The Jargon-Free Basics of Wireless Network Security for Lawyers - Technologist
Technologist - The FindLaw Legal Technology Blog

The Jargon-Free Basics of Wireless Network Security for Lawyers

Your wireless network probably isn't very secure. It's not your fault -- they come out of the box semi-secure, with just enough settings enabled to lull you into thinking that your home or office network is safe and sound. It might be, but you probably want to be sure, don't you?

Now, we don't want to make you cry by tossing out complicated discussions on encryption -- no AES, TKIP, or LMNOP here.

Here are some plain and simple tips, with as little tech lingo as possible, to help you double-check your network's security protocol:

WEP, WPA, WPA2, WTF? Go With WPA2

That's a lot of letters. You probably don't give two craps about what AES encryption is, or why WEP's 104-bit encryption is about as secure as locking your car door with the windows open, so we'll make things simple.

Go with WPA2. Why? WEP encryption, which was the original standard, is absolute crap. A few years ago, researchers demonstrated that they could crack 95 percent of WEP encryption keys in under two hours using a Pentium M laptop. For reference, a Pentium M laptop is like a 1980s Ford Taurus, versus your present-day computer, which is probably akin to a BMW. WEP is unsecure because the key is transmitted, in part, in plain text to the router, which is kind of like yelling your Social Security number in a white-collar prison.

WPA was a significant upgrade, but it still had a significant leak. WPA2 is the state-of-the-art, and really, any router sold in the last five or six years almost certainly has it as an option. If your router is WEP-only, I'd suggest you dispose of it properly.

Disable WPS (the Little Button)

Most routers also come with a handy-dandy feature called WPS. (I know, another acronym. Sorry.) WPS is a little button on your router which, when combined with a simple PIN number that comes with your router, allows users to log in.

Or, instead of giving them a PIN and pressing a button, you could just give them your WPA2 password -- no physical button presses required.

Why is a password preferable? Because WPS has its own security flaws. If it comes as an option on your router, you might as well disable it.

Change SSID (Once) and WPA Passkey (Regularly)

Your SSID is your wireless network's name. If you're ever in a crowded city, or an apartment complex, and you click your Wi-Fi button, you'll probably see a mess of NETGEAR2389473 and 2WIRE23433 names. There are two reasons to change your name: so you can easily differentiate it from the 57 other NETGEAR**** networks, and because the generic name often tips off the reader as to who made your router.

With the make of the router, such as D-Link, a malicious individual could easily look up the default administrative access information, which you hopefully changed, but probably didn't (see below).

As for that WPA password/passkey, if you're using one of these routers in your office, and you let clients or guests connect to it, you'll want to change it every few months. If it's your home router, it might not be necessary, but then again, it can't hurt.

One more note: Some will advise you to hide your SSID. I'd beg to differ. Not only will that mean that you and your guests will have to manually enter the network name and password on each device you connect -- a real pain in the behind, especially on smartphones, tablets, and gaming consoles -- but someone who knows what he's doing can easily find hidden SSIDs as users connect to the network. Hiding the ID makes your life a lot more difficult and really doesn't block your neighborhood hacker.

Change Administrative Credentials

How do you change all of these settings? You go into your router's administrative settings, the instructions for which vary by make and model. Your router's model is probably written in small print on the bottom of the device -- type that into Google for more information.

Often, the default is something ridiculous, like your username being "admin" and your password being "password." Seriously. Manufacturers actually do that. And if you haven't changed your network ID from NETGEAR893742 to something unique, or changed your administrative credentials, a quick Google search will tell snoopers exactly how to access your administrative settings to get access to your network -- no cracking, hacking, or effort required.

Related Resources: