How do unsecured Wi-Fi networks create risk?
When wireless devices in a network are "open" or unsecured, they're accessible to any Wi-Fi-enabled device, such as a computer or smartphone, that's within range of their wireless signals.
Using open or unsecured networks can be risky for users and organizations. Adversaries using internet-connected devices can collect users' personal information and steal identities, compromise financial and other sensitive business data, "eavesdrop" on communications, and more.
What are some ways to protect a Wi-Fi network?
One basic best practice for Wi-Fi security is to change default passwords for network devices.
Most devices feature default administrator passwords, which are meant to make setup of the devices easy. However, the default passwords created by device manufacturers can be easy to obtain online.
Changing the default passwords for network devices to more-complex passwords—and changing them often—are simple but effective ways to improve Wi-Fi security. Following are other Wi-Fi network security methods:
Media Access Control (MAC) addresses
Another basic approach to Wi-Fi security is to use MAC addresses, which restrict access to a Wi-Fi network. (A MAC address is a unique code or number used to identify individual devices on a network.) While this tactic provides a higher measure of security than an open network, it is still susceptible to attack by adversaries using "spoofed" or modified addresses.
Encryption
A more common method of protecting Wi-Fi networks and devices is the use of security protocols that utilize encryption. Encryption in digital communications encodes data and then decodes it only for authorized recipients.
There are several types of encryption standards in use today, including Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access 2 (WPA2). See the section "Types of wireless security protocols" on this page for more details about these and other standards related to Wi-Fi security.
Most newer network devices, such as access points and Wi-Fi routers, feature built-in wireless-security encryption protocols that provide Wi-Fi protection.
Virtual private networks (VPNs)
VPNs are another source of Wi-Fi network security. They allow users to create secure, identity-protected tunnels between unprotected Wi-Fi networks and the internet.
A VPN can encrypt a user's internet connection. It also can conceal a user's IP address by using a virtual IP address it assigns to the user's traffic as it passes through the VPN server.
Security software
There are many types of consumer and enterprise software that also can provide Wi-Fi security. Some Wi-Fi protection software is bundled with related products, such as antivirus software. For more information about Wi-Fi security software, see the next question.
What is Wi-Fi security software?
A vast array of security software aimed at the consumer and enterprise markets can provide protection to wireless networks and Wi-Fi-enabled devices such as routers, switches, controllers, and access points. Many of these solutions are downloadable to wireless LANs (WLANs) and mobile devices.
Some newer software solutions designed to secure Wi-Fi are built into the backbone of the internet and are available via cloud platforms. These solutions provide a first line of defense against breaches of wireless networks by preventing users from accessing malicious sites.