Office of the Chief Information Security Officer

February 26, 2021

Home Network Security

How much do you know about your router and other home devices connected to the Internet?

Now is a good time to learn as much as you can!

It’s important to check with manufacturer recommendations for configuring and managing your devices.

Here are some tips to get you started:

  • Make sure you change the default name to something unique and change the default administrator password on the device.
  • Use the strongest form of encryption that you can. Wi-Fi Protected Access 3 (WPA3) Personal Advanced Encryption Standard (AES) and Temporary Key Integrity Protocol (TKIP) is currently the most secure router configuration available for home use. Both WPA2 and WPA3 are preferable to WEP.
  • Require a password for users; don’t leave your WiFi network open. Just like with other devices, use strong, complex passwords.
  • Use a guest network so that visitors have their own password. A guest network can be used for IoT devices as well.
  • When it comes to firmware, it’s especially important to keep your router updated. How hard or easy it is to keep the firmware updated depends on the device, so check with the manufacturer.
  • You may see guidance that says you should hide your network name, or the SSID. If you read up on it and decide you want to hide it from view, that’s fine. But don’t assume that hiding your network will keep it out of reach from adversaries. The network can be reached in more than one way by those who have the right tools to find it. It’s more important to change the default name, require a strong password, use strong encryption, and to get to know more about the administrative interface than to hide the network name.

For more tips on working from home, see our Working Remotely online training.


More information

CISA Security Tip (ST15-002) Home Network Security
https://us-cert.cisa.gov/ncas/tips/ST15-002


Working Remotely

More Articles