Your home router is the gateway between everything you own and the internet. Most people set it up once when they get broadband and never touch it again.
That’s a problem, because routers with default settings are trivially easy to compromise. Here’s what to fix.
1. Change your router’s admin password
Your router has a web interface, usually accessible at 192.168.1.1 or 192.168.0.1. The username and password to log in are often set to something like admin / admin or printed on a sticker.
If you haven’t changed this, change it now. If an attacker gets on your network — even briefly — they can log into your router and redirect all your traffic.
Use a long, random password and store it in your password manager.
2. Update your router’s firmware
Router manufacturers release firmware updates that patch security vulnerabilities. Most routers don’t update automatically.
Log into your router’s admin panel and look for a firmware update option — usually under “Advanced” or “Administration”. If you can’t find it, search for your router model + “firmware update”.
If your router is more than five years old and the manufacturer stopped releasing updates, consider replacing it. Old routers with known, unpatched vulnerabilities are a real risk.
3. Use WPA3 (or at minimum WPA2) for Wi-Fi
Your Wi-Fi password is encrypted using a security protocol. Older ones like WEP and WPA are broken and can be cracked in minutes.
In your router’s wireless settings, set the security mode to WPA3 if available, or WPA2 as a minimum. WEP and open networks are unacceptable.
While you’re there, make sure your Wi-Fi password is strong — not something guessable like your house number or pet’s name.
4. Create a separate guest network for IoT devices
Smart TVs, robot hoovers, smart speakers — these are all computers with varying degrees of security. Some have known vulnerabilities that are never patched.
The simple fix: put them on a separate guest Wi-Fi network that can’t talk to your main devices. Most modern routers support this.
Your laptop, phones, and work devices stay on the main network. Your smart TV and Google Home go on the guest network. If the TV gets compromised, it can’t reach your other devices.
5. Disable remote management
Routers sometimes have a feature that lets you manage them from outside your home network. It’s convenient if you travel, but it’s also a direct attack surface exposed to the entire internet.
Unless you specifically need this, disable it. Look for “Remote Management” or “WAN Access” in your router settings and make sure it’s turned off.
None of these steps require technical expertise. If you get stuck on any of them, search for your specific router model — there are usually step-by-step guides with screenshots.
These five things take under an hour and meaningfully reduce your risk. Most people who get their home network compromised are targeted by automated tools looking for exactly the default settings this article tells you to change.