[responsivevoice_button buttontext="Listen to this post"]
OVERVIEW: CRYPTOCURRENCY WIFI SECURITY GUIDE BEST TIPS
Yes, You can be hacked while using WiFI! Using WiFi can expose your money and your data to many risks. This page of cryptocurrency WiFi security guide best tips is for cryptocurrency owners who want to learn how to keep their currency safer while using any WiFi network. All of these same tips also apply to anyone who uses WiFi for any reason at all, not just for cryptocurrency.
Many people don’t realize that Wifi routers can be hacked. Hacking is no longer a treat to just your computers and phones. If you enter your cryptocurrency secret codes while connected to one of these hacked WiFi networks then your currency can be stolen. And it’s not just cryptocurrency that hackers want. They also want access to your online bank accounts. And your email, social media, and other login information. Furthermore, a compromised router can also be used to launch attacks on other computers outside of your local network. This can be done hacking your router to make it a part of what is called a malicious “botnet”.
This can happen on any type of WiFi network: public WiFi hotspots, office WiFi networks, and even on home WiFis. It can occur whether the WiFi is password protected, or not. So follow our cryptocurrency WiFi security guide best tips to reduce the chance that you will be exposed.
In the text below consider all of the following terms as equivalent to meaning the box that transmits the WiFi signal:
- WiFi Access Point
- WiFi Router
- WiFi Hardware
If you see the term just “WiFi” used alone then that refers to the wireless signal connection between your device and the WiFi hardware.
FAKE “FREE” WIFI ACCESS POINT
Did you know that a hacker can use their own laptop to set up a free WiFi hotspot in a popular location? For example, they could do this in an airport, coffee shop, etc.. They can name their WiFi hotspot something that makes logical sense in that location. Such as: “Starbucks Free Wifi”. Or “Airport Free WiFi”. Then, if you connect to their hotspot, they can capture your username and password. You will have no idea that they recorded your credentials. This WiFi trick is called the “man-in-the-middle” attack. With this fake hotspot, a hacker can also redirect you from the websites you ask to visit and instead send you to websites that they control. Websites that may look pretty much exactly like the original – again, to capture your username and password.
INFECTED WIFI ACCESS POINTS
Another type of attack is to infect an existing WiFi router with malware (rather than creating a fake access point). This is more common. These infected routers could be legitimate free public WiFi access points (like that same airport lounge or coffee shop), or they could be in your office or even your home. This malware is a different type of man-in-the-middle attack which can be used to steal your login credentials or launch further attacks. Our cryptocurrency WiFi security guide best tips will help protect you.
In the summer of 2018, a very sophisticated malware of this type was discovered. It is thought that it could be infecting a half a million WiFi access points. Even if you try to clean it, it has the ability to reinfect the host router. Read more about the “VPNFilter” WiFi Access point malware here.
You may think that you are safe from all this by simply logging in to an HTTPS website – Well, think again. A hacked WiFi router could use their own SSL certificate for selected sites that they want to get into. Or infecting malware could cause a website to do a “fallback” downgrade of HTTPS to HTTP. This will not work on all websites, but it will work on some since this “fallback” system has always been in place ever since HTTPS was invented. In both these cases, your login credentials could be captured.
You may also think you are safe on an office network – but your co-workers could have a side job as a hacker. Don’t assume you are safe even at work – nor on your home WiFi network.
OTHER WIFI THREATS
Any person connected to the same WiFi network can use a free software tool called a “Packet Sniffer” to monitor all traffic on the same network. This means they can capture all your data and, if not encrypted, then they can easily read it all – inluding any passwords you enter. In a public setting, the danger could simply be someone looking over your shoulder to get your login. Or they could use a mini camera. You might also forget that you have file sharing enabled on your computer and a hacker could use that to steal important documents from your computer.
STANDARD: CRYPTOCURRENCY WIFI SECURITY GUIDE BEST TIPS
To protect your funds without modifying your WiFi router configuration, follow these fairly standard cryptocurrency WiFi security guide best tips:
- NO LOGIN: Try to avoid using public WiFi for any sites that require you to log in. Avoid doing your banking, your email, your social media, etc. when connected to a public WiFi.
- VERIFY HTTPS: If you must log in to a website, then double check that it is using HTTPS. (i.e. the website starts with “https://”). If you don’t see https:// then don’t log in. As we mentioned before, this is not 100% protection, but it is far better than not doing it.
- BROWSER WARNINGS: If you see a warning that a website that you are visiting has a certificate that is not valid, do not ignore it and just click through. Instead, close web page and don’t visit that site at that time.
- HTTPS EVERYWHERE: Consider installing the “HTTPS Everywhere” browser extension. This will ensure that you are always on the secure version of every website you visit (if a secure version is available).
- PRYING EYES: When using public WiFi there will often be many stranges close by – make sure they are not looking over your shoulder when you type your username and password. Also be aware of nearby security cameras that can see your keyboard as you enter your password.
- DISABLE SHARING: Disable Windows file sharing in your computer when you visit public networks. Otherwise, a hacker who has already broken into the same network can copy your files. They can copy things like your unencrypted wallet file. In general, most people never really need to have file sharing enabled. You can make this a permanent setting, not something you have to disable each time you visit a public hotspot. This is true for both wireless and even for wired networks.
- PERSONAL HOTSPOT: Use your phone as your own personal WiFi access point hotspot. Then connect your laptop to your phone’s hotspot. You will use up your phone’s data plan but at least you can be sure that no one is intercepting your communication (except your phone company.)
MODIFY YOUR WIFI HARDWARE CONFIGURATION
The following additional tips are specific to home or office WiFi access points if you can access the control software. They require changes that can only be made if you can log in to the WiFi access point software. Changing WiFi router settings can be a little risky and is not normally something a novice should do. You could completely lose internet access, or you could accidentally change the WiFi password. But you can always easily reset to factory defaults in an emergency.
Exact details of how to access to your router will depend on the manufacturer of your WiFi hardware. The access method may be noted on the bottom of your WiFi hardware device or you can search the internet. If you can’t find the access details then try this common method: Open a browser and entering one of the following IP addresses: 192.168.1.1, or 192.168.0.1, or 192.168.0.255.
If you are presented with a WiFi router login window then you will next need to know the username and password. Again, this should either be noted on the bottom of the router, or you can try a common default which is: username “admin”, password “admin” (without the quote marks). If this username and password work, then one of the first tweaks you will want to do is change this password and write the new password down (on the bottom of the WiFi router if possible).
Once you are logged into the WiFi router then you will see a bunch of menus. The exact menu will depend on the manufacturer so we are unable to describe them all. Search the internet for your router’s user manual to understand what configuration changes you can make to your router.
If you make a mistake in the settings and don’t know how to undo it then you will usually have an option to reset the router back to full factory defaults. Read how to manage your WiFi router. Most importantly this will reset your username and password for software access as well as the SSID and password for wireless access.
Make these changes to your home/office WiFi router for better cryptocurrency WiFi security guide best tips.
- UPDATE FIRMWARE: WiFi routers have internal firmware (a type of software) that needs to be updated periodically. If your router is a few years old then it is certain that there have been firmware updates released that may not have been installed. Go to the website of your WiFi hardware manufacturer to check for updates as well as instructions on how to do the update.
- KRACK ATTACK: A VERY common WiFi router hack was discovered October 2017. It is called the Krack WiFi Router Attack. This hack was discovered to have infected 1000s of routers. Make sure that your router has the latest firmware which was released after that date – again, enter your router firmware login as before and check for updates.
- WIFI PASSWORD: Make sure your WiFi is password protected. Some WiFi routers are sold without any password set. Or a homeowner may have removed the password to make connecting easier. Without a password, hackers can get into your network and do bad things to your router and computers connected to it. Your good next door neighbors could also log in if there is not a password. They can waste your bandwidth and slow down your favorite Netflix shows and porn videos. Or worse, someone can use your network connection to do something illegal which you could be blamed for.
- ROUTER PASSWORD: Make sure your router software access does not use the factory default password for entering. Sometimes it is as simple as “admin”, “admin” for 10s of 1000s of routers. This is different from the WiFi connection password that we discussed above. If you change it (and you should!) then be sure to write it down on the router itself since you will need it in the future. If you ever forget and are locked out, then you can do a full router reset to return to the factory original username and password (and you will lose any other configuration settings you may have made).
- USE WPA2: Make sure your WiFi router uses what is called “WPA2” security, NOT WEP. If you find that your router is set up for WEP security then change it to WPA2. These days it will be very unlikely if your router is still set to WEP, but it is possible. Note that a new security protocol called WEP3 should be commonly available by the end of 2019.
- ROUTER FIREWALL: Enable the router firewall. This may or may not be configurable in all routers.
- WIRELESS ADMIN: Disable the ability to modify your WiFI configuration via the WiFi connection itself. This way only someone inside your house, with a physical cable connection to the WiFi router, will be able to make changes to your router. Otherwise, a hacker sitting in his car outside your house could change your WiFi router configuration settings. The hacker could even be that extra person that you should not have given the WiFI password to months ago.
ADVANCED: CRYPTOCURRENCY WIFI SECURITY GUIDE BEST TIPS
The following advanced cryptocurrency WiFi security guide best tips are for those who want additional security and are willing to put in extra effort to get it. These tips may also address more rare, fringe issues.
PUBLIC WIFI ADVANCED SECURITY TIPS
For additional security, when logging in to a public WiFi, then you can take these advanced steps:
- WIFI OFF: When in a public area, completely turn off your WiFi if you not connecting to the internet. This will also save your battery life. This is listed as an advanced tip simply because most people may not want to constantly turn off and on their WiFi.
- INSTALL VPN: Install and use VPN (Virtual Private Network) software on your computer. This will help to ensure that all of your network connections are encrypted. This will also ensure that a hacked WiFi router can’t send you to the wrong website. There are many limited free plans available, plus paid plans. Free plans might be a little slower than premium plans. Free plans often have limited total data per month and they may use slightly less secure technology and often come with ads. But for many people, this will be good enough. Here is one free VPN option called WindScribe. Read more about free VPN options here. Specific VPN options for Android phones here:
HOME WIFI ADVANCED SECURITY TIPS
The following tips require that you log into your WiFi router to make these changes. This can be done in most homes and may also be an option in your office. See the instructions above for how to configure your WiFi router. Not all of these options are available on all routers. Your mileage will vary.
- CHANGE SSID: The SSID is the name of the WiFi router that you can see when you are searching for a WiFi network to connect to. You can change the default SSID name of your WiFi to something that doesn’t clearly identify you so hackers can’t easily figure out exactly which house you are in. Don’t use your first and last name nor your house address as your SSID. Don’t use any name that can be easily identified with your home location. Also, don’t use a name that identifies what type of router you are using – i.e. don’t use the router model name as your SSID – this just gives hackers more clues how to attack your router if they know what hardware you are using. Change the router name to something like “mywifi123”.
- HIDE SSID: Even better, modify your router configuration to completely hide your SSID. This means that your router won’t broadcast its own SSID name. If the SSID is hidden then no one will even know it is there. To connect you will have to manually connect to the WiFi by typing in the SSID name as well as the password. Your friends may not appreciate this, but it will keep you a little safer.
- DISABLE REMOTE: disable remote access to your WiFI router. Otherwise, a hacker could enter your WiFi from outside of your home – while they are parked in the street – and change the router configuration – and/or infect your router with malware.
- MAC FILTER: Modify your router configuration to set up what is called “MAC filtering”. This way only devices that you explicitly authorize will be able to connect. This is very inconvenient for friends and family who drop in and want to quickly connect, but it does also ensure that hackers can’t connect to your WiFi.
- STATIC IPS: Modify your router configuration to disable the routers DHCP. Then assign IPs statically to each connected device that you authorize. This way the router does not need to broadcast it’s IP address to hackers. This does again present problems when friends and family want to just drop in and connect. Read how to disable DHCP and use static IP address.
- DISABLE WPS: Consider disabling a feature called “WPS” – The WPS feature allows you to press a button on your router to easily connect to it. But this feature can be hacked so if you don’t need it, then disabled it.
- ROUTER VPN: Subscribe to a Virtual Private Network service and configure your router to use this service. You can also put the VPN on each computer connecting to the router, but by configuring the router to use the VPN service it will take the load off each computer. See details about free vs Premium VPN services above.
- DISABLE WAN: Disable WAN access so that someone who knows your IP address (this is not that hard to figure out) cannot use it to attempt to get into your router.
See all of our cryptocurrency security tips.
In the comments below, you can add your own tips, and/or correct or dispute our cryptocurrency WiFi security guide best tips.