Billing & Account Support

There are several encryption methods that can be used to secure a wireless network. Depending on the age and type of your router you may have one or more encryption methods at your disposal.

Recommend: Enable WPA encryption.

•  Wi-Fi Protected Access (WPA / WPA2)  provides much better protection and is also easier to use. WPA support is built into new operating systems (including Windows XP with the latest Service Pack) and virtually all modern wireless hardware and operating systems. Security is provided by the use of a passphrase that can be randomly generated or customer generated from a combination of letters and numbers. A more recent version, WPA2, is found in newer hardware and provides even stronger encryption.
• Wi-Fi Protected Setup (WPS) provides security using the WPA encryption type and adds easy network setup and connection when available. To use WPS, your router must support WPS and your operating system and hardware must support WPA encryption. WPS lets you use push buttons or PINS instead of manually locating the network name or Service Set Identifier (SSID) and security passphrase. WPS can set up a random network name (SSID), and strong WPA encryption for compatible devices and operating systems.

If you find that some of your wireless devices only support Wired Equivalent Privacy (WEP) encryption, like Media Players, Personal Digital Assistants (PDAs), and Digital Video Recorders (DVRs), it is still important to enable encryption.

Recommend: Enable WEP encryption as some encryption is better than no encryption.

In spite of the issues with using WEP encryption, it is still better than having no encryption at all. When using WEP, use an encryption key that is extremely hard to guess. Refrain from using a WEP key like a string of the same or consecutive numbers. Because of the security issues, when using WEP encryption it is also highly advisable to change the encryption keys often. Additionally, when using WEP encryption, enabling Media Access Control (MAC) filtering can provide another ‘layer’ of protection (See ‘Turn on MAC filtering’ below).

Note: Many newer operating systems do not support WEP encryption; older devices that only support WEP may need to be upgraded.

Many routers have an Administrator username and password that are needed to access the device and modify any configuration settings. Most of these devices use a weak default password while others do not have a default password at all.

Recommend: Change the default Administrator password.

As you will likely not use this login information very often, be sure to create a record of it and store it in a safe place. Should you forget this information, the only way to access the router may be to reset it to factory default settings. Resetting to factory default will also wipe away any configuration changes you have made. (See Save your configuration).

Most wireless routers have the ability to be remotely operated or administered via the Internet. This feature can allow almost anyone to find and access the settings for your router.

Recommend: Turn off remote administration.

Unless you absolutely need this capability, it is best to disable Remote Administration. Doing so can help prevent unauthorized access and use of your system.

 Many routers have the ability to save a file containing your router configuration to a location on your network.

Recommend: Save your configuration changes.

Saving this information after any configuration changes will allow you to re-establish your custom settings should they get lost due to some unforeseen situation such as having to reset your router to the factory settings due to a forgotten Administrator password. Always save your configuration changes to a file on the desktop, flash drive, or backup disc.

It is also recommended that you write the router password, SSID, and wireless key/passphrase on a piece of paper and attach it to the router for future reference.

Many routers automatically (and continuously) broadcast the network's name, or  SSID.  This makes setting up wireless clients extremely convenient since you can locate a Wireless network without having to know what it is called. The drawback to this is that this also makes your Wireless network visible to any wireless devices within range. 

Turning off SSID Broadcast for your network makes it invisible to casual detection by your neighbors and passers-by. When using this method of securing your network, you must remember to  manually enter your SSID when connecting a wireless connection or turn SSID Broadcasting back on temporarily. This could make setting up your wireless clients very difficult if you do not remember the SSID or if you do not know how to manually enter it.

Some computers and devices will not connect unless the SSID broadcast is enabled. It is recommended that you test all wireless devices you want to connect in order to determine if this option will work for you.

Another security measure that should only be used with encryption is MAC address filtering. MAC addresses are unique to specific network adapters and devices so by enabling MAC address filtering you can manage access to your network.

Turning on MAC address filtering can be used to either allow or block access to network devices depending on the setting (either block or allow but not both).

Using MAC address filtering requires that you manually enter the 12-character MAC address of every device that will be managed on your network. If you frequently add new devices to your network, MAC address filtering can become inconvenient and time consuming.

Because MAC addresses can be imitated by a knowledgeable person MAC address filtering should only be used in conjunction with other security measures.