Home Wi-Fi security isn't just about protecting yourself from freeloaders who might connect to your internet. It's a barrier against cyberthreats, from identity theft to the use of your IP address for illegal activities. According to research, Kaspersky for 2026, 68% of home network vulnerabilities are associated with weak Wi-Fi security. At the same time, 34% of users still using an outdated protocol WEP or don't set a password at all.
If you've never changed your router's default settings, your network is vulnerable. Even if you have a password set, it may be too simple (for example, 12345678 or admin), making it an easy target for brute-force attacks. In this article, you will find step-by-step instructions for all popular brands of routers (TP-Link, ASUS, Keenetic, MikroTik), you will understand the differences between WPA3, WPA2 And WEP, and you'll also learn how to create a password that won't be hacked in 5 minutes.
Why Open Wi-Fi Is Dangerous: 5 Real Threats
Many people mistakenly believe that if their internet slows down, it's their ISP's fault. But often the problem lies with an unsecured network that someone else has connected to. Here's what can happen if your Wi-Fi is left without a password:
- 🕵️ Traffic theftNeighbors or passersby may be using your internet connection, causing speed drops during peak hours. This is especially true for plans with a GB limit.
- 💳 Phishing attacksAttackers can spoof your router's DNS servers and redirect you to fraudulent websites (such as fake banking pages).
- 🖥️ Hacking devices on the networkThrough protocol vulnerabilities UPnP Hackers can gain access to your gadgets, from your smartphone to your smart refrigerator.
- 📡 Distribution of malwareBy connecting to your network, an attacker can download a virus to connected devices via the local network.
- 🚨 Legal liabilityIf illegal activity (such as a DDoS attack) is carried out through your IP address, proving your innocence will be difficult.
Not only a password, but also proper router settings can help block threats. For example, disabling WPS (simplified connection by PIN code) reduces the risk of hacking 40% according to the report Cisco Talos. And use WPA3 instead of WPA2 makes password interception virtually impossible for most hacking tools.
Which security standard should you choose: WEP vs. WPA2 vs. WPA3
When setting up a password, the router will prompt you to select an encryption type. This determines how secure your network will be. Let's look at all the options:
| Standard | Year of release | Security level | Speed of work | Device support |
|---|---|---|---|---|
| WEP | 1997 | ❌ Extremely low | Low | All devices |
| WPA | 2003 | ⚠️ Outdated (vulnerable to attacks) | Average | All devices |
| WPA2 (AES) | 2004 | ✅ High | High | 99% of devices |
| WPA3 | 2018 | ✅✅ Maximum | Very high | Devices after 2019 |
WEP can be cracked in 3-5 minutes using free tools like Aircrack-ng. This protocol uses static encryption, which is easy to crack. WPA2 with encryption AES — the minimum acceptable standard for 2026. However, if your router supports WPA3, choose it: this protocol eliminates vulnerabilities WPA2 (for example, attack KRACK) and uses individual encryption for each device.
⚠️ Note: Some older devices (such as printers or IP cameras) may not support WPA3In this case, use WPA2/WPA3 Transition Mode - a hybrid mode that ensures compatibility.
Step-by-step instructions: how to set a password for Wi-Fi
The password setup process varies depending on the router model, but the general process is the same. We'll cover the general algorithm and then highlight the specifics for popular brands.
Plug in the router and wait until it is fully loaded (the indicators should be steady)
Connect to the router's network via cable (recommended) or Wi-Fi (if the network is open)
Find out the IP address of your router (usually found on a sticker: 192.168.0.1, 192.168.1.1 or 192.168.8.1)
Prepare a new password (at least 12 characters, with letters, numbers, and special characters)
-->
Universal instructions for all routers
Open your browser and enter the router's IP address in the address bar (for example,
192.168.1.1). ClickEnter.Enter your username and password to access the control panel. The default information is usually found on the router sticker (usually
admin/adminoradmin/password).Go to the section
Wireless network(orWi-Fi,Wireless).Find the field
Network name (SSID)— Here you can change the name of your Wi-Fi. We recommend using a unique name that does not contain personal information (e.g., notIvanov_Family, AStarlink_742X).In the section
Security(orSecurity) select the encryption type:- 🔒 WPA3-Personal (optimal option)
- 🔓 WPA2-PSK [AES] (if WPA3 is not supported)
In the field Password (or Password, Passphrase) Enter the password you created. The minimum length is 8 characters, but 12+ is better.
Save settings (button Save, Apply or Apply). The router will reboot.
After rebooting, reconnect to the network using the new password. All previously connected devices will be disconnected and will need to be reconnected.
Features for popular router brands
Router interfaces vary from manufacturer to manufacturer. Here are brief instructions for the most common brands:
- 📡 TP-Link: Chapter
Wireless → Wireless Security. Select WPA/WPA2 – Personal and enter the password. - 🖧 ASUS:
Wireless Network → Authentication Method. It is optimal to choose WPA3-Personal. - 🌐 Keenetic:
Wi-Fi Network → Access Point → SecurityYou can turn it on here. WPA3 and set up a guest network. - 📶 MikroTik: IN
Wireless → Security Profilescreate a new profile with WPA2 PSK and link it to the network. - 🏠 Rostelecom/MTS/Beeline: Usually the provider's web interface is used. Look for the section
Wi-Fi → Security Settings.
⚠️ Attention: On routers Zyxel Keenetic the function is enabled by default Smart password, which simplifies connecting devices. Disable it in the security settings for maximum protection.
How to create a strong Wi-Fi password
A weak password negates all security efforts. Hackers use dictionary attacks and rainbow tables to guess simple combinations in minutes. Here are the rules for creating a strong password:
- 🔢 Length: minimum 12 characters (optimally 16+). Each additional character increases the guessing time exponentially.
- 🔤 Symbols: Use upper and lower case letters, numbers and special characters (
!@#$%^&*). Avoid obvious substitutions (pa$$w0rdeasy to hack). - 🚫 Prohibited combinations:
- Dates of birth, names, nicknames of pets.
- Popular phrases (
qwerty,iloveyou,password). - Phone numbers, addresses, router models.
- 🔄 UpdateChange your password every 6-12 months. This will protect against leaks (for example, if a guest leaks your password).
Examples of strong passwords:
T3$la_C0ff33_With_M!lkV3ry_L0ng_P@ssw0rd_42!K1tch3n_S1nk_F4uc3t_2026
To avoid forgetting your password, write it down in a safe place (for example, in a password manager) KeePass or Bitwarden) or on paper kept at home. Do not send the password via SMS or instant messaging!
How to check how strong your password is?
Use services like How Secure Is My Password (Don't enter your real password!). They show an approximate time it will take to crack. For example, the password Sunshine123 they will hack in 2 hours, and P@ssw0rd_With_$p3c!@l_Ch@rs — for 3 billion years.
Additional router security settings
A password is just the first step. To make your network truly secure, configure these settings:
Disable WPSThis feature allows you to connect to the network using a PIN code that is easy to guess. In routers TP-Link And ASUS It can be disabled in the section
Wi-Fi → WPS.Change the default login and password for the admin panelBy default, this is often
admin/admin. Change them to complex combinations in the sectionSystem Tools → Password.Enable MAC address filteringThis will allow only authorized devices to connect to the network. Find the section
Wireless Mode → MAC Filter.⚠️ Note: MAC addresses can be spoofed, so this method does not provide 100% protection. Use it as an additional precaution.
Disable remote controlIf you don't administer the router from the outside, disable access to the control panel from the internet (
Administration → Remote Management).Update your router firmwareManufacturers regularly release patches for vulnerabilities. Check the software's current status in the section
System Tools → Update.
For advanced users: on routers MikroTik or Ubiquiti can be customized VLAN for a guest network, limit the speed for individual devices or enable Firewall to block suspicious connections.
How to Check Who's Connected to Your Wi-Fi
If your internet speed suddenly drops, it's possible that someone else has connected to your network. You can check this through your router's control panel or special apps.
Method 1: Via the router's web interface
Go to the router control panel (how to do this is described above).
Find the section
DHCP,Local area networkorConnected devices(names may differ).View the list of devices with their IP addresses, MAC addresses and names. Compare with your gadgets.
Unknown devices can be blocked (usually there is a button
BlockorBlock).
Method 2: Using mobile apps
For smartphones on Android or iOS There are utilities that scan the network and show connected devices:
- 📱 Fing (free for basic functionality).
- 🔍 NetCut (allows you to block devices).
- 🛡️ WiFi Guard (notifies about new connections).
If you detect an intruder, immediately change your Wi-Fi password and check your router's security settings (especially WPS and MAC address filtering).
Common Mistakes When Setting Up a Wi-Fi Password
Even experienced users sometimes make mistakes that can ruin all their network security efforts. Here are the most common ones:
- 🔑 The password is too short. Password
12345678Hacked in seconds. Use at least 12 characters. - 📋 Using a standard SSIDThe network name is something like
TP-Link_4321gives out the router model, which makes it easier to find vulnerabilities. - 🔄 Untimely firmware updateOutdated software contains critical vulnerabilities (e.g. CVE-2021-20090 in routers Netgear).
- 🌐 Open ports. Check in the section
Port forwarding- are ports open for remote access (for example,8080or3389). - 📡 There is no guest networkIf you frequently have guests, create a separate network with limited access to local resources.
Another typical mistake is ignoring guest networkIt allows you to provide internet access without compromising your main network. Configure it in the section Guest network (Guest Network) and set a separate password.
FAQ: Answers to Frequently Asked Questions
Is it possible to set a Wi-Fi password without access to the router?
No. To change security settings, you need access to the router's control panel. If you don't know the admin password, you'll have to reset the router to factory settings (using the button). Reset) and configure it again.
What password is impossible to hack?
There are no 100% hack-proof passwords, but the most secure one is a random combination of 16+ characters with capital letters, numbers, and special characters. Example: 7x!A#9Lp$2qR*5vNSuch a password would take millions of years to crack, even on a supercomputer.
What to do if you forgot your Wi-Fi password?
There are three ways:
- View the password in the router settings (section
Wireless Network → Security). - If you are connected to the network on Windows: open
Settings → Network & Internet → Wi-Fi → Manage known networks, select your network and clickProperties— the password will be displayed under the asterisks (you need to clickShow symbols). - Reset the router to factory settings and configure it again.
Do I need to change my password if I have WPA3?
Yes, even with WPA3 It's recommended to change your password once a year. This will protect against leaks (for example, if you gave your password to a guest who might save it) and new protocol vulnerabilities.
Is it possible to set a password for Wi-Fi via phone?
Yes, if your router has a mobile app (eg. TP-Link Tether, ASUS Router or Keenetic). You can change security settings in it in the same way as through the web interface.