Most people set up their home router once and never think about it again. Plug it in, connect devices, done. But your home network is the gateway to everything — your computers, phones, smart home devices, security cameras, and all the data on them. Spending 30 minutes securing it properly is one of the best investments you can make.

You don’t need to be technical. These steps are straightforward, and most take less than five minutes each.

Change Your Router’s Default Login

Every router comes with a default admin username and password, usually something like admin/admin or admin/password. These defaults are publicly listed on the internet for every router model. If you haven’t changed yours, anyone nearby can access your router’s settings.

Log into your router (usually by typing 192.168.0.1 or 192.168.1.1 into your browser), find the admin settings, and change both the username and password. Use a strong, unique password. This isn’t the Wi-Fi password — it’s the password to your router’s control panel.

Update Your Router’s Firmware

Router manufacturers release firmware updates that patch security vulnerabilities. Most routers don’t update automatically, so these patches go uninstalled for years.

Check your router’s admin panel for a firmware update option. Some newer routers have automatic updates — turn that on if it’s available. If your router is more than five years old and no longer receiving updates, it’s worth replacing. An unsupported router is a security liability.

Use Strong Wi-Fi Encryption

Your Wi-Fi should be using WPA3 encryption if your router supports it, or WPA2 at minimum. WPA and WEP are older standards with known vulnerabilities — they can be cracked in minutes with freely available tools.

Check your router’s wireless security settings and select WPA3 or WPA2-AES. While you’re there, make sure your Wi-Fi password is strong: at least 12 characters, mixing letters, numbers, and symbols. “password123” is not acceptable, regardless of the encryption standard.

Set Up a Guest Network

Most modern routers let you create a separate guest network. This gives visitors internet access without giving them access to your main network and the devices on it.

It’s also useful for smart home devices. Your smart light bulbs, robot vacuum, and video doorbell don’t need to be on the same network as your laptop and phone. Putting IoT devices on the guest network limits the damage if one of them gets compromised — and smart home device security is notoriously poor.

Disable WPS

Wi-Fi Protected Setup (WPS) was designed to make connecting devices easier by letting you press a button on the router instead of entering a password. Unfortunately, WPS has known vulnerabilities that make brute-force attacks straightforward.

Unless you regularly need WPS, turn it off. It’s usually in your router’s wireless settings. The minor inconvenience of typing a password is worth the security improvement.

Turn Off Remote Management

Some routers allow remote management, meaning you can access the admin panel from outside your home network. Unless you specifically need this (you almost certainly don’t), turn it off. It’s another potential entry point for attackers.

This setting is usually under “remote administration” or “remote management” in your router’s settings. Make sure it’s disabled.

Change Your Network Name (SSID)

Your router’s default network name often reveals the manufacturer and model (like “NETGEAR-5G” or “Linksys2847”). This gives potential attackers useful information about your hardware and its known vulnerabilities.

Change your SSID to something that doesn’t identify the router brand or model. Don’t use your name or address either. Something generic is fine. And resist the temptation to name it something “clever” like “FBI Surveillance Van” — it was funny in 2012, less so now.

Enable Your Router’s Firewall

Most routers have a built-in firewall that filters incoming traffic. It’s usually enabled by default, but it’s worth checking. Look for “firewall” or “SPI firewall” in your router’s security settings and make sure it’s turned on.

This isn’t a replacement for software firewalls on your individual devices, but it adds a useful layer of protection at the network level.

Monitor Connected Devices

Periodically check which devices are connected to your network. Your router’s admin panel will show a list. If you see something you don’t recognise, investigate. It could be a neighbour who guessed your password, or it could be a forgotten smart device. Either way, you should know what’s on your network.

Some routers and mesh systems offer apps that make this easier, showing you every connected device with friendly names and alerting you when new devices join.

Consider DNS-Level Filtering

Services like Cloudflare’s 1.1.1.3 (family mode) or NextDNS let you filter malicious domains at the network level. Change your router’s DNS settings to one of these services and every device on your network gets basic protection against known malware and phishing domains. It takes about two minutes and costs nothing.

The Quick Checklist

If this all feels like a lot, here’s the priority order. Do these five things and you’ll be ahead of 90% of home networks:

1. Change your router admin password
2. Update your router’s firmware
3. Make sure you’re using WPA2 or WPA3
4. Set up a guest network for IoT devices
5. Disable WPS

That’s 20 minutes of work for significantly better security. Your future self will thank you.