Which encryption standard is the best?
The main choices that you will have for encrypting your wireless network are WEP (Wired Equivalency Protocol), WPA (Wi-fi Protected Access) and WPA2. The main difference between WPA and WPA2 is the algorithm that they use to encrypt the transmissions. All three are better than nothing; however they vary in how effective they are.
WEP: Wired Equivalency Potocol (WEP) is the oldest of the three, and has been cracked for quite a few years. So using it is analogous to putting a padlock on the gate, locking, it, but leaving the key hanging next to it.
WPA: WPA is more secure than WEP, because it uses a passphrase instead of a generated key. And the encryption is done with Temporal Key Integrity Protocol (TKIP). However, this has recently been partially cracked as well. But, it’s not a simple task and the actual key is not cracked, so it’s still more secure than WEP.
WPA2: This is an improved version of the WPA encryption. It uses a different algorithm called Advanced Encryption Service (AES). This algorithm is harder to crack, thus WPA2 is the best choice to secure your network with (as long as all devices support it).
Steps for Encrypting the Network
***Do this from a wired connection to the router, as your wireless will shut down at some point.
- Open your web browser and type in the address of your router in the address bar (Linksys routers typically are 192.168.2.1 or 192.168.1.1, but yours could be something different). If you’re not sure of the IP address, you can open a command prompt (Start → All Programs → Accessories → Command Prompt) and type ipconfig. Look for the Default Gateway IP Address. That will be your router’s IP address.
- Log in to your router. If you are still using the default password that came with it, now is an excellent time to fix that (as the default passwords are published on the Internet). Make it something hard to guess (a passphrase is better than a word). How to change it is beyond this article, but there are plenty of links available to do it.
- Click on the Wireless Tab in your browser window.
- Under the option for broadcasting your SSID, click "Disable". This prevents computers from finding your router, as they need to know your SSID in order to start the connection process. You will also want to change the SSID from the default (Linksys, Router, D-Link, or whatever it says), as the defaults are well known. Click the Save Settings button (the router may restart after this is clicked).
- Click on the Wireless Security sub tab.
- Choose WPA2-Personal, or WPA2 (depending on what your router offers). If it does not have WPA2, then choose the WPA TKIP+AES option (if it’s offered).
The Next Steps
- Enter a passphrase in the blank. You want to make this something you can remember, but not too easy. Or write it down until you have the computers connected. A passphrase should be at least three words and nothing that's personal to you (or a phrase that you use on a regular basis). I use "My Very Elderly Mother Just Sat Upon North Platte" for mine (purely an example-this is not mine, nor should it be yours). Click on the Save Settings button (again, the router may restart after this is clicked).
- Click on the MAC Address Filter sub tab.
- On this tab, you can specify whether the router will only allow certain MAC addresses or prevent them. The MAC Address is a hexadecimal number that is assigned to every network capable device by the manufacturer. The number is large enough that there will never be duplicates, so it's the equivalent of a fingerprint for the device. Click on the Save Settings button (the router may restart after this).
- After you've changed the security settings, you will have to reconnect to the network on every wireless device–using the passphrase that you set up.
Your wireless signal is important to you, because it enables you to have Internet access throughout your house or apartment- without having to drill holes and run cables everywhere. However it is important to keep in mind, that the signal is not confined to the walls of your house or apartment (or the lines of your property). So, you need to protect your investment by securing the network with a hard to break passphrase. After all, your computers, your data, and your money are at risk if someone else uses your wireless connection without your knowledge. You should also make sure that your modem or other wireless routing capable devices are either disabled or have the security enabled on them.