How to See Who's Using Your Wi-Fi: A Complete Guide (2026)

Have you noticed that your internet has become slower, even though your plan hasn't changed? Or is your router blinking more often than usual, as if someone is actively using the network? Perhaps your Wi-Fi has been accessed by strangers — neighbors, guests who forgot to disconnect, or even hackers. In this article, we'll look at all working methods, how to check who's using your network, and what to do if you find unfamiliar devices.

Some people think that simply changing the password is enough—but that's a half-measure. If you already have "extra" devices on the network, they can continue to consume traffic until you manually block them. Others mistakenly believe that hiding SSID (network name) will protect against connections - this is a myth. We'll show you how Find all connected users even on routers without a web interface, using standard Windows, Android tools or third-party utilities.

Important: The methods vary depending on your router model and firmware. If you have a rare or outdated model (for example, D-Link DIR-300 2012), some features may be missing. In this case, universal methods via a computer or smartphone will be useful.

1. Checking via the router's web interface (the most reliable method)

Any modern router - be it TP-Link Archer C6, ASUS RT-AX88U or Keenetic Giga — maintains a list of connected devices. To view it, you need to go to the control panel. Here's how:

  • 🌐 Open your browser (Chrome, Edge, Firefox) and enter in the address bar 192.168.1.1 or 192.168.0.1If you can't connect, check the sticker on your router - it may have a different IP (for example, 192.168.8.1 for some models Xiaomi).
  • 🔑 Enter your login and password. By default, this is often admin/admin or admin/passwordIf it doesn't fit, look at the same sticker.
  • 📊 Find the section with connected devices. It's called differently by different manufacturers:
    • TP-Link: Wireless → Wireless Statistics or DHCP → DHCP Clients List
    • ASUS: Network map (in the top menu) or Local Network → DHCP Server
    • Keenetic: Devices (main page) or Home Network → Device List
    • Zyxel: Network → Active Connections

In the table you will see:

Field What does it mean? Example
Host Name Device name (can be empty or like "android-1234") iPhone-Vasya, DESKTOP-5T7G9P1
MAC Address Unique physical address (it can be used to identify the device) AC:87:A3:4F:1E:2B
IP Address Local IP assigned by the router 192.168.1.103
Connection Type Connection type (Wi-Fi or cable) Wireless, Ethernet

🔍 How to recognize other people's devices? Please note:

  • 📱 Unfamiliar names (For example, Xiaomi_4A2B, if you don't have Xiaomi devices).
  • ⏱️ Connection time: If the device is active at night when you are sleeping, it is suspicious.
  • 📡 Unusual MAC addresses: The first 6 characters indicate the manufacturer. For example, B8:27:EB - This Raspberry Pi, 3C:5A:B4Google.
⚠️ AttentionSome routers (especially budget ones) only show active connections. If the device is asleep or disconnected from Wi-Fi, it may not appear in the list. For a complete picture, use the methods in the following sections.
📊 How often do you check the devices connected to your Wi-Fi?
Never checked
Once every few months
Every month
Only if the internet is slow

2. Using mobile applications (for Android and iOS)

If you're too lazy to access your router settings or don't have access to a computer, you can use specialized apps. They scan your local network and display all connected devices. The best options are:

  • 📱 Fing (Android/iOS) — the most popular app with a simple interface. Shows IP, MAC address, device manufacturer, and even network vulnerabilities.
  • 🛡️ NetScan (Android) — Scans the network and saves connection history. New device notifications are available.
  • 🔍 IP Network Scanner (iOS) - quickly finds all active hosts on the network, supports data export.
  • 🌐 WiFi Guard (Android) — specializes in finding "left" connections and blocking unknown devices.

📌 Instructions for Fing (using Android as an example):

  1. Download the app from Google Play or App Store.
  2. Open it and click Scan.
  3. Wait for the scan to complete (usually 10-30 seconds).
  4. Browse the list of devices. Fing automatically detects the device type (smartphone, TV, camera, etc.).
  5. Click on a suspicious device to see details: MAC address, manufacturer, open ports.

💡 Advantages of mobile applications:

  • ✅ No need to go into router settings.
  • ✅ Works even if you don't have access to the admin panel (for example, on an office network).
  • ✅ You can save the list of devices and compare it later.
⚠️ Attention: Some applications (eg. WiFi Kill) promise not only to scan, but also to "kick" other people's devices off the network. Using such functions can be illegal In your country (violation of the article on unauthorized access to information). It's better to block strangers through your router.

Click on the MAC address in the router list and select "Block"|Change your Wi-Fi password to a more complex one (at least 12 characters)|Enable MAC address filtering (if supported)|Check if your neighbors' smart devices (lamps, cameras) are connected to your network|Update your router firmware to the latest version-->

3. Checking via the Windows command line (for advanced users)

If you have a computer on Windows 10/11, you can find out who is connected to your Wi-Fi without third-party programs. To do this, you will need command line and a couple of teams.

📌 Step 1: Find out your router's local IP address

  1. Click Win + R, enter cmd and press Enter.
  2. Enter the command:
    ipconfig

    Find the line Main gateway - this is the IP of your router (usually 192.168.1.1 or 192.168.0.1).

📌 Step 2: Scan the network for active devices

We use the command arp (Address Resolution Protocol), which shows a table of IP and MAC address mappings:

arp -a

You'll see a list of all devices that have recently communicated with your computer. For example:

  192.168.1.1     ff-ff-ff-ff-ff-ff     dynamic

192.168.1.100 ac-87-a3-4f-1e-2b dynamic

192.168.1.103 3c-5a-b4-78-90-12 dynamic

📌 Step 3. Ping all possible IP addresses on the network

To discover All You can ping the entire IP range of devices (including those that haven't communicated with your PC). To do this:

  1. Find out the subnet mask (usually 255.255.255.0, what does range mean 192.168.1.1–192.168.1.254).
  2. Create a script (or enter commands manually):
    for /L %i in (1,1,254) do ping -n 1 192.168.1.%i
  3. After ping, run it again arp -a — now the list will contain all the devices that responded.

⚠️ Limitations of the method:

  • 🔌 Will not show devices that do not respond to ping (Some smartphones and IoT gadgets block ICMP packets).
  • 🕒 It takes time - pinging 254 addresses can take several minutes.
  • 📡 Doesn't determine device type (IP and MAC only).
How to find out the manufacturer by MAC address?

The first 6 characters of the MAC address (eg. AC:87:A3) are called OUI (Organizationally Unique Identifier) ​​and are assigned to the manufacturer. To find out which company owns an address, enter it into the search on the website. MAC Vendors or use the command on Linux/WSL:

grep "AC:87:A3" /usr/share/ieee-data/oui.txt

For example, B8:27:EB — Raspberry Pi, 78:31:C1 — Apple, 5C:F9:DD — Huawei.

4. Special programs for network scanning

If the command line seems complicated, you can use free programs for Windows, macOS, or Linux. They automate scanning and provide more information about connected devices.

🔹 Best PC programs:

Program Platform Peculiarities
Advanced IP Scanner Windows Scans your local network, showing MAC address, manufacturer, and open ports. You can save the report as a CSV file.
Angry IP Scanner Windows/macOS/Linux A cross-platform utility with plugin support. Quickly scans large networks.
Wireshark Windows/macOS/Linux Professional traffic analyzer. Shows all packages, passing through the network (requires skills).
Nmap Windows/macOS/Linux A powerful security scanner that can detect device operating systems and vulnerabilities.

📌 An example of using Advanced IP Scanner:

  1. Download the program from official website and install.
  2. Start scanning (button Scan).
  3. In a few seconds you will see a list of all devices on the network indicating:
    • IP and MAC addresses;
    • manufacturer (by MAC);
    • host name (if available);
    • status (online/offline).
  • Right-click on the suspicious device and select Open in browser or Ping for further verification.
  • 💡 Advice: If you frequently scan your network, save the report as a CSV file and compare it with previous scans. This will make it easier to spot new devices.

    ⚠️ Attention: Programs like Wireshark or Nmap may be blocked by your antivirus or firewall. If scanning isn't working, temporarily disable protection or add the program to the exceptions list.

    5. Checking via a router without a web interface (Telnet/SSH)

    Some routers (especially corporate ones or those with alternative firmware like DD-WRT, OpenWRT) do not have a graphical interface. In this case, you can connect via Telnet or SSH and execute commands manually.

    📌 Step 1: Enable Telnet/SSH on your router

    This is usually done through the web interface in the section Administration → System or Management → Remote AccessIf there is no interface, try connecting by default:

    • IP: 192.168.1.1
    • Port: 23 (Telnet) or 22 (SSH)
    • Login/Password: admin/admin or root/password

    📌 Step 2: Connect and run commands

    For Windows use PuTTY, for macOS/Linux - built-in terminal.

    🔹 Commands for viewing connected devices:

    • For DD-WRT:
      cat /tmp/dhcp.leases

      Shows a list of devices to which the router assigned IP addresses via DHCP.

    • For OpenWRT:
      ubus call dhcp hostlist

      Will output JSON with all hosts in the network.

    • Universal command (works on many firmware versions):
      arp -a
    • View active Wi-Fi clients (if supported):
      iwinfo wlan0 assoclist

    📌 Step 3: Blocking Unknown Devices

    If you find someone else's gadget, block it by MAC address:

    iptables -A FORWARD -m mac --mac-source AC:87:A3:4F:1E:2B -j DROP

    This command will add a rule to the firewall that will drop all traffic from the specified MAC.

    ⚠️ Attention: Working with Telnet/SSH requires caution. Incorrect commands can break the router settings or disconnect you from the network. If you're unsure, use other methods.

    6. How to identify a fake device: signs and what to do

    Finding a list of connected devices is half the battle. Now we need to figure out which ones yours, and which ones are someone else's. Here are the key signs of "unnecessary" gadgets:

    • 🆔 Unknown MAC address: If the first 6 characters do not match your devices (see OUI spoiler higher).
    • 🕒 Suspicious activity time: The device appears at night or when you are not at home.
    • 📥 High traffic: if the gadget consumes gigabytes of data (can be seen in the router or through GlassWire).
    • 🔄 Frequent IP change: Some viruses or hacking tools constantly change the address.
    • 📵 Host name missing: Legitimate devices usually have a name (eg. iPhone-12-Pro), and others are often displayed as Unknown.

    📌 What to do if you find someone else's device?

    1. Block it by MAC address in the router settings (section Wireless MAC Filter or Access Control).
    2. Change your Wi-Fi password complex (minimum 12 characters, with numbers and special characters).
    3. Enable WPA3 (if supported) - This is the most secure standard available today.
    4. Disable WPS - This function is vulnerable to brute force attacks.
    5. Update your router firmware — Old versions often have vulnerabilities.
    6. Set up a guest network for friends - so they won't know the main password.

    💡 Additional security measures:

    • 🔄 Change your password regularly (once every 3-6 months).
    • 📡 Disable remote control of your router (chapter Remote Management).
    • 🛡️ Turn on the firewall on the router (if there is such an option).
    • 📊 Keep a connection log (some routers allow you to save history).

    7. How to prevent unauthorized connections in the future

    The best defense is prevention. Follow these tips to minimize the risk of Wi-Fi leaks:

    • 🔐 Use a complex password: Not 12345678 or qwerty, and a combination of the type Tr0ub4dour&3 (with capital letters, numbers and symbols).
    • 🔄 Disable SSID broadcasting (hiding the network name) - this does not protect against hacking, but it reduces the number of accidental connections.
    • 📵 Enable MAC filtering: Allow only devices with known addresses to connect.
    • 🛡️ Set up a separate guest network with limited access to local resources.
    • 📡 Reduce signal strength (if your router supports it): this way, your Wi-Fi won't extend far beyond your apartment.
    • 🔍 Check connected devices regularly (once a month).
    • 📱 Disable automatic connection to open networks on your gadgets - this way you won't accidentally connect to a "trap."

    📌 An example of a secure router configuration (based on ASUS RT-AX88U):

    • 🔒 Security: WPA3-Personal (or WPA2/WPA3 if you have older devices).
    • 🔑 Password: 16+ characters, with letters of different upper and lower case, numbers and signs.
    • 🚫 WPS: Disabled.
    • 📡 Guest network: Enabled, with separate SSID and password.
    • 🔄 MAC filtering: Only known addresses are allowed access.
    • 📊 Logs: Connection logging is enabled.

    ⚠️ Wi-Fi security myths you shouldn't believe:

    • ❌ "Hiding your SSID protects against hacking" - No, this only makes it more difficult for legitimate users to connect.
    • ❌ "MAC filtering reliably protects the network" - MAC is easy to counterfeit.
    • ❌ "If the password is long, the network cannot be hacked." — with a weak algorithm (for example, WEP), the password can be cracked in minutes.
    • ❌ "Neighbors can't connect if the signal is weak" - hackers use directional antennas.

    FAQ: Frequently asked questions about checking connected devices

    ❓ Is it possible to find out who is connected to my Wi-Fi if I don't have access to the router (for example, at the office)?

    Yes, but with limitations. You can:

    • Use mobile apps like Fing or NetScan - They will show the devices on your local network.
    • In Windows, run arp -a (will show only those devices that exchanged data with your PC).
    • Install Wireshark and analyze traffic (requires skills).

    However, you won't be able to block other people's devices without access to the router. In the office, it's best to contact the network administrator.

    ❓ Why do unknown gadgets with names like "ESP_123456" appear in the list of connected devices?

    Most likely it is smart devices (IoT) - for example:

    • 💡 Smart bulbs (Xiaomi Yeelight, Philips Hue).
    • 📷 IP cameras (TP-Link Tapo, Dahua).
    • 🔌 Smart sockets (Sonoff, Aqara).
    • 🎮 Game consoles or TV set-top boxes (Amazon Fire Stick).

    If you don't recognize your device, check:

    1. Have you recently connected a new gadget (for example, a smart alarm clock or a fitness tracker).
    2. Are your neighbors using devices that automatically connect to open networks (some cameras do this).
    3. Is your router hacked (if there are a lot of devices and they appear regularly).
    ❓ Is it possible to see which websites a connected device is visiting through a router?

    It depends on the router model and firmware:

    • 📊 Standard routers (like TP-Link TL-WR841N): usually only show traffic volume, without site-by-site details.
    • 🛡️ Routers with parental controls (For example, ASUS RT-AX88U): can block individual websites and show browsing history.
    • 🔧 DD-WRT/OpenWRT type firmware: allow you to install plugins for traffic monitoring (for example, ntopng).
    • 🖥️ Special software: programs like GlassWire or Wireshark can analyze traffic, but require skills.

    ⚠️ Legal aspectIn some countries, tracking other users' traffic (even within your own network) may violate privacy laws. Use this feature only for legitimate purposes (such as parental control).

    ❓ What should I do if someone else's device reconnects after changing the password?

    This is a sign that:

    1. 🔑 Password too simple and it was hacked using brute force.
    2. 🕳️ There is one in the router vulnerability, which allows bypassing authorization.
    3. 📡 Someone physically has access to the router (for example, the neighbors below are connected via cable).