Skip to content

Home Network Security Checklist

Intro

This section covers how you connect your devices to the internet securely, including configuring your router and setting up a VPN.

Checklist

Essential Activities

  • Change Default Passwords
    Priority: Essential
    Change the factory-set passwords for your router and all smart devices (TVs, cameras, speakers) immediately. Default router passwords are publicly available, meaning anyone within proximity could potentially connect.

  • Use Strong WiFi Encryption
    Priority: Essential
    Use WPA3 if available; otherwise, use WPA2-AES. Avoid WEP or WPA (TKIP) as they are easily cracked.

  • Keep Router Firmware Up-to-date
    Priority: Essential
    Regularly check for and install router firmware updates to patch security vulnerabilities and maintain standards compliance.

Optional Activities

  • Use a VPN
    Priority: Optional
    Use a reputable, paid-for VPN. This can help protect sites you visit from logging your real IP, reduce the amount of data your ISP can collect, and increase protection on public WiFi.

  • Implement a Network-Wide VPN
    Priority: Optional
    If you configure your VPN on your router, firewall, or home server, then traffic from all devices will be encrypted and routed through it, without needing individual VPN apps.

  • Whitelist MAC Addresses
    Priority: Optional
    You can whitelist MAC addresses in your router settings, disallowing any unknown devices to immediately connect to your network, even if they know your credentials.

  • Change SSID Name
    Priority: Optional
    Use a non-identifying name for your WiFi network. Don't include your name, apartment number, or router brand/model.

  • Use a Guest Network for Guests and IoT Devices
    Priority: Optional
    Do not grant access to your primary WiFi network to visitors or IoT devices, as it enables them to interact with other devices on the network.

  • Don't Have Open Ports
    Priority: Optional
    Close any open ports on your router that are not needed. Open ports provide an easy entrance for hackers.

  • Disable Cloud-Based Management
    Priority: Optional
    Treat your router's admin panel with the utmost care, as considerable damage can be caused if an attacker is able to gain access.