Quick Tips: Router Security

This is a quick one today. A quick and easy way to help secure your network is to secure your router. Think of your router as a set of keys for your home. A burgler would much rather find a set of keys and unlock your door then have to spend the time and energy breaking in. So let's hide those keys and make us a less tempting target.

First, how do you log into your router? Well, you type in your private IP in your SOHO (Small Office Home Office). This is the same for everyone. So go to a browser, and type in 192.168.1.1 and hit enter. You will be brought to a log in page for your router. Now, assuming you have not touched this interface before you will put in the default log in (spoiler: we are changing this immediately).

For your username and password, it's usually going to be Username: Admin Password: password. See how easy it would be for a nefarious actor to get in right now? Once you've logged in, change that immediately and make sure it's not a password or username you have used anywhere else. Why? Because if you are a target, they likely have been trying to find other accounts you own and will match them up to your router to log in.

Once that's done go ahead and navigate through your settings. Every router is different. You will want to find a page that talks about accessing the router via https. In my router I navigated to Administrator, and then it was near the bottom of the page. See below reference image. Select the option that lets you change it to https. Then save.

Now, you will likely be immediately kicked out of the page or given an access denied. This is good and expected. Previously you were accessing your router on a non secure page, a non encrypted port (http port 80). Now you need to access it via https. How do you do that? Instead of just typing the IP in, you will type in: https://192.168.1.1:8443 . Lastly, if you see an option for Telnet please ensure that it's set to disabled. That's a backdoor you do not want to have open. That's it! There are plenty more ways to secure your network, but consider this a 5 minute or less way to get some piece of mind. I will go into more methods later on that can offer a more robust security.