How to Find Out Who's Connected to My Wi-Fi: Step-by-Step Instructions for All Routers

Have you noticed your internet has slowed down, and your data usage is unusually high? Perhaps unauthorized devices have connected to your Wi-Fi network—neighbors, guests who forgot to disconnect, or even hackers exploiting vulnerabilities in your old password. According to research Kaspersky 2023, every fifth router There is at least one unauthorized connection in home networks, and 12% of users are not even aware of it.

In this article you will find 7 proven methodsHow to check the list of connected devices—from standard router tools to specialized applications and the command line. We'll cover step-by-step instructions for popular router models (TP-Link, ASUS, Keenetic, MikroTik), we'll show you how to identify "unwanted" gadgets by MAC address and explain how to permanently block other people's devices. Finally, we'll provide an FAQ with answers to the most frequently asked questions about Wi-Fi security.

📊 How often do you check the devices connected to your Wi-Fi network?
Never
Once every six months
Only if the internet is slow
Regularly, once a month

1. Checking via the router's web interface (universal method)

The most reliable way to find out who is on your network is to go to router control panelThis method works on any model, regardless of manufacturer. You only need a computer, phone, or tablet connected to the same network.

Instructions:

  • 🌐 Open your browser and enter in the address bar 192.168.0.1 or 192.168.1.1 (less often - 192.168.8.1 or 10.0.0.1). These are the standard IP addresses for logging into the settings of most routers.
  • 🔑 Enter your login and password (usually it is admin/admin, if you haven't changed them). On some models (Keenetic, Zyxel) the password is indicated on the sticker on the bottom of the device.
  • 📊 Find the section with connected devices. Its name depends on the firmware:
    • TP-Link: Wireless → Wireless Statistics or DHCP → DHCP Clients List
    • ASUS: Network map or Local Network → DHCP Server
    • Keenetic: Devices (in the main menu)
    • MikroTik: IP → DHCP Server → Leases

In the list you will see all the devices that Now connected to the network, as well as those that received an IP address in the last 24 hours (depending on DHCP settings). Note the columns:

  • 🖥️ Host Name — the name of the device (sometimes displayed as a model, for example iPhone-12-Pro or Mi-10T).
  • 🔢 MAC Address — a unique physical address (example: 00:1A:2B:3C:4D:5E). It can be used to determine the manufacturer of the device.
  • 📡 IP Address — local IP assigned by the router (for example, 192.168.0.103).
⚠️ Attention: Some routers (especially those with firmware from ISPs) hide the section with connected devices. If you don't find it in the standard menu, try updating your firmware or use the alternative methods in this article.

2. How to identify "extra" devices by MAC address

MAC address is like fingerprint For a gadget. The first six characters (the prefix) identify the device manufacturer. For example:

  • 00:1A:79Apple (iPhone, MacBook, iPad)
  • 78:31:C1Xiaomi (smartphones, smart devices)
  • B8:27:EBRaspberry Pi (single-board computers)
  • 00:0D:4BMSI (laptops, motherboards)

To check who owns a MAC address:

  1. Copy the first 6 characters (eg. 00:1A:79).
  2. Go to the website MAC Vendors Lookup (or similar service).
  3. Enter the prefix into the search bar and the system will show the manufacturer.

If you have a device on your network with a MAC address that points to unfamiliar brand (For example, Huawei, when you only have Samsung), or the address starts with 00:00:00 (fake MAC), this is a clear sign of hacking.

MAC prefix Manufacturer Typical devices
3C:5A:B4 Google Pixel smartphones, Nest, Chromecast
5C:F9:DD Samsung Galaxy smartphones, Smart TVs, smart watches
A0:0B:BA Amazon Echo, Kindle, Fire TV
00:1E:68 Cisco Network equipment, corporate devices
B4:FB:E4 Unknown (or fake) Possibly hacker software or a virtual machine
How to fake a MAC address?

Attackers often change their device's MAC address to masquerade as legitimate devices. For example, they might assign the MAC address of Appleto merge with your iPhones. This can be detected if two devices with the same MAC address are connected to the network at the same time (which is physically impossible).

3. Mobile applications for network scanning

If you are too lazy to go into the router settings or they are unavailable (for example, you have provider router (with limited functionality), use specialized apps. They scan the local network and display all connected devices.

Top 5 verified apps:

  • 📱 Fing (Android/iOS) - the most popular, with port and vulnerability checking functions.
  • 🛡️ NetCut (Android) - allows you to not only scan, but also block other people's devices.
  • 🔍 WiFi Analyzer (Android) - shows channels, signal strength and a list of clients.
  • 🍎 Network Analyzer (iOS) - a simple and free scanner for iPhone.
  • 🖥️ Advanced IP Scanner (Windows) - for PC, scans even hidden devices.

How to use (using example) Fing):

  1. Install the application and open it.
  2. Click Scan — the program will find all devices on your network.
  3. Check the list for unfamiliar gadgets. Fing will even tell you what device it is (smartphone, TV, camera).
  4. Click on a suspicious device to reveal information about its MAC address, IP address, and manufacturer.

Click on it in the app and select "Block" (if there is an option)|

Write down the MAC address to block in the router|

Change your Wi-Fi password to a more complex one|

Enable MAC address filtering (instructions below)-->

⚠️ Attention: Applications like NetCut They can only block devices on their local network. If a hacker has connected remotely (for example, through a vulnerability in the router), such programs will be useless. In this case, you should immediately update the router firmware and change the password.

4. Windows Command Prompt: Who's Connected to My Wi-Fi

If you have a computer on Windows, you can check connected devices without third-party programs - using the command line. This method will show active connections (those that are currently exchanging data with the router).

Instructions:

  1. Open Command line as administrator (click Win + XTerminal (Administrator)).
  2. Enter the command to view the ARP table (list of IP and MAC addresses):
    arp -a

    You will see a list of devices that have recently interacted with your PC.

  3. To see All devices on the network (including inactive ones), first ping the broadcast address:
    ping 192.168.0.255 -n 1 -w 1000

    Then enter again arp -a.

Example of command output arp -a:

Interface: 192.168.0.100 --- 0x12

Internet Address Physical Address Type

192.168.0.1 00-1A-2B-3C-4D-5E dynamic <-- This is your router

192.168.0.101 A4-B1-E5-12-F3-89 dynamic <-- Your smartphone

192.168.0.105 78-31-C1-AB-CD-EF dynamic <-- Unknown device (Xiaomi?)

If the list includes IP addresses that don't belong to your devices but have the "dynamic" status, it means they are connected to your Wi-Fi. Compare them with the MAC addresses from the router's web interface to confirm.

5. Blocking Other People's Devices: Step-by-Step Instructions

Found a suspicious device? Don't rush to change your Wi-Fi password—first block it by MAC addressThis is more secure than simply changing your password, as a hacker can still guess a new one.

How to block a device in a router:

  • 🔒 TP-Link:
    1. Go to Wireless → Wireless MAC Filtering.
    2. Select Deny (deny) and add the MAC address of the stranger.
    3. Save the settings.
  • 🛡️ ASUS:
    1. Open Local Network → Route.
    2. Find the device in the list and click Block.
  • 🚫 Keenetic:
    1. In the section Devices Click on the suspicious device.
    2. Select Block Internet access.
  • An alternative way is - bind IP to MAC (DHCP Reservation). Then someone else's device won't be able to obtain an IP address:

    1. Find it in your router settings DHCP → Address Reservation (or similar section).
    2. Add MAC addresses only their own devices and assign them fixed IP addresses.
    3. Disable the DHCP server for everyone else (or reduce the address pool to a minimum).

    6. How to protect your Wi-Fi from future hacking

    Even if you've blocked other people's devices, without additional security measures, your network will remain vulnerable. 5 essential steps for safety:

    1. Change the default router password:
      • By default, many routers have a login/password admin/admin or admin/1234.
      • Go to settings and change them to complex (example: X7#pL9!kQ2$m).
    2. Enable WPA3 encryption:
      • In the Wi-Fi settings, select WPA3-Personal (or WPA2/WPA3, if WPA3 is not supported).
      • Ditch the outdated WEP or WPA — they are hacked in minutes.
    3. Disable WPS:
      • Function Wi-Fi Protected Setup (WPS) vulnerable to brute force attacks.
      • Find it in the settings and deactivate it.
    4. Update your router firmware:
      • Outdated firmware contains critical vulnerabilities (for example, CVE-2021-20090 For TP-Link).
      • Check for updates in the section System Tools → Firmware Upgrade.
  • Create a guest network:
    • For guests or smart devices (lamps, cameras), set up a separate network with limited access.
    • This will protect the main network even if the guest network is hacked.
    ⚠️ Attention: If your router is provided by your ISP (for example, Rostelecom or Beeline), some settings may be locked. In this case, contact support for access to advanced features or purchase your own router.

    7. Signs that your Wi-Fi has been hacked

    Other people's devices aren't always visible in the list of connected devices. Experienced hackers can disguise themselves or connect through vulnerabilities. Pay attention to these indirect signs:

    • 🐢 The Internet has become slower without objective reasons (the provider does not carry out work, the tariff has not changed).
    • 📉 Traffic is being used up unusually quickly (for example, at night when everyone is sleeping).
    • 🔌 The router reboots spontaneously or blinks abnormally.
    • 🖥️ Unknown files appear in a shared network folder (if you have it configured SMB or FTP).
    • 🔍 Antivirus detects suspicious activity (eg port scanning).

    If you have noticed at least 2-3 signs from the list, immediately:

    1. Unplug your router for 10 minutes (this will disconnect all active connections).
    2. Change your Wi-Fi password and your router's admin panel password.
    3. Check the list of connected devices using all the methods in this article.
    4. Update your router firmware to the latest version.
    What to do if the hacker is already online?

    If you are sure that your router has been hacked (for example, the settings have been changed without your knowledge), the only reliable way is reset it to factory settings (button Reset (on the back panel) and configure it again from scratch. Do not restore settings from a backup—it may contain malicious changes!

    FAQ: Frequently Asked Questions about Wi-Fi Security

    Is it possible to find out who is connected to my Wi-Fi if I don't have access to the router?

    Yes, please use a mobile app (eg. Fing or NetCut) or the Windows command line (arp -a). These methods do not require access to the router settings, but will only show active devices.

    What should I do if I see an unknown MAC address in the list of connected devices, but the device name is familiar (for example, "iPhone")?

    This could be:

    1. Your device, but with a changed name (for example, after a factory reset).
    2. Someone else's gadget with a fake name (hackers often disguise themselves as popular devices).

    Check MAC address via MAC Vendors LookupIf the manufacturer does not match the declared name (for example, MAC from Samsung, and the name iPhone) - block the device.

    How do I permanently lock a device so it can't connect even after changing the password?

    Use MAC address filtering:

    1. Find the section in your router settings MAC Filtering or Access Control.
    2. Add the MAC address of the stranger to the blacklist (Deny).
    3. Save the settings and reboot the router.

    Now the device will not be able to connect, even if it knows the new password.

    Can my neighbor connect to my Wi-Fi if I hide the network name (SSID)?

    Hiding SSID (Hide SSID) — ineffective security measureAn experienced user can easily find your network using a scanner (for example, Wireshark or Airodump-ng). Better:

    • Use WPA3 encryption.
    • Turn it off WPS.
    • Enable MAC filtering (but remember that it can be bypassed).
    How can I check if my router has been hacked?

    Signs that your router (not just your Wi-Fi connection) has been hacked:

    • 🔧 Unknown rules in Port Forwarding or DMZ.
    • 📡 Changed DNS settings (for example, instead of the provider's DNS, 8.8.8.8 or unknown addresses).
    • 🔄 New administrators in the section Management or Users.
    • 📦 Unknown firmware or scripts in the section System Tools.

    If you found anything from this list, reset the router to factory settings and set it up again.