Change your router's default username and password immediately
Default router logins are published on the internet — anyone can look up the admin password for your exact model in seconds. Changing it is the single most important security step, and it takes two minutes.
Use WPA3 or WPA2 encryption — never open or WEP
Your Wi-Fi password setting has an encryption mode behind it. WPA3 (or WPA2 on older routers) keeps traffic scrambled; WEP was cracked nearly twenty years ago, and an open network is an open door. Check this once in your router settings and you're done.
Keep your router's firmware updated
Router makers patch security holes through firmware updates, and most modern routers can install them automatically. If yours is more than a few years old and has never been updated, it's running with known, documented vulnerabilities.
Create a separate guest network
Visitors' phones and smart home gadgets don't need to be on the same network as your personal computers and files. A guest network keeps them isolated — so a compromised smart plug or an infected visitor laptop can't reach anything that matters.
Disable remote management unless you specifically need it
Remote management lets your router's settings be changed from outside your home. Almost nobody needs that — and leaving it on gives attackers a way in from anywhere on the internet. Turn it off unless you have a specific reason not to.
Want your home network checked and locked down properly? I do exactly this — and I'll explain every change I make.