identity and your location. It’s even invisible to your ISP—which knows you’re logged onto the internet but only to an unidentifiable VPN server.
  • Advanced VPNs also offer a strict “no-logs” policy – Your own ISP logs your online activity so it can supposedly monitor the performance of your online experience (or, in reality, to sell that data to data brokers). High-quality VPNs don’t maintain any files or records of your ISP address, connection time, or online settings or activity.
  • VPNs use “tunneling” encryption technology. It consists of both data encryption and data encapsulation (each piece protected) in which the flow of data “tunnels” from the remote server though the anonymous IP address, to the computer or device you’re using on the internet. The remote servers break down website and app data codes into minute packets of information before they enter the data transfer tunnel, encrypting them and shielding them in a layer of control information. At the end of the tunnel, the VPN uses a unique algorithmic key to un-encrypt and un-shield the data, in the exact form the website or app presented them.
  • VPNs use AES-256 Encryption. The 256-bit AES protocol that VPNs use is certified by the National Institute of Standards and Technology of the U.S. Department of Commerce for use throughout the U.S. Government. It is considered the “gold standard” of encryption technology.

Find out more about how to get a fast VPN and which are the best out there.

As an alternative, you can look into proxy servers. A proxy server is an anonymous gateway between your computer and websites. Like a VPN, it hides your server IP address – but by using its own IP address, so your ISP doesn’t know who or where you are. It also encrypts data requests and transfers. This alternative holds less additional security features, and require some technical know-how.

Some of the high-quality proxy servers include Luminati, MyPrivateProxy (MPP), StormProxies, HighProxies, InstantProxies, Proxy-n-VPN, BuyProxies, Microleaves, YourPrivateProxy 6, Oxylabs.io, and Proxify.

Find out whether you’ve been compromised – either by hackers or breaches

Forewarned is forearmed; Here are some tools to find out more about the status of your online privacy and anonymity:

  • The Electronic Frontier’s Panopticlick tool tells you how well you’re protected against non-consensual Web tracking.
  • BrowserLeaks lets you know how your device is configured to protect your personal identity data. It’s a site designed particularly for tech-savvy online users, but casual users will find it of interest as well.
  • Mybrowserinfo shows you your IP address and information about your browser settings, including whether browser firewall protection and (SSL) encryption technology are enabled.
  • At have i been pwned? you can enter your email address to determine whether you have an account that has been compromised by a data breach.

Consider buying your own Router

As you saw in this guide, a router’s firmware is a filled with holes to begin with, when you get it from your ISP. Therefore, many experts insist that you purchase your own router for better security. Most of the routers that ISPs rent to you are not the top of the line of the manufacturer’s makes and models. In addition, if hackers find out which ISP you subscribe to, they’ll also know which routers your ISP offers. If those specific routers have “backdoor” weaknesses well-known in the hacking community, hackers will come in without knocking. In fact, some experts suggest that you choose a commercial-grade router that small businesses would use.

 

An advanced Linksys router, that goes for about $150

 

Yeah, it’s going to cost you more than the $10/month you pay for your ISP router, but think about it this way: A secure, sophisticated router – one that automatically upgrades security and encryption settings, for instance – is an investment. A High-End router might cost you $120 to $200, But you’ll reach such cost after a year or two with your leaky ISO router anyway. Such an investment isn’t for every household, it will give you a safer network, with better control.

Bottom Line

My role as a security advisor took me to many places, and I’ve faced some advanced threat actors in my days. And while I try not to take my work home, some practices are just essential for every family man: safer router settings, home network control, safer browsing and I’d add a VPN.  I have shared these practices with you because I know that while internet access is a miraculous privilege, it doesn’t come without perils. I don’t want anyone to take that privilege or its perils for granted. Many innocent users have had their accounts hacked or breached – and from that has come not only frustration and angst, but also tragedy. So please, take these WiFi security practices into your own home, so your family can enjoy everything the web has to offer without fear.

Original source: https://www.vpnmentor.com/blog/the-ultimate-wifi-security-guide-government-agents-tips-you-can-do-at-home-for-free/