Unauthorized Wi-Fi Connection: How to Detect and Prevent It

Has your home Wi-Fi suddenly slowed down? YouTube videos are constantly freezing, and browser pages are taking 10 seconds to load? Perhaps unauthorized devices have connected to your network—neighbors, random passersby, or even hackers using your traffic for illegal activities. KasperskyEvery fifth router in Russia has vulnerabilities that allow a password to be cracked in minutes.

The problem isn't just a slowdown. Unauthorized connections can lead to:

  • 🔴 Identity theft If a hacker intercepts traffic, they can gain access to social media passwords, bank details, or correspondence.
  • 🔴 Spread of viruses — all connected gadgets can become infected through your router.
  • 🔴 Legal problems — If illegal actions (for example, a DDoS attack) are carried out through your IP, you will be held responsible.

In this article we will look at how detect other people's devices on the network, identify them by MAC address, block access, and protect your router from repeated hacks. These instructions apply to popular models: TP-Link Archer C6, ASUS RT-AX56U, Keenetic Giga, Xiaomi Mi Router 4A and others.

1. Signs of an unauthorized Wi-Fi connection

Before checking the device list, pay attention to indirect signals. They will help you understand that something is wrong with the network:

  • 📉 A sharp drop in speed — even when only one device is connected. For example, before, a movie in 4K It used to load in 5 minutes, but now it takes 30.
  • 🔄 Spontaneous shutdowns — the router reboots without your intervention or gadgets lose connection.
  • 💡 Flashing WAN/LAN indicator - if the network activity light on the router is on when all your devices are turned off.
  • 📱 Unknown devices in the list — when trying to connect to the network, the notification “New device on the network” appears.

A particularly alarming sign is increased traffic at nightwhen you're not using the internet. This could mean your Wi-Fi is being used for cryptocurrency mining or torrent downloads.

📊 How often do you check the list of devices connected to your Wi-Fi?
Never
Once every six months
Once a month
Only if I notice problems

2. How to view a list of connected devices

The most reliable way to identify "outsiders" is to check the list of active clients in the router control panel. The instructions vary depending on the model:

For routers TP-Link:

  1. Open your browser and type in the address bar 192.168.0.1 or 192.168.1.1.
  2. Enter your login and password (default - admin/admin).
  3. Go to the section Wireless Mode → Wireless Mode Statistics.
  4. Look at the list Connected devices with indication of MAC addresses.

For routers ASUS:

  1. Go to the panel at the address router.asus.com.
  2. Select Network map in the left menu.
  3. Open the tab Clients — all connected gadgets will be displayed here.

For routers Keenetic:

  1. Enter in your browser my.keenetic.net.
  2. Go to DevicesList of devices.
  3. Click on any device to see its MAC address and connection history.

If you don't know your router's model, look for it on the sticker on the back of the device. The IP address for accessing the control panel is also listed there.

Check if the Ethernet cable is connected to the WAN port.

Reboot the router using the Reset button (hold for 10 seconds)

Try a different browser (Chrome, Firefox, Edge)

Disable VPN or proxy in your computer settings-->

3. How to distinguish between “your” and “foreign” devices

In the list of connected gadgets you will see names like Android-1234, iPhone-5678 or DESKTOP-ABCDBut how do you know which one is yours and which one is someone else's?

Identification methods:

  • 🔍 By name - many devices are displayed with a model (for example, Xiaomi Redmi Note 10). Compare with your gadgets.
  • 🔢 By MAC address — a unique network identifier. Find it in your smartphone or laptop settings:
    • On Android: Settings → About phone → General information → Wi-Fi MAC address.
    • On iPhone: Settings → Wi-Fi → (i) next to your network → MAC address.
    • On Windows: run the command in CMD:
      ipconfig /all | findstr "Physical Address"
  • 📱 Via mobile applications - For example, Fing (Android/iOS) or WiFi AnalyzerThey scan the network and show the device manufacturer by MAC address.

If there is a device with the name in the list Unknown or a MAC address that does not match any of your gadgets - this is 100% third-party client.

What is a MAC address and can it be faked?

A MAC (Media Access Control) address is a unique identifier assigned to a network adapter at the factory. Theoretically, it can be spoofed, but this requires physical access to the router or specialized software. In 99% of cases, hackers don't bother spoofing the MAC address, so it's sufficient for identifying intruders.

4. How to block unauthorized connections

Found a foreign device? Follow these steps:

  1. Change your Wi-Fi password:
    • Go to the router panel (instructions above).
    • Go to Wireless → Wireless Security.
    • Select encryption type WPA2-PSK (or WPA3, if supported).
    • Create a complex password (at least 12 characters with numbers, letters and special characters).
  2. Enable MAC address filtering:
    • Find the section in the router panel MAC address filter or Access control.
    • Whitelist only the MAC addresses of your devices.
    • Activate filtering—now only approved devices will be able to connect to the network.
  • Disable WPS:
    • WPS (Wi-Fi Protected Setup) is vulnerable to brute-force attacks. Disable it in your router settings.
    • After making the changes, reboot your router. All unauthorized devices will be automatically disabled.

      5. Additional Wi-Fi security measures

      To minimize the risk of being hacked again, follow these steps:

      Protective measure How to set up Efficiency
      Hiding the SSID Disable it in your router settings. Broadcast SSIDThe network will become invisible to outsiders, but you'll have to enter its name manually. ⭐⭐ (low - experienced hackers will find the network even without an SSID)
      Guest network Create a separate network for guests with limited access to local resources (tab Guest network). ⭐⭐⭐⭐ (high - isolates the main network)
      Firmware update Check the software update in the section System Tools → Firmware Update. ⭐⭐⭐⭐⭐ (critical - closes vulnerabilities)
      Disabling remote control In the security settings (Administration) block access to the router panel from the Internet. ⭐⭐⭐⭐ (high - prevents hacking through web interface vulnerabilities)

      We also recommend using VPN on a router (if supported). This encrypts all traffic, making it impossible to intercept. For example, routers ASUS support OpenVPN, A KeeneticWireGuard.

      6. What to do if a hacker has already stolen your data

      If you suspect that your personal information may have been stolen through your Wi-Fi, act quickly:

      1. Change your passwords from all important accounts (email, banks, social networks). Use a password generator (for example, Bitwarden or 1Password).
      2. Check activity:
        • IN Google Account: Security → Devices - delete unfamiliar ones.
        • IN VKontakte: Settings → Security → Active Sessions.
        • IN Sberbank Online: Profile → Login History.
    • Scan your devices for viruses by using Kaspersky Internet Security or Dr.Web CureIt!.
    • Contact the bankIf you notice suspicious transactions, block your cards and request new ones.

    If a hacker has used your IP for illegal activities (such as sending spam), save the router logs (section System log) and file a complaint with your provider. This will help prove that the actions were not yours.

    7. Popular Wi-Fi Security Myths

    There are many misconceptions surrounding wireless network security. Let's address the most common ones:

    ⚠️ Attention: If you believe even one of these myths, your network is vulnerable!
    • 🚫 "My 8-digit password is secure." — a brute-force attack will pick it up in 2-3 hours. Use passwords like k7#pL9!vR2$mQ.
    • 🚫 "WPS is secure if you disable PBC" Even the WPS PIN code is vulnerable. Disable WPS completely.
    • 🚫 "I hid my SSID so they can't find me." - a hidden network is visible in special programs (for example, Wireshark).
    • 🚫 "My router is new and doesn't need updates." — vulnerabilities are found even in new firmware (for example, in 2023 a flaw was discovered in TP-Link AX3000).

    Another dangerous misconception is "Neighbors won't be able to connect if the signal is weak."In fact, even with a signal strength of 1-2 bars, an experienced hacker can use directional antennas or amplifiers to connect.

    FAQ: Frequently Asked Questions about Unauthorized Access

    Is it possible to find out who exactly connected to my Wi-Fi?

    It's impossible to accurately identify a person by MAC address or IP address. However, you can:

    • View the device manufacturer by the first 6 characters of the MAC (e.g. 00:1A:79 - This Samsung).
    • Use programs like Wireshark for traffic analysis (requires skills).
    • Contact your provider and ask them to check the connection logs (not all operators provide this information).

    If you suspect a specific neighbor, you can temporarily change the password and observe the reaction.

    What happens if you don't block someone else's device?

    The consequences depend on the goals of the “guest”:

    • A harmless option — the neighbor is simply “showing off” at your expense by reducing his speed.
    • A dangerous option — a hacker can:
      • Intercept traffic (e.g. bank card data).
      • Launch a virus attack on your devices.
      • Use your IP for illegal activities (torrents, hacker attacks).

    In the worst case, you will be held legally responsible for actions taken from your IP.

    Can a hacker connect to my Wi-Fi if I use WPA3?

    WPA3 much safer WPA2, but it doesn't provide 100% protection. Vulnerabilities still exist:

    • Dragonblood — an attack on the WPA3 handshake process that allows password theft.
    • Weak passwords - even WPA3 is useless if you use simple combinations like 12345678.
    • Router firmware vulnerabilities — If the manufacturer has not released a patch, a hacker can exploit vulnerabilities in the software.

    Recommendation: Use WPA3 + complex password + regular firmware updates.

    How can I protect my Wi-Fi from hacking if I have an old router?

    If your router does not support WPA3 or modern security protocols:

    1. Update your firmware to the latest version (sometimes manufacturers add support for new standards).
    2. Buy a new router (minimum requirements: WPA3, dual-band 2.4/5 GHz, support OFDMA).
    3. Use a separate router in access point mode (eg. Ubiquiti UniFi) to create a secure network.
    4. Set up VLAN (virtual networks) for traffic isolation (requires knowledge of networking technologies).

    Old routers (eg. D-Link DIR-300 or TP-Link TL-WR740N) often have unfixable vulnerabilities. It's best to replace them.

    Is it possible to track a hacker through the police?

    Theoretically yes, but in practice it is extremely difficult:

    • The police rarely pursue such cases unless there is evidence of serious damage (such as theft of money).
    • Even if you provide router logs, the hacker can only be found through cooperation with the provider and law enforcement agencies.
    • In most cases, hackers use anonymizers or spoof MAC addresses, which makes identification more difficult.

    Better to focus on warning hacks, not on finding the culprits.