How to get a secure Wi-Fi connection at home and in public

Ray Fernandez

Jul 31, 20236 min read

How to get a secure Wi-Fi connection at home and in public (Header image)

The Wi-Fi icon has become a symbol of instant connectivity. But just as you can easily connect to wireless networks, so can hackers, as most Wi-Fi networks are open and unsecured. In this report, we’ll dive into the world of wireless security and learn how to keep your Wi-Fi secure.

What ensures a secure Wi-Fi connection?

There are several things you should look for to make sure that the network you are connecting to is secure.

Wi-Fi encryption: Scrambling radio waves

All routers, even cheap ones, offer some type of encryption. Wi-Fi connections use radio waves to transmit data from devices without the need for using cables. However, this technology comes at a cost. With the right equipment or software, criminals and scammers can hack radio waves and breach devices. In other words, encryption scrambles the data that flows in these radio waves to make it illegible to potential eavesdroppers.

VPN: Your own secret tunnel

A virtual private network, or VPN, can hide your IP address and protect your data on public and private Wi-Fi alike. VPNs are excellent tools for maintaining privacy. But how do they work?

Think of a VPN as your own secret tunnel through heavy internet traffic. Not only will it mask your IP, location, and data, but it will also encrypt it. When you connect to the internet, the VPN intercepts your data and encrypts it before it reaches the internet service provider (ISP).

Using a VPN to secure Wi-Fi connections

Router security: Hardware-built safety

Some types of router devices can block attacks, monitor suspicious activity, and shut down unwanted traffic. Active devices are hardware-configured to block any surplus excess network traffic, while passive devices can detect and report unwanted connections.

Preventive devices like wireless intrusion prevention systems (WIPS) scan for potential security threats. A WIPS can be integrated into a network infrastructure. Finally, beyond devices, there are several options for network security that come in the form of software.

Wi-Fi security types

The most common Wi-Fi security types and protocols are WEP, WPA, WPA2, and WPA3. These protocols were created by the Wi-Fi Alliance — an NGO that promotes wireless technologies. Since the late 1990s, the organization has been improving standards and encryption security. Here’s a summary of each protocol.  

Wired Equivalent Privacy (WEP) was the first protocol to be used and became the standard method to provide security for wireless networks. It was used until 2004. While it was difficult for normal users to configure it, and it only had basic 64-/128-bit encryption, it served as the basis for the protocols that followed. 

Wi-Fi Protected Access, or WPA, was created in 2003. Encryption got better with this protocol, leveling up to 128-/256-bit encryption. It also introduced a security feature called Temporal Key Integrity Protocol (TKIP).  

WPA2 is the second generation of Wi-Fi Protected Access protocols. Configuring WPA2 is easier than configuring WPA. With Advanced Encryption Standard (AES), this stronger encryption was developed for end-home users, corporations, and businesses. However, WPA2 can be vulnerable to brute force attacks.

Finally, WPA3 made it even easier for users to configure their Wi-Fi protocols and presented the strongest encryption to date: 192-/256-/384-bit. The technology was also adapted for the most modern networks, like those that can connect and provide Wi-Fi 6.

5 rules for wireless security at home

You may think that only those with advanced computing skills can configure wireless networks. This is not true. Here are some straightforward steps anyone can take to strengthen Wi-Fi security.

1. Change the name of your Wi-Fi network

When you install a modem or have a technician do the installation for you, it comes with a default name for the Wi-Fi network. The name of your connection is known as the SSID and stands for Service Set Identifier. It is usually set to the company’s name that provides the connection.

Why change the name to something unique? Hackers can gain insight into the router or modem through default names because these can easily be linked to the brand and model of the device. To avoid making things extremely simple for cybercriminals, choose a new name that does not include essential information. 

Changing the name of Wi-Fi gives additional security

2. Change the password

The same company that sets the name of the modem or the router also sets the default passwords. Using brute force malware, hackers can launch attacks that guess thousands of combinations of commonly used default passwords.

The first thing you need to do when your Wi-Fi is up and running is change the password. And choose a strong password — mix things up by using uppercase and lowercase, special characters, and numbers. It should also be long, as 8-character passwords are easy to break with brute force.

3. Turn on encryption

Your network device has encryption, and you must turn it on. Fortunately, it’s very simple to do this. Just go to your router settings, select Security, and look for WPA3. WPA and WPA2 devices may no longer be supported by the manufacturer and will not include security patches for new vulnerabilities.

Set the encryption type to AES. You will then be asked to enter a password. This new password is different from the one you use to access your Wi-Fi connection. 

4. Turn off broadcasting

Have you ever searched for a Wi-Fi connection and seen several of them pop up? The reason they show up is that while they may be password-protected, the network broadcasting feature is turned on. Once you turn off broadcasting, your network won’t appear to show up to strangers who scan the area.

5. Use a firewall  

On the other hand, your operating system and antimalware are equipped with a firewall to prevent unauthorized access to a network. Firewalls filter incoming and outgoing traffic within a network and block suspicious users. Make sure you have your firewall turned on.   

Public Wi-Fi security tips

Most of the advice to keep your home or business Wi-Fi network secure does not apply to public spaces. There is no way you can change the name or password of public networks, nor can you go into the settings and change the encryption or update the system. There are, however, other things you can do. Here are five.

1. Get a trusted VPN

We have already discussed VPNs, what they can do, and why they are trending among users. A VPN gives you control over your encryption while hiding your IP in public spaces. While you using a VPN in your home or work is an option, if you frequently connect to public networks, it’s a must. ClearVPN protects your data with AES-256 encryption and cutting-edge protocols.

2. Keep your sensitive data off the streets

A very effective approach that requires no use of technology or software is to make a habit of never accessing sensitive data, bank accounts, e-wallets, or personal documents when connecting to public networks. Always think twice before accessing a site through public Wi-Fi. Ask yourself, can it wait until you get home or get back to the office? 

Don’t assume you can safely browse the internet using public connections. It’s relatively simple for hackers to spy on other devices in these types of environments. Also, if you do log in to a personal account, make sure to log off once you are done.

3. Use a strong privacy and security browser

Safari, Firefox, and specialized browsers like DuckGoGo are designed to protect your privacy and data. They will flag malicious sites and block unwanted content. If you get an alert when browsing, don’t dismiss it. Ensure that your browser security and privacy settings are set to the maximum level. But beware of apps like Wave Browser, which masquerade as secure browsers and are, in fact, malicious programs.

4. Turn on firewalls and anti-malware

Whether you use your smartphone or your laptop in public spaces, it’s a good idea to have some strong anti-malware software. It can monitor suspicious activity in the background, alert you of attackers, and shut down malicious programs. If you are running macOS, try CleanMyMac X. Its Malware Removal module, powered by Moonlock Engine, will protect your Mac and keep it running smoothly.

The Malware Removal module in CleanMyMac X, powered by Moonlock Engine

5. Consider mobile internet connection plans

The best way to connect while traveling or on the street is to use your own mobile connection. Many operators provide low-cost mobile internet services for people who are constantly on the go. While they aren’t free, they are hundreds of times more secure, as mobile connections are heavily encrypted. Furthermore, you can also get mobile services for your personal computer or tablet.

Today, any device connected to the internet is at potential risk for a breach. From smartphones to smart home IoT, hackers can find a way through anything. Wi-Fi networks, private or public modems, and routers are preferred vectors of attacks for cybercriminals. But you can prevent these types of attacks and secure your Wi-Fi to safely browse the web.

Ray Fernandez Ray Fernandez
Ray has been covering tech and cybersecurity for over 15 years. His work has appeared on TechRepublic, VentureBeat, Forbes, Entrepreneur, and the Microsoft Blog, among others.