How to See Who's Connected to Your Wi-Fi Router: A Complete Guide

Have you noticed your internet is slower than usual? Or do you suspect that unauthorized devices have connected to your Wi-Fi network without your knowledge? In today's world, where the number of gadgets in homes grows every year and neighbors sometimes "forget" to ask for the password, monitoring connected devices is critical. Unauthorized use of your network not only steals traffic but can also put your personal data at risk if an intruder gains access to your local network.

In this article we will look at all possible ways to check devices, connected to your router - from standard methods via the web interface to advanced tools like Wireshark or the command line. You'll learn how to distinguish your device from someone else's, how to block unwanted "guests," and why even a hidden network doesn't guarantee complete security. And if you've never changed your Wi-Fi password from the factory default, you'll definitely want to do so after reading this.

Why is it important to control connected devices?

Many users don't check the list of devices on their network for years until they encounter problems. Meanwhile, uncontrolled access to Wi-Fi may lead to serious consequences:

  • 🐢 Internet slowdown — each additional device takes up some of the channel's bandwidth. This is especially noticeable when playing online games or streaming 4K video.
  • 🔓 Data leak If a hacker connects to the network, they can intercept passwords, browser history, or even access files on your devices.
  • 💸 Traffic limit exceeded — Applicable to plans with limited data volume. Third-party devices can eat up gigabytes in a few hours.
  • 🚫 IP address blocking — If spam or DDOS attacks are sent from your IP, your provider may restrict access to the network.

According to the study Kaspersky By 2023, more than 30% of home networks had been the victim of an unauthorized connection at least once. In 60% of cases, users weren't even aware of the presence of "outsiders" on their network. Meanwhile, routers with factory security settings (such as a password) admin/admin or 12345678) are hacked in minutes using automated scripts.

But how can you tell if someone has truly accessed your network without permission? Here are a few indirect signs:

  • 📉 A sharp drop in internet speed during normal times (for example, in the evening) when you are not downloading large files.
  • 🔄 Blinking activity indicator on the router when all your devices are turned off.
  • 📱 Unknown devices appearing in the list of connected gadgets (more on this below).
📊 How often do you check the list of devices connected to Wi-Fi?
Never
Once every few months
Every month
Only when problems arise

Method 1: Viewing via the router's web interface (universal method)

The most reliable and accurate way to find out who is connected to your Wi-Fi is to go to router web interfaceThis method works on any model (TP-Link, ASUS, Keenetic, Zyxel, D-Link, etc.), regardless of the year of manufacture. The main thing is to know the router's IP address and login information.

To open the web interface:

  1. Find out the IP address of your router. This is usually 192.168.0.1 or 192.168.1.1If it doesn't fit, check the sticker on the back of the device.
  2. Enter this address into the address bar of your browser (Chrome, Firefox, Edge).
  3. Enter your login and password. By default, this is often admin/admin or admin/password (indicated on the sticker). If you have changed them, use your information.

Further instructions vary depending on your router model. Below are the paths to the device list for popular brands:

Manufacturer Path to the list of devices Note
TP-Link Wireless Mode → Wireless Mode Statistics or DHCP → DHCP Client List In new models (Archer AX) look for Home Network → Clients
ASUS Network map or Local Network → DHCP Client List In Asuswrt-Merlin firmware the path may differ
Keenetic Devices → Device List Shows even devices connected via cable
Zyxel Wi-Fi Network → Status → Clients For Keenetic models (rebranded), see the line above
D-Link Wi-Fi → Clients or Network → LAN → DHCP Client List In older models it may be called Wireless Clients

In the list you will see:

  • 🖥️ Device name (if it is not hidden). For example, iPhone-12-Pro or Samsung-SM-G991B.
  • 🔢 MAC address — unique identifier of the network card (example: 00:1A:2B:3C:4D:5E).
  • 📡 IP address — local address on the network (for example, 192.168.1.102).
  • ⏱️ Connection time - when the device appeared on the network.

If the device name is not displayed or looks suspicious (for example, android_123456 or Unknown Device), this is a reason to be wary. You should also pay attention to devices with unusual MAC addresses (for example, those starting with 00:0E:8E - it could be Raspberry Pi, often used to hack networks).

Check the MAC address using a search engine (for example, enter the first 6 characters)

Disconnect the device from the network (the "Block" or "Disconnect" button in the router interface)

Change your Wi-Fi password to a more complex one (at least 12 characters, with numbers and special characters)

Enable MAC address filtering (if supported by your router)-->

How to find out the manufacturer of a device by MAC address?

The first 6 characters of the MAC address (eg. 00:1A:2B) are called OUI (Organizationally Unique Identifier) ​​and are assigned to the network equipment manufacturer. To find out which company owns an address, enter it into the database. MAC Vendors or use the command in the Linux/macOS terminal:

curl "https://api.macvendors.com/00:1A:2B:3C:4D:5E"

This will help to distinguish Samsung from Xiaomi or identify suspicious devices such as MikroTik (popular among hackers).

⚠️ Attention: If you have never changed the factory password for the router's web interface (admin/admin), do it right now! Many viruses and botnets (for example, Mirai) scan networks for routers with default settings and connect to them to send spam or mine cryptocurrency.

Method 2: Using mobile apps (for beginners)

If you don’t want to dig into the router settings, you can use special applications For smartphones. They scan the local network and display all connected devices, including their manufacturer, IP address, and MAC address. Popular options include:

  • 📱 Fing (Android/iOS) — the free version displays up to 5 devices, while the paid version displays an unlimited number. It identifies gadget models and scans ports for vulnerabilities.
  • 🔍 Network Analyzer (Android/iOS) — in addition to the list of devices, it tests the network speed and shows busy ports.
  • 🛡️ WiFi Guard (Android) - specializes in searching for unauthorized connections and sends notifications when new devices appear.
  • 🌐 IP Tools (Android/iOS) - A comprehensive tool with network scanning and ping testing functions.

How to use (using example) Fing):

  1. Install the application and open it.
  2. Click Scan Network (Scan Network).
  3. Wait for the scan to complete (usually 10-30 seconds).
  4. Browse the list of devices. The app will automatically detect the manufacturer (e.g. Apple, Samsung, Xiaomi) and will show IP/MAC addresses.

Advantages of mobile applications:

  • ✅ No need to remember your router password.
  • ✅ Intuitive interface.
  • ✅ Additional functions (speed test, vulnerability search).

Flaws:

  • ❌ Not all applications show connection time devices (as opposed to the router's web interface).
  • ❌ May not detect devices connected via cable (if scanning is limited to Wi-Fi only).
  • ❌ Free versions often have limitations on the number of scans.

Method 3: Command Line (for advanced users)

If you prefer to work without graphical interfaces, you can get a list of connected devices via command line (Windows) or terminal (Linux/macOS) This method is suitable for a quick check, but requires minimal knowledge of network commands.

For Windows:

  1. Open Command Prompt (Win + R → enter cmdEnter).
  2. Enter the command to view the ARP table (list of IP and MAC addresses):
    arp -a
  3. Look for lines in the output containing IP addresses from your local network (usually 192.168.x.x).

For Linux/macOS:

  1. Open the terminal.
  2. Enter the command:
    nmap -sn 192.168.1.0/24

    (replace 192.168.1.0/24 to your subnet, if it is different).

  3. Wait for the scan to complete. The command will display all active devices with their IP and MAC addresses.

To find out the device manufacturer by MAC address in Linux/macOS, use:

grep -i "00:1A:2B" /usr/share/nmap/nmap-mac-prefixes

(replace 00:1A:2B (on the first 6 characters of the MAC address).

Example of command output arp -a:

Interface: 192.168.1.100 --- 0x12

Internet Address Physical Address Type

192.168.1.1 00-11-22-AA-BB-CC dynamic ← this is a router

192.168.1.102 A4-BB-6D-12-34-56 dynamic ← unknown device

192.168.1.103 78-31-C1-AB-CD-EF dynamic ← your laptop

⚠️ Attention: Teams arp -a And nmap show all devices on the local network, including those connected via cable. If you're only looking for Wi-Fi clients, this method is less accurate than the router's web interface.

Method 4: Viewing through the provider's app (Rostelecom, Beeline, MTS)

Many internet providers offer their own mobile apps for managing the routers they rent. If your router is from Rostelecom, Beeline, MTS or Dom.ru, there is most likely an easy way to check connected devices without logging into the web interface.

Application examples:

  • 📡 Rostelecom — Personal Account (section "My network" → "Devices").
  • 📱 My Beeline (Internet tab → My Wi-Fi network).
  • 🌐 MTS Connect (section "Devices").
  • 🏠 Dom.ru — Personal Account (Wi-Fi tab).

Typically, these apps allow you to:

  • View a list of connected devices with their name and MAC address.
  • Block unwanted devices with one tap.
  • Change Wi-Fi password.
  • Enable the Guest Network feature to restrict access from outsiders.
⚠️ Provider app interfaces may change. If you can't find the section you need, check the current version of the app in App Store or Google Play.

Method 5: Advanced tools (Wireshark, GlassWire)

If you suspect a hacker or botnet has connected to your network, standard methods may not be enough. In this case, professional traffic analysis tools, such as:

  • 🔍 Wireshark — a powerful packet analyzer that shows all network traffic in real time. Allows you to identify suspicious activity (such as port scanning or password brute-force attempts).
  • 📊 GlassWire — visualizes network usage by each device, shows the geolocation of connections, and alerts you to unusual activity.
  • 🛡️ Acrylic Wi-Fi — a specialized tool for monitoring Wi-Fi networks (for Windows only).

Example of use Wireshark:

  1. Download and install Wireshark With official website.
  2. Select network interface (Wi-Fi adapter).
  3. Start packet capture (Start).
  4. Enter in the filter wlan.addr == 00:1A:2B:3C:4D:5E (replace with the suspicious MAC address) to filter traffic from a specific device.
  5. Analyze packets: if the device sends a lot ARP or ICMP requests, this may be a sign of a network scan.

What should be a warning sign:

  • 🚨 Large volume of outgoing traffic from an unknown device (it may be used for mining or DDOS attacks).
  • 🔌 Connections to unusual ports (For example, 4444, 3389 — often used for remote control).
  • 🌍 Connections to IP addresses from other countries (if you don't use VPN).

These tools require some skill but provide the most complete picture possible about what's happening on your network. If you detect suspicious activity, it's best to immediately disconnect the unknown device and change your Wi-Fi password.

How to block an unknown device

Finding the "extra" device is half the battle. Now we need to disconnect it from the network and prevent reconnection. Here are the step-by-step instructions:

  1. Turn off the device temporarily:
    • Find the button in the router's web interface Block, Disconnect or Block near a suspicious device.
    • In mobile applications (for example, Fing) use the function Kick Device.
  2. Change your Wi-Fi password:
    • Go to Wi-Fi Settings → Security (path may differ).
    • Select encryption type WPA2-PSK or WPA3-PSK (don't use outdated WEP!).
    • Create a complex password (example: k7#pL9!vN2@qR4). Do not use birth dates or simple combinations like 12345678.
  3. Enable MAC address filtering (optional):
    • In the router's web interface, find the section MAC Filter or MAC filtering.
    • Add your devices' MAC addresses to the whitelist.
    • Activate filtering—now only approved devices will be able to connect to the network.
⚠️ Attention: MAC address filtering isn't reliable protection! MAC addresses are easily spoofed using specialized software. This method is best used as a supplementary rather than primary method.
  • Update your router firmware:
    • Go to the section System Tools → Firmware Update.
    • Download the latest version from the manufacturer's website and install it.
    • Outdated firmware often contains vulnerabilities that allow you to bypass your Wi-Fi password.

    If a suspicious device reappears after changing the password, it may mean:

    • 🔄 One of your friends (or neighbors) saved a new password and is connecting without your knowledge.
    • 🕵️‍♂️ Your router has been hacked and the hacker is replacing the login page (attack) Phishing).
    • 📡 There is a worm (virus) running on your network that is spreading via Wi-Fi and connecting new devices.

    In such cases it is recommended:

    • Reset the router to factory settings (button Reset on the back panel).
    • Scan all devices on the network for viruses (especially Windows PCs and Android smartphones).
    • Contact your ISP for assistance if you suspect a hardware-level hack.

    Frequently Asked Questions (FAQ)

    Is it possible to find out who is connected to my Wi-Fi if I'm not an admin?

    No, without access to the router's web interface or special network permissions, you won't be able to get a full list of connected devices. However, you can try:

    • Use mobile apps like Fing (they will show devices on your local network, but will not allow you to block them).
    • View the ARP table via the command line (method 3 in the article).

    If you are not an administrator but suspect that someone else has connected to your network, contact the person who configured your router.

    Why are unfamiliar gadgets with names like "Direct-TV" or "Amazon" showing up in the list of devices?

    These may be legitimate devices that you forgot to consider:

    • Direct-TV — set-top box for satellite TV.
    • Amazon-Technologies — devices Amazon Echo (smart speakers), Fire TV Stick or Kindle.
    • Sonos - smart speakers or soundbars.
    • Google-Home - smart speakers or displays Google Nest.

    Check the MAC address using a search engine or ask your household members if they have connected any new gadgets.

    How do I know if a device on the list is my neighbor's phone and not my own?

    There are several ways:

    1. Check the MAC address:
      • The first 6 characters (OUI) will indicate the manufacturer. For example, 3C:22:FBApple, 78:31:C1Xiaomi.
      • If the manufacturer is unknown or suspicious (e.g. Shenzhen Bilian), this is a reason to be wary.
  • Disconnect all your devices from Wi-Fi and see if the unknown gadget remains in the list.
  • Use an app like Fing - it will show the device model (for example, Samsung Galaxy S21).
  • If a device appears at night or when you are not at home, it is almost certainly someone else’s gadget.

    What should I do if my router doesn't show a list of connected devices?

    Possible causes and solutions:

    • 🔄 Outdated firmware — update the router software via the web interface.
    • 🔧 DHCP server is disabled - check the settings in the section LAN or DHCP.
    • 📡 Router in bridge mode - if it works as a repeater, the list of devices can be displayed on the main router.
    • 🛠️ Hardware failure - try resetting the settings to factory settings (Reset).

    If nothing helps, try connecting to the router via Telnet/SSH (for advanced users) and run the command:

    cat /tmp/dhcp.leases

    This will show a list of leased IP addresses (for Linux based firmware).

    Is it possible to find out what websites a device connected to my Wi-Fi is visiting?

    Technically yes, but it requires special knowledge and may violate the law data privacyHere's what you can do legally:

    • 📊 View traffic statistics in the router's web interface (section Traffic Monitor or Statistics). Some models show the total data volume by device.
    • 🔧 Set up parental controls — this will allow you to block access to certain categories of websites (for example, for children).
    • 🛡️ Use DNS servers with logs (For example, OpenDNS), but this requires registration and configuration.

    For detailed traffic analysis (for example, which sites are visited) you will need tools like Wireshark, but their use without the consent of the device owner may be considered a violation of privacy.