Skip to content

8 Settings to Change on Your Router Before You Even Turn it On


You can have the most secure device, be committed to cybersecurity, and still get hacked. Why? It could be simple changes you didn’t make to your router when you got it. When your cable company or ISP sets up your Internet they’re rushing to finish up and head to their next client. You’re likely more focused on getting your Internet up as quickly as possible. The ISP probably won’t take the extra few minutes to change default settings or adjust the security protocols without you asking. 

It can be easy to be focused on getting your Internet up and running. But there are vital changes you should make to your router before it’s even connected to the Internet. Many default settings can be dangerous because in the hands of cybercriminals, these are the red carpet onto your network. This can leave your brand new network completely vulnerable. 

If your network can become compromised, it can make your cyber security efforts moot. If hackers get onto your network, they have more opportunities to attack your devices. Network permissions can sometimes be set to defaults that become dangerous when enterprising cybercriminals are trading them on the Dark Web or old employees are using them to hack strangers. 

Here are 8 settings you need to change on your router before it’s even connected to the Internet.

1. Use WPA2 or WPA3 but not WEP encryption

WPA2 has become the industry standard. If you access your router settings you’ll likely see 4 options: Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), version 2 (WPA2), and version 3 (WPA3). As the oldest, WEP encryption is somewhat out of date. WPA2 is the industry standard. WPA3 covers up some security gaps in WPA2.

2. Disable WPS, uPnP, and NAT-PMP

WPS stands for Wi-Fi Protected set-up. It’s essentially administrative access for your router. Someone simply needs to look at some settings on your router. With a snapshot of the numbers on your router, they have a free pass to your wi-fi network. This essentially lets them bypass any password you set up and get right onto your network. If possible, avoid routers that support WPS as they can be a beacon to enterprising hackers. 

UPnP and Nat-PMP are essentially the same things. UPnP, or Universal Plug-n-Play, was developed by Microsoft and Nat-PMP, or NAT Port Mapping Protocol, was developed by Apple. These essentially allow for universal plug-n-play, which gives devices access to your Wi-Fi network. This setting gives devices a free pass to your network. The problem is that these devices can be hacked. Even light bulbs can be hacked. These three settings all give access to your network and while they can make setting up a new device easier, it also makes hacking you much easier too. 

3. Disable WAN Administrator Access 

WAN stands for Wide Area Network (WAN). WAN Admin settings can allow for remote management or for a remote admin. This allows someone to remotely access your router. This is another opportunity for someone to find their way onto your router and potentially make changes to lock you out. The more control you have over your router the better. After all, you don’t need some disgruntled Time Warner employee stealing your identity because of a simple setting. 

4. Change SSID Name

This is a general part of the router setup. You’ll want to give your router a name. But it’s best to try and keep it from being easily identified as you. Avoid using your name, address, the router brand, and of course the system default. You’ll also want to avoid anything too provocative like listing the FBI, NSA, or something that might make you a target. We can often ignore Wi-Fi networks in our rush to connect to the Internet. But cybercriminals get off on combing the net looking to start trouble or scam some cash. The lower profile and harder to crack your network name, the better. 

5. Change the Default WiFi Password

Your Internet technician will likely not want to take the extra few minutes to help you change this. But some Wi-Fi passwords are defaults that are way too easily found out. If you leave your router with the default password it’s more likely someone can find the password and get onto your network vs. it remaining completely safe. Over time, this information can find its way online, on the dark web, or become part of a breach. You might not even know that you were hacked. In 2020, a hacker leaked passwords for more than 500,000 servers, routers, and IoT devices. 

6. Make Admin Password Different than the WiFi Password

Password safety 101 is to never use the same password twice. In general, you don’t want an account with admin access to have the same password as what you use for general use. This can be accounts on your computer, log-ins for your business, and even your Wi-Fi. Since you may end up deep diving to be able to change all of these, be sure to figure out how to ensure that the administrator password is different from your standard network password. You wouldn’t want everyone who uses your Internet to be able to change vital privacy settings.

7. Configure a Guest Network

If this setting is an option, it can be a security game-changer. By configuring a guest network you ensure that only you know your Wi-Fi password. You can create a guest network or login that’s strictly for strangers. You can also use this for setting up devices and anything you think might put your network at risk. Restricting who has your password is a major part of Wi-Fi safety. It may not seem so when you share it with house guests and friends, but that information can be used to get onto your network. With the popularity of IoT devices, you may want to have them on their own guest network to keep security gaps from putting our network at risk. 

8. Enable Automatic Firmware Updates

Ensure you’ve enabled automatic updates on your router’s firmware. If not, you might miss valuable security patches and other protective updates. If you can not set this to automatically update, you should check for updates monthly. When you do update, be sure you double-check all the settings each and every time you install a firmware update. They may default to changing for less aware users but those changes can up your risk factor. 

We all need the Internet. Setting up your router can be the first of a long list of things when you move or start a new business. That stress can keep you from important changes that you should change to have the most secure network you can. Thinking defaults are fine or listening to a harried technician can make you vulnerable to all the cybercriminals, lurkers, and hackers who are hoping you opt for the default settings.

Related Articles

  • All
  • Easy Prey Podcast
  • General Topics
  • Home Computing
  • IP Addresses
  • Networking
  • Online Privacy
  • Online Safety
  • Uncategorized
Wellness Scams and How to Avoid Them with Natalia Petrzela

Wellness Scams and How to Avoid Them

Health, wellness, weight loss, and exercise are at the forefront of people’s minds in the new year….

[Read More]

10 Things to Do Before You Sell Your iPhone

Are you ready to sell or give away your iPhone so you can get a new one…

[Read More]

Why ​​STIR/SHAKEN Might Be a Real Solution to End the Robocall Nightmare

“We’re not going to stop until we get robocallers, spoofers, and scammers off the line.” – FCC…

[Read More]

Biggest Security Vulnerabilities With WordPress Plugins

WordPress powers over 40 percent of the web. The user-friendly content management system allows non-web developers to…

[Read More]

Webcam Spies: Why You Should Cover Your Laptop Camera ASAP

If you’re worried about webcam spies or cyber hackers obtaining your most confidential information, your paranoia is…

[Read More]

Staying Safe While Traveling Internationally

Traveling internationally can be an incredible experience or a long-lasting nightmare. Asher Fergusson has tips to keep…

[Read More]