May 23, 2023
As a way to mitigate some WiFi issues in your home, I’ve suggested that one of the options is to replace your router. In my recent articles ‘You REALLY should Replace Your ISP WiFi Router’ and ‘How Do I Improve My Wifi At Home?’ I explain a number of great reasons to replace your existing router.
So, for one reason or another, you’ve replaced your router. So what’s next? Just plug it in and put it to work? Not so fast …
Getting a new router is the perfect time to set things up with best practices right from the start and get the most out of your faster, up-to-date hardware. Now’s the time to update your passwords, set up a guest network and look into other ways to secure your router.
As you’re starting with a clean slate it might be tempting to just “clone” your old router’s settings and do everything as you did before. I understand that, adding all of your smart home devices back into your network is a hassle. But you need to consider if you’re just carrying fixable issues forward.
From a security perspective, there’s nothing better than a clean slate with a completely fresh network. It’s the only surefire way to lock down your network and start fresh with a new WiFi network name and password.
When you unpacked your router for the first time and plug it in, it’ll run the firmware flashed to the device during manufacturing. It’s probably not painfully out of date, but it’s a good idea, not to mention best practice, to immediately update the firmware. You should do this before messing around with any other settings. Not only does updating the firmware apply bug fixes and security patches, but it also ensures your router’s interface is updated and matches the manufacturer’s help documents — if you need to read them.
I always encourage family and friends to turn automatic updates on as well. If you’re the kind of person that prefers to manually manage your home networks I applaud you. I’ve done the updates manually many times but some router manufacturers produce updates very frequently. I just don’t want managing my network to become a part-time job or miss a critical update that could compromise my network.
Most people fall into the non-technical category and just want fast, safe WiFi and smart home integration. Setting updates to automatic ensure this. Some newer routers, especially mesh systems like Eero and Nest, automatically update themselves. Just do us all a favor and don’t be that guy that runs their router for years with outdated firmware and potential security vulnerabilities. If your router doesn’t support automatic updates, simply put a reminder on your calendar to check for firmware updates every month or subscribe to emails from your router manufacturer.
The administrator password is also frequently overlooked with router security. Many models still have common default administrator login and password combinations that hackers can easily guess or look up on the internet. Newer models might have random passwords. In both cases, the password is frequently printed directly on the label attached to the router. Regardless, it’s best to change the default password to ensure access to your router isn’t as simple as trying a common combination or just reading the login right off the router.
Like the admin login and password, the WiFi password is usually also on the router label. Most routers now come with a random password set as the default but it’s not as random or secure as you might think. Switching that out immediately as well with a better and longer WiFi password is another best practice.
Another security consideration is encryption. Current WiFi devices are backward compatible with older WiFi encryption standards, but that doesn’t mean you should keep using them just because they worked in the past. The best WiFi encryption to use is WPA3. If you have devices on your network that can’t be easily replaced or hard-wire connect to your network, then I’d recommend you use WPA2 AES. Even though earlier WiFi encryption standards have been compromised, WPA2 AES is still considered secure.
Many WiFi routers will prompt you to enter an SSID early in the configuration process, especially mesh routers. But many also come with a default option. It’s not necessarily against best practices to use the default SSID, but the default SSID usually gives away information about your router. But a best practice would be to avoid any identifying information like switching from a default SSID of ‘Netgear98’ to ‘Apartment2A.’
If you anticipate have guests or enjoy entertaining, enabling the guest network right from the start is another great way to avoid dealing with future hassles and security problems. I covered this in detail in my recent post ‘Get Your Guest Wifi Set Up Right For The Holidays.’ Giving someone the password to your main WiFi network gives them direct access to your entire home network and everything on it — never a goo idea. Your router’s guest network is designed specifically to give people internet access without opening up the whole network to them. Also, regularly changing your guest network password will prevent you from having to go through the hassle of resetting the password on dozens and dozens of devices. When you reset the guest network password, you can just give the new one to any guests the next time they come around.
Remote access is typically disabled by default. When you’re in the router’s control panel during set up, that’s a good time to locate the remote access option and ensure it’s disabled. Some routers don’t have traditional remote access where you can log into the administrative control panel by connecting to the public IP address of the router. Platforms like eero and Nest WiFi have cloud-based administration via their respective apps, so be sure to use a strong password for your account and enable two-factor authentication when available.
WiFi Protected Setup (WPS) and Universal Plug and Play (UPnP) should both also be disabled. They basically make setting up devices on your WiFi network and automatically configuring connections with your router easier. But they also introduced a bunch of security vulnerabilities. Some routers no longer include WPS, but you should check yours regardless. UPnP is still included in routers and is usually turned on by default, so check for that too.
As most people buy a WiFi router and use it until it finally dies, it may not be a bad idea to plan your new router’s obsolescence. The best way to prevent your router from becoming old, outdated and frustratingly slow is to set a reminder in your calendar to replace it while setting up your brand new router. Best practices recommend generally 3–5 years between new hardware purchases. If you want better performance and regular feature updates, upgrade every three years. If you want to avoid obsolescence and security problems, upgrade every five.
I realize some of this may sound pretty technical but router manufacturers have gone to great lengths to make their routers easy to set up and use. The user interfaces are generally pretty intuitive and easy to work with but you may have to dig a little for some things. And there are usually online resources like FAQs to help as well. Ultimately, it’s up to you. Setting up your network right from the start though will save you a lot of potential headaches down the road.
I’d love to hear your feedback if any of this hits home. Has it made you take a second look at the set up of your new router? Has it made you think seriously about replacing your existing, dated router? Regardless, hopefully it’s generated some thought around your router, home WiFi and aligning with best practices.
Let Debbie and I know in the comments, DMs and emails what you think. Thanks again to all those following Debbie and I through our home building journey. It’s great to hear your success stories and suggestions as we move through the process. And if you like the content I’m posting each week, don’t forget to ‘Like’ and ‘Follow.’
In full disclosure, I’m not an affiliate marketer with links to any online retailer on my website. When people read what I’ve written about a particular product and then click on those links and buy something from the retailer, I earn nothing from the retailer. The links are strictly a convenience for my readers.