What’s the best practice configuration for mobile hotspots? For example, the
Verizon 4G LTE 890L jet pack. Is it possible or recommended to change the
password that appears on the underside of the device? Should I change the SSID?
I have several of these units and must ensure the utmost security.
In this excerpt from
Answercast #60, I look at the necessary security steps to take with mobile
hotspots.
Become a Patron of Ask Leo! and go ad-free!
Mobile hotspot security
Well, there are definitely several things you want to do with each one of
those devices.
I’m not really not that concerned about changing the SSID. I would
recommend that you do so mostly for your convenience, simply so that you have
an SSID that you can recognize when you see it over the air.
I carry a cellular phone that falls into this same category. It’s a mobile
hotspot that I can turn on. And yeah, I have my own SSID (it’s called Ask Leo!
surprisingly enough), but that doesn’t add a layer of security by any
stretch.
Adding security
What does though are the two things that you’ve just recommended. Definitely change the administrative password that appears on the underside
of the device.
What it boils down to is that anybody who could see the underside of the
device even briefly (maybe long enough to take a picture of it) could get the
administrative password to the hotspot.
That’s not something you want somebody else to have. So, change it to
something else. Change it to something that you know you will remember, and
that you can use then to administer the rest of the settings on that mobile
device.
Similarly, the other thing that you happened to mention that I would
strongly recommend you do is:
-
Make sure that the wireless hotspot is configured to only accept connections
using WPA2 security; -
And that that security have an appropriately complex or secure
password.
Appropriately secure password
That is probably the most important part of the configuration of this
device. That’s what secures the actual conversation between the device and the
computers nearby. It prevents anybody within range from randomly snooping on
the conversations and potentially sniffing sensitive data that’s going across
that wireless connection.
Do that:
-
Change the administrative password, absolutely!
-
Make sure you’re using WPA2 security for the wireless connection itself.
-
Set an SSID, if you like. It can be something convenient, but don’t think that
it adds any security.
And for the record, this applies not only to mobile hotspots – like the
dedicated devices you’re talking about. The little Mi-Fi kind of devices are
stand-alone but this absolutely applies to cellular phones – smartphones that
themselves that can be turned into wireless hotspots by running an appropriate
application.
Make sure that the administrative password (if there is one) is set
appropriately. Make sure that the Wi-Fi connection itself is similarly
configured to use WPA2 with an appropriately secure password.
End of Answercast #60 Back to –
Audio Segment
treat your mobile broadband hotspot like a regular WiFi hotspot
If a domestic WiFi router (where mobile or static) has WPA2 security and a strong password, does it really matter whether or not the Admin password is changed?
I would have thought that my neighbours would not be able to connect to the router and therefore would not be able to access the admin login screen?
Changing the admin password seems to me to be more relevant in a business environment?
16-Oct-2012