By Stephen Lovell, GÉANT
So, you know where your wallet is, yes? And your phone – it’s in your pocket, or just over there on the table? Excellent. You might be reading this on your laptop, so you know where that is.
You might have a snazzy Smart TV or two? Perhaps you have joined the club who are powering the Internet of Curtains (or Fridges)? Do you have any Internet-connected cameras?
In short, you probably know (or could quickly count up) how many WiFi devices, and wired network devices, you have in your network, yes?
You love your ISP. They give you your life on the Internet.
I could imagine that for most of you, much of your stuff connects to the Internet via your ISP and the magical router box they supplied you with either plugged in via network cable or via WiFi.
Firstly, let me give you my idea of THE golden, regola primaria, hauptregel, hoofdregel, bigly-important rule:
Always. Change. The. Default. Password(s).
When you plug something new into your network such as a camera or the latest whizzy storage box with blue blinkenlights, please please please change the default password.
… devices on your wired network
If someone can plug things into your network with a cable, I would imagine you already trust that person; you probably don’t have passwords or other credentials for wired things (but if you do then can you teach me how? Thanks…).
… devices on your wireless network(s)
Default WiFi name and password on your router
ISPs usually give you details of the default wireless network and its password. You might want to think about changing both of these – especially if the wireless network’s name (which is probably not hidden) tells the world what brand your router is, or who your ISP is. Why tell people information they don’t need to know?
And how many WiFi networks do you have?
Just the one?
Do you connect your work devices to the WiFi when you’re working at home?
If your Router properly supports it, you could think about enabling multiple WiFi SSIDs (“network names”) on your Router. “Properly” here means that you can set up a “work” SSID and isolate devices connected to it /from/ your “home” network; so your work laptop has Internet access but cannot accidentally access anything “personal” like your home storage box with all your photos and perhaps embarrassing music collection.
In the instructions for your router look for something similar to “Up to nnn SSIDs per radio band”, and VLAN settings.
A quick note on WiFi security…
So you’ve got one or more SSIDs. And each has a different password that’s not easy to guess. Next is a very quick look at the type of security used for your WiFi.
If your router gives you the option to choose password type (or similar) pick the one that looks the most complicated and/or is least pronounceable. Probably WPA2-PSK if you can (there’s even WPA3 if you’re really modern). Just… please don’t use WEP.
Have a read of this if you are interested: https://www.freecodecamp.org/news/wifi-security-explained
Some routers let you control very precisely what can connect to your network – a list of MAC addresses for devices that are allowed to /try/ and negotiate a place on your network if they have the right password. This is another level of security you might want to think about, but be aware that if you get it wrong, you’d be a little bit stuck (which of course I have never done…).
That’s it really
You have your network(s). Whether you have more than one WiFi network, hopefully they’re named something that doesn’t leak the device type or ISP name. And all your password(s) aren’t default or easily guessed.
There are other things you could do, and this article was never going to cover everything, but you’ve hopefully found some of it useful.
Also this year GÉANT joins the European Cyber Security Month, with the 'Cyber Hero @ Home' campaign. Read articles from cyber security experts within our community and download resources from our awareness package on https://dev.connect.geant.org/csm2021