Hi, Leo. I’m a long-time subscriber to your newsletter and always look
forward to receiving it. You’ve helped me a couple of times in the past and I’m
hoping you can help me again. I’m trying to set up the security on my ISP
supplied router and change the passwords. I’ve read a lot of your articles on
this and many others but I’m still not sure which passwords to change. I have a
wireless network name (SSID) and a key. I also have a router access username
(unsurprisingly “admin”) and a password. Should I change the name of all four
of these or can I change just some subset?
Become a Patron of Ask Leo! and go ad-free!
Change router password
So, the fact that you have all four of them is very good.
There’s basically two passwords that you really want to change: There’s one
you want to have (because the default is not to have one at all); and
there’s one you want to change.
The administration password is the password that you supply when you connect
to the router in order to configure it or reconfigure it.
You don’t need to change the name. In fact, in many routers, you can’t
change the name – so in this case “admin” may very well be what you’re stuck
with forever. However, definitely change the password and definitely make sure
it’s a good strong password.
Malware targets routers
The reason it’s important to change the password is because there is malware
that contains a little database of all of the common default passwords on most
of the popular routers that are currently available. When the malware runs, it
basically goes out to the router and tries to reconfigure it by accessing it
with the default password. If it does, lots of things can go wrong.
It’s so easily solved; so easily prevented by simply putting on your own
secure password to the administration screen.
So, that’s probably, I won’t say it’s the most important one – but it is
very important so do that.
The other password you’re talking about is the WPA key. In other words, it’s
the encryption key for your wireless connection.
That’s important for two reasons actually. One is that it prevents people
who don’t know the password from connecting to your wireless access point. And
second, it encrypts all of the data that’s transmitted between your wireless
access point and the computers using it so somebody couldn’t listen in and
understand what all the data is that is being transmitted back and forth.
Now, the SSID, I keep hearing opinions back and forth on [broadcasting] the SSID. I leave it [broadcasting] enabled. I don’t bother changing it – it’s up to you.
In my case, I do change the SSID [name]. I have four access points here and I want to know which one I’m connecting to. The SSID [name] lets me know which one I’m using.
Changing it doesn’t really improve security at all. Disabling its broadcast,
to be honest, really doesn’t improve security that much. So do whatever you
like with the SSID. Maybe give it a name that means something to you so that
you know when you’re connected to your wireless access point.
But most important is to make sure that you’ve got a WPA key that each
computer would need to specify in order to be able to connect up
(Transcript lightly edited for readability.)