On a recent trip I took my iPhone with the intent of using local coffee shops, restaurants, and other public locations to access the Internet. Upon arriving at a particular restaurant, I hit up the WiFi. Hmm, all these SSIDs are password protected. I asked the host for the SSID and password. The former was far more complex than the latter. A-B-C-D-E-1-2-3-4-5. My investigation into the nature of the chosen algorithm turned up a reasonable answer, “It’s what the directions said to do when I set up the router.”
This business is not the only offender. I tried my luck with other nearby networks. When I tapped the network, a WPA-protected network message appeared. Please enter password. For poops and giggles I tried “A-B-C-D-E-1-2-3-4-5”. Bam! I’m connected. I checked my mail, some social sites, the news, downloaded a few apps, and even listened a football game. But wait, there’s more! Wireless connectivity isn’t just limited to the SSID password.
A few days later we traveled to another destination. At the hotel I logged on to the linksys network. Day 1, no worries. Day 2, the Internet bombed. So, what does an IT geek do when the wireless connection tanks? Why, he logs in to the router to see what needs fixin’. Since the SSID was linksys, I knew that the router’s address was 192.168.1.1 and the credentials were more than likely admin. Well hello router. Now, what seems to be the issue? The connection is active. The router is a gateway. Ah, there it is, someone turned off the Internet. Not anymore.
We lock our cars, our homes, even our gym lockers. Why aren’t we taking greater care of our networks? Forget the fact that the average consumer spends $50-$100 a month on Internet access. Instead, focus your attention on what network access gives to the WiFi surfer. When someone is logged in to your network they can access anything that is shared on your network. From music to videos to pictures to documents, WiFi surfers can access whatever you’re sharing sans any sophisticated hacking skills. Don’t believe me? Search the Internet for “Most common SSID/Router passwords.” That’s all it takes.
So how do you protect yourself?
- Router. When you set up your router for the first time, go into the administrative settings and set a username/password for your router.
- SSID. Choose WPA2 Personal/Enterprise and bang out a long password on your keyboard. When you’re done, don’t write the password on a post-it. Instead, copy the password in a password manager.
- Network sharing. Always…always…always require a username and password when sharing files on your network. Always.
Look, following my advice will not keep you 100% secure. If someone wants to access your network bad enough, they’ll get in. But, you’ll be preventing 98% (I made that percentage up) of bad actors from using your network for their own good.
As a fellow IT professional (IT Manager for Purdue Athletics), and your cousin, I want to say that I agree with you. (My being your cousin is a shameless plug at our familial relationship in the hopes that you might know of an IT position that is open). Three things are asked of me on a regular basis – How do I quit getting spam, why is my computer running so slow, and why should I put a password on my home network. I’m referring people to your blog post for this one from now on.
Shameless plugs (be it jobs, familial relationships, or blog promotion) are the best!
nice