Are you worried about your internet connection? Do you suspect you're connected to Wi-Fi that is putting your data at risk? Do you fear your device might suffer a cyberattack?
In this guide, we will show you how to check if your home network is safe and secure. And we will explain how to ensure your data is secure no matter which public Wi-Fi hotspot you join.
How to check an internet connection is secure
Networks contain several vulnerability points that can put you and your devices at risk. Luckily, there are a few simple checks you can do to improve your security – no matter where you opt to use the internet.
Testing the security of your home WiFi network
Testing the security of your wireless network is a great idea, regardless of whether you're concerned there might be a security breach. It's a vital part of making sure you're protected against any future happenings.
First and foremost, one way to check if your network is secure is to connect to it from a new device, one that has never connected to the network before. If you aren't asked for a security key on connection, then your Wi-Fi network is open and therefore not secure, and anyone could log into it.
If you enter your router's IP address into the search bar of your browser and then input your username and password, the settings page for your router will come up. As most routers come with very basic default passwords, it's a good idea to change your router's password to something more secure. Just remember this isn't your Wi-Fi password, just the password to your router (we'll talk about Wi-Fi passwords later).
Using online security tests
There are testing tools available online that you can use to check if your home network is secure or not. F-Secure, for instance, has a router testing tool that can check if your settings have been modified to facilitate DNS hijacking. F-Secure is a reputable security suite brand, so this test is definitely legitimate. You can take their DNS hijacking test for free and it doesn't take too long to perform.
Check that your Firewall is functioning correctly
Your computer's firewall is your first line of defense against threats on the internet. It is a vital network security system that constantly monitors and controls incoming network traffic based on pre-defined rules.
Advanced firewalls also monitor outgoing traffic to block potentially malicious traffic. This allows the firewall to prevent malware exploits such as Trojans from communicating with Command and Control servers – either to steal your data or infect you with secondary payloads.
A firewall also protects against hackers who use port scanning tools to scan the internet for computers with open ports that could be vulnerable (and allow them to access your computer). If, for example, you have installed a program that opens the FTP port, hackers could attack you via that port.
Both macOS and Windows computers come with a native firewall. This means that all you need to do is tell your Operating System whether you are using a public or private internet connection, and it will do everything else for you.
You only need to alter the firewall settings if something conflicts – or you need to whitelist a program from the perimeter created by the firewall's default settings.
How to turn on the Firewall on Windows 10
In Windows 10, the firewall is part of the native security suite called Windows Defender. This firewall can be turned on and off (comes on by default) and can be configured depending on your needs. Below, we have explained how to ensure it is turned on:
- Click on the Windows icon in the far left of your taskbar, followed by Settings (the cog symbol that appears just above it).
- Scroll down and click Update & Security to open the menu.
- Now click on Windows Security in the menu on the left.
- Next, on the menu that opens on the right, click on Firewall and network protection
- All three settings should be turned On by default (Domain network, Private network, and Public network). However, if any of them are not already on, click on them and then the button to turn them On.
How to turn on the Firewall on Mac
Mac firewall settings can be found in the Security and Privacy preference in System Preferences. To enable Firewall in macOS and OS X v10.6 or later:
- Go to System Preferences > Security & Privacy.
- Click on the Firewall tab.
- Click on the lock icon in the bottom left and enter your administrator password.
- Click Turn On Firewall (or Start in OS X).
The native Mac firewall is designed to prevent unauthorized applications, programs, and services from accepting incoming connections. Thus, if you want an advanced firewall that also scans outgoing packets, you will need to use a more sophisticated firewall such as Little Snitch.
How to test your firewall
Once you have assured that your Firewall is switched on, you can test it to make sure it is working. The good news is that you don't need to hire a penetration tester to do this because there are services designed to probe your Firewall for vulnerabilities automatically.
ShieldsUP from the Gibson Research Corporation is a useful service that anybody can use to check the integrity of their computer's firewall for common vulnerabilities and open ports.
If you have never tested your computer before, the service recommends that you start by using the File Sharing and Common Ports buttons.
There are four tests available on the website:
- File-Sharing test. This tests the ports associated with vulnerable file sharing ports and services.
- Common Ports test. This probes the ports employed by commonly used applications, including FTP, Telnet, NetBIOS, and many others.
- All Service Ports test. This scans through all of your ports from 0 to 1056 to ascertain whether any might be unnecessarily open and vulnerable. The test will reveal whether they are open (designated in red), closed (designated in blue), or in stealth mode (designated in green). If you have any red ports, you should investigate your firewall setting to find out what application is running on that port.
Messenger Spam test. This sends you a test Microsoft Windows Messenger message to see if you are potentially vulnerable to attacks carried out by spammers using these types of messages.
After testing with ShieldsUP you will know whether there are any holes in your firewall's security, and you can follow the instruction provided by ShieldsUP to tighten up your system.
If you investigate a suspected open port on your system and are unable to ascertain what program in running on it, we recommend that you close the port and run a malware scan to find out whether you have become infected with malware (or a botnet) that is exploiting that port.
In addition, you could opt for a more secure firewall that provides better security. We tested a PC with the firewall that comes with Vipre antivirus, for example, and found it passed all of ShieldsUP's tests with flying colors:
Secure your router against hackers
How your router is set up can vastly affect the security of your local network. This is why it is vital to ensure it has been set up using the most robust security available.
In 2021, the most robust Wi-Fi encryption available to home users is WPA2, and we strongly recommend that you set up your router using this protocol. To do so:
- Log in to your router's admin panel (enter the IP address for the router into your browser, followed by your username and password)
- Find the encryption protocol settings in the admin panel and ensure it is set to WPA2
In addition, we recommend that you check that you have updated the default passwords (router admin password and router access password), updated your network's name, and hidden your network from public view.
For more information on how to improve your Wi-Fi's security, check out our full Wi-Fi security guide.
Make sure your Wi-Fi password is secure
Making sure your Wi-Fi password is secure is vital to making sure your home network is secure. Having a complex Wi-Fi password will ensure unwanted actors aren't able to access your network - and making it as complicated as possible is the best way to do that.
How to change your Wi-Fi Password
Just below I'm going to provide some general instructions on how to change your router's Wi-Fi password. This will differ slightly depending on the model you have, but these are the broad steps you'll have to take.
- Find your router's IP address (usually on the bottom of the router).
- Type that into the search bar of your browser.
- Enter your router's username/password (also on the bottom of the router). This should land you on your router's configuration page.
- Navigate to the 'wireless' or 'wireless security' section of the control panel.
- Enter a new password in the space provided.
How to check what encryption a Wi-Fi hotspot is using
When you are at home, you can easily check the encryption your router is using by logging in to the admin panel to set it to WPA2.
When you use public Wi-Fi hotspots, however, you are at the whim of whoever set that network up. For this reason, it is a good idea to check what encryption the network is using. To do this:
- Tap on Security to check the encryption standards (on some devices the encryption type will be written underneath the word Security in the menu.
- Click on the internet connection symbol in the bottom right of your Windows desktop (in the system tray).
- Click on the network you are connected to, followed by Properties.
- Scroll down to the Properties section at the bottom and locate Security type. This will tell you the type of encryption being used by the local Wi-Fi network.
- Navigate to System Preferences and choose Network
- Select Wi-Fi (or Airport) and click the Advanced option in the bottom right
- In the Wi-Fi tab, the security encryption type is listed under Security
Run a Browser Disclosure Test
The ShieldsUP resource also has a Browser Headers tool for checking whether your browser is revealing important sensitive information about you and your computer.
When you look at the test results, you should preferably not be able to see any information that identifies you or your system.
Improve your browsing privacy
To improve your browser privacy, we recommend that you use Firefox with privacy extensions such as:
Use a Virtual Private Network (VPN)
If you often connect to public Wi-Fi hotspots, it is possible you could accidentally join an insecure network. For this reason, it is a good idea to take your data's security into your own hands.
A VPN encrypts all of your data before it leaves your computer or mobile device. This robust encryption ensures that your data is private as it passes both over a local Wi-Fi network and the internet itself.
When you use a VPN, you no longer need to worry about the kind of encryption a local Wi-Fi hotspot is using. The military-grade VPN encryption means that you can use any hotspot, even one that has been set up with no security - or perhaps by a cybercriminal.
As a result, a VPN is by far the best way to improve the security and privacy of your internet connection:
- It prevents Wi-Fi hotspots providers from snooping on your data, ad web habits
- It will protect you against hackers on a local Wi-Fi network
- It will prevent your ISP from tracking your web visits and engaging in metadata retention
- It will ensure that the government cannot access that web history and metadata.
Due to the high levels that a VPN provides, we recommend that you use one, both at home and while on public Wi-Fi. To find a reliable VPN please visit our best VPNs of 2021 comparison page.
How to check your VPN for leaks
An important thing to remember is that not all VPN providers are reliable, and not all VPN applications were created equal. As a result, we advise anybody who uses a VPN to gain better security online to:
- Make sure they get a VPN service that is trustworthy and reliable (has strong privacy policies and apps that work properly)
- Test their VPN connection themselves to ensure that it is not suffering from any leaks
If a VPN leaks data, it is possible that your privacy and data security is being compromised. As a result, using the VPN software can actually lead to a false sense of security.
The good news is that anybody can use our online leak test tool to check their VPN for IP leaks, DNS leaks, and WebRTC leaks. As long as the VPN suffers from no leaks, it is working correctly and you can trust the VPN software to provide robust encryption for your data.
Check for the HTTPS prefix while browsing
Checking the prefix of the URL for a website is another way to check how secure your internet connection to a website is.
Secure websites use encryption certificates to authenticate the type of security they are using. This allows you to look at the URL to check whether the connection is safe.
Safe websites have the HTTPS prefix, so all the data between you and that website is being encrypted with robust Transport Layer Security (TLS).
The good news is that anybody can quickly check whether their connection to a website is secure. To do so, look up at the URL bar in your browser and check for the HTTPS prefix and the little padlock to the left. These two things indicate that the connection to the website is safe, and that there is no chance of your data being intercepted by eavesdroppers.
If, on the other hand, the website has the HTTP prefix, this means that the connection might be vulnerable, and it is vital that you do not enter any personal details, credentials, passwords, or payment details while visiting that website.
Use active malware protection
If you don't have anti-virus software on your laptop or computer... Where have you been? Using anti-virus software on devices connected to the internet is essential to keeping yourself safe and secure. Antivirus software scans, detects, and eradicates malicious software, viruses, trojans, adware, and other threats you don't want anywhere near your computer.
One of the main advantages of antivirus software is that you can perform real-time scans on your computer. If you think, for one reason or another, that you might have a virus lurking around in the depths of your device, then an antivirus program is the most straightforward way to check if your hunch is correct. Many people scan their computers for malware on a pre-scheduled basis, and this is a good way to find any malevolent exploits after they have made their way onto your computer, to ensure they are quarantined or deleted to stop them from doing harm.
However, the very best malware programs actually scan for incoming exploits in real-time. A lot of antivirus services nowadays also provide warnings when you surf the web, testing if websites looking suspicious before you enter them and serving you warnings if you do, and scan your emails for threats too. As a result, these programs constantly monitor your internet connection for incoming threats and warn you when you might be at risk.
Due to the massive amount of threats currently circulating online, we strongly recommend that everybody use malware protection with active scanning. For what it does, a lot of antivirus software these days is actually very affordable. It's hard to put an exact price on your privacy, freedom, and digital property, but even so, you can get your hands on very comprehensive, up-to-date services that are also excellent value for money. If you don't have antivirus software installed yet, check out the best ones here.