The admin interface of your router uses a weak password, or none at all. Every router has a specialized administrative interface that can be used to configure the router. It is imperative that this interface is protected by a good password - otherwise, anyone can log in to your router and reconfigure it, compromising your entire network. We have found that your router uses a very weak password -- the default password, a password that can easily be guessed, or no password at all. This leaves your network vulnerable even to attackers with basic skills.
This is a critical issue and we strongly recommend to address it immediately.
Select your router manufacturer to view further instructions on how to change the router admin password:
- Rename your network. Some routers come with default network names (or SSID) like NETGEAR, LINKSYS, etc. We recommend to use a different name because a default name unnecessarily identifies the make of your router, making it easier for attackers to break in.
- Do not configure your wireless router to hide the SSID. By making your Wi-Fi network invisible, you are configuring your other devices (such as your PC, tablet, phone, etc.) to broadcast the network name themselves, which may be even more dangerous.
- Regularly check who is connected to your network. The router admin interface usually has a section called "Device List", which shows the names of all devices that are connected to the wireless network. Routine checks may reveal unwelcome visitors.
- Don't bother with MAC address access filters. They may seem like a good way to safeguard the network, but in fact they are very easy to bypass. They are just not worth the trouble.
- Advanced users can change the subnet from 192.168.0.x / 192.168.1.x to something like 10.x.x.x. This is an easy way to increase security, because many attacks today are performed by web snippets trying to access the 192.168.0.x / 192.168.1.x addresses (the most common).