Who's using my Wi-Fi? How to find and remove other people's devices from my network

Have you noticed your internet has become slower and your data is running out early? Someone else might be accessing your Wi-Fi. Kaspersky, every fifth router in Russia has vulnerabilities that allow hackers or neighbors to use your network without permission. In this article, we'll look at how check the list of connected devices, identify unfamiliar gadgets and block them forever - without complex settings and special programs.

The problem isn't just traffic theft. Other devices on your network can:

  • 🕵️‍♂️ Intercept personal data (passwords, bank details, correspondence) if the network is not protected by encryption.
  • 🐢 Slow down — especially if the "neighbor" is downloading torrents or watching 4K videos.
  • 🚨 Spread viruses to other devices on the local network (for example, through vulnerabilities in DLNA or SMB).
  • 📡 Use your IP for illegal activities (downloading pirated content, attacks on websites).

We've compiled up-to-date testing methods for routers from various brands, including hidden features not covered in standard instructions. We'll also explain how detect "invisible" devices that disguise themselves as legitimate ones (for example, by changing the MAC address).

1. How to check the list of devices through the router's web interface

The most reliable way is to log into your router's control panel. The login address is usually located on a sticker on the device (e.g., 192.168.0.1 or 192.168.1.1). The default login and password are also there - often it is admin/admin or admin/password.

Instructions for popular brands:

  • 🔹 TP-Link: Go to Wireless Mode → Wireless Mode Statistics or DHCP → DHCP Client List.
  • 🔹 ASUS: Open Network Map → Clients or Local Network → DHCP Server.
  • 🔹 Keenetic: On the menu Devices → Device List (here you can immediately block suspicious gadgets).
  • 🔹 Xiaomi/Mi Router: Chapter Devices in the mobile application or web interface.
📊 What kind of router do you have at home?
TP-Link
ASUS
Keenetic
Xiaomi
D-Link
Another

If you don't recognize your device in the list, please note:

  • 📱 Host name (For example, iPhone-12-Pro or Samsung-Galaxy-S21).
  • 🔢 MAC address — unique identifier (example: 00:1A:2B:3C:4D:5E). The first 3 pairs of characters indicate the manufacturer (you can check it through services like MAC Vendors Lookup).
  • 🌐 IP address (For example, 192.168.0.105).

2. Signs that someone has connected to your Wi-Fi without permission

Even if you haven't accessed your router settings, there are indirect signs of network "broadcasting":

Sign Possible cause How to check
Internet speed has dropped sharply A third-party device is consuming traffic (torrents, streaming) Run a speed test on Speedtest.net and compare with the tariff
Traffic ends early Someone is downloading large files or updates Check your statistics in your provider's personal account
The router often overheats. Increased CPU load due to extra connections Touch the case - if it's hot, check the device list
Unknown devices on the network (for example, in Google Home or Samsung SmartThings) Other people's gadgets are trying to connect to smart speakers or light bulbs. Open your smart home app and look at the list

It is especially dangerous if you notice unauthorized connections to smart devices (cameras, speakers, thermostats). Attackers can use them for spying or attacking the entire network.

3. How to detect "invisible" devices (MAC address spoofing)

Experienced users can spoof MAC address your device to make it look like yours. For example, your laptop has a MAC A1:B2:C3:D4:E5:F6, and the hacker connects using the same address but from a different device. How can this be detected?

Calculation methods:

  1. Ping test: Open a command prompt (Win + R → cmd) and enter:
    ping 192.168.0.101 -t

    If responses are delayed or interrupted, the IP may be in use by two devices.

  2. ARP scan: Utility Advanced IP Scanner or command:
    arp -a

    Shows all IP and MAC addresses on the network. Compare with the router data.

  3. Traffic analysis: Programs like Wireshark or GlassWire will show which devices are actively transmitting data.
What is MAC spoofing?

This is a technique where an attacker changes their device's MAC address to someone else's to bypass blocking or remain undetected. For example, if a router has blocked the MAC address. XX:XX:XX:XX:XX:XX, a hacker can replace it with an authorized one and connect again.

If you find a duplicate MAC address:

⚠️ AttentionImmediately change your Wi-Fi password to a complex one (at least 12 characters, including numbers and special characters) and enable MAC filtering in your router settings. Also, scan all devices for viruses—some Trojans automatically spoof MAC addresses to spread across the network.

4. How to block other people's devices: step-by-step instructions

If you find a foreign device, you need to disable it. The methods depend on the router model:

☑️ Blocking the device in the router

Completed: 0 / 5

For TP-Link:

  1. Go to Wireless Mode → MAC Filtering.
  2. Select mode Ban.
  3. Add the MAC address of someone else's device to the list.
  4. Save and reboot the router.

For ASUS:

  1. Open Local Network → DHCP Server.
  2. Find the device in the list and click on the lock icon.
  3. Activate the option Enable access control.

If your router does not have a blocking function:

  • 🔄 Change your Wi-Fi password to complex (for example, W7f#9Kp2$Lm1!).
  • 🔒 Enable WPA3 encryption (if supported) or WPA2-AES (in settings Wireless Mode → Security).
  • 📵 Disable WPS - This function is vulnerable to brute force attacks.
  • 🕶️ Hide the SSID (network name) so that it is not visible in the public list.

5. Programs for monitoring Wi-Fi networks (for advanced users)

If the standard router tools are not enough, use specialized software:

Program Functions Link (official)
Wireless Network Watcher (NirSoft) Scans the network, shows IP, MAC, device manufacturer nirsoft.net
GlassWire Monitors traffic in real time and identifies suspicious activity glasswire.com
Fing (mobile app) Checks the network from your phone, testing speed and security App Store / Google Play
Angry IP Scanner Scans IP addresses, ports, and identifies open services angryip.org

Example of use Wireless Network Watcher:

  1. Download and run the program (no installation required).
  2. Click Start Scanning.
  3. The program will show all devices on the network, indicating MAC, IP, and manufacturer.
  4. Export the report to HTML or CSV for analysis.
⚠️ Attention: Some antiviruses (for example, Kaspersky or ESET) may block network scanners as potentially dangerous. Add the program to the exceptions list if you are confident it is safe.

6. How to protect your Wi-Fi from re-hacking

Even after blocking other people's devices, your network remains vulnerable unless you take additional measures. Here mandatory steps for protection:

  • 🔐 Use a complex password (at least 12 characters, with capital letters, numbers, and symbols). Example: K!7p#9Lm$2026!.
  • 🔄 Change your password every 3-6 months (especially if guests connect to the network).
  • 🛡️ Enable guest network For friends, it is isolated from the main one and does not provide access to local devices.
  • 📡 Disable remote control of your router (option Remote Management in the settings).
  • 🔍 Update your router firmware — Manufacturers regularly patch vulnerabilities.
  • 🚫 Disable WPS connection (This is a vulnerable protocol that can be hacked in a few hours).

For maximum security, please set up VLAN (Virtual Local Area Networks) - this will separate traffic into groups (e.g., smart devices, computers, guests). This feature is available in mid-range and high-end routers (e.g., ASUS RT-AX88U or Keenetic Ultra).

7. What to do if the hacker is already online?

If you discover that an intruder has connected to your network (for example, through traffic analysis or strange device activity), follow these steps:

  1. Turn off the Internet on the router (you can remove the provider cable or disable WAN in the settings).
  2. Change your Wi-Fi password and the router admin password (they must be different!).
  3. Check all devices for viruses (use Kaspersky Virus Removal Tool or Malwarebytes).
  4. Update your router firmware to the latest version.
  5. Enable logging (connection logging) in the router settings.
  6. Check your DNS settings - if they are changed to 8.8.8.8 or another public DNS without your knowledge, this is a sign of an attack.

If you suspect a hacker has accessed your data:

  • 🔑 Change passwords for important services (email, banks, social networks).
  • 🛡️ Enable two-factor authentication wherever possible.
  • 📱 Check the list of authorized devices in your accounts (for example, in Google Account or Apple ID).
⚠️ Attention: If after all the steps the suspicious activity continues, your router may be infected with malware (for example, VPNFilter or Mirai). In this case, the only way out is to reset the settings to factory settings (Reset) and configure the router again.

FAQ: Frequently Asked Questions about Wi-Fi Security

Is it possible to find out who exactly connected to my Wi-Fi (name, address)?

No, you can only determine the manufacturer of a device using a MAC or IP address (for example, Apple or SamsungTo identify a specific person, you need to contact the police with a report of unauthorized access—they can request data from the provider (but only if there is evidence of a crime).

My neighbor connected to my Wi-Fi and refuses to disconnect. What should I do?

First, block his device through the router and change the password. If he continues to hack it (for example, by guessing the password), you can:

  1. Install speed limit for its MAC address (if the router supports QoS).
  2. Turn on filtering by time (for example, turning off Wi-Fi at night).
  3. Contact your provider and ask them to change your external IP address (this sometimes helps against persistent "freeloaders").

Legally this qualifies as unauthorized access to computer information (Article 272 of the Criminal Code of the Russian Federation), but it is difficult to prove the neighbor’s guilt.

Can a hacker connect to my Wi-Fi if I hide the SSID?

Yes. Hiding the network name (SSID) does not protect against experienced users - they can find the network by scanning the air (for example, with the program Airodump-ng). This only makes it more difficult for random people to connect. For real protection, use WPA3 And MAC filtering.

How can I check if my router has been hacked?

Signs of a hacked router:

  • 🔴 Unknown devices in the client list.
  • 🔴 Changed DNS settings (for example, on 8.8.8.8 or 1.1.1.1 without your knowledge).
  • 🔴 The router reboots itself or behaves erratically.
  • 🔴 In the magazine (System Log) there are suspicious entries (for example, login attempts from unfamiliar IPs).

If you notice any of these issues, reset your router to factory settings and update the firmware.

Which routers are the most secure against hacking?

According to the study AV-TEST (2023), the safest models:

  • 🥇 ASUS RT-AX86U (built-in antivirus AiProtection, WPA3 support).
  • 🥈 Netgear Nighthawk RAXE500 (DDoS protection, automatic firmware update).
  • 🥉 Keenetic Ultra (built-in firewall, support IPS/IDS).

Budget option: TP-Link Archer AX21 (good balance between price and safety).