Step by step: How to protect your Wi-Fi network

Reader Joshua writes: I have searched all over the net for detailed instructions on how to protect my Wi-Fi network, and I just can't seem to find them. I would appreciate some help.

Most vendors provide an installation CD with their routers, and if you use this CD (you never have to, by the way), you'll be walked through setting up security on your router, step by step.

Personally I find these programs cumbersome, and since I tend to swap out routers every couple of months, I never install them to avoid having multiple management applications which correspond to nothing on my network.

So, without further ado, here's how to set up security on your router without using a custom application.

1) Type in the IP address of the router in your browser. This is how you get to the management system. You will need to check your router's manual for the IP address (it's probably 192.168.0.1 or something close to that) and the default password for the router. Now every router's management interface is different, and I don't have every brand here to work with, so I'm just going to point you toward the areas you need to tweak. This isn't complicated, but it might take a little trial and error on your part. Just poke around until you find the appropriate section to manage. It's usually quite simple.

2) Set a new administrator password. Always a good first step so you don't forget it later. This is often not under the Security section, so don't forget to look under the Utilities or System Settings area. Once you find it, change the password here like you would with any user account.

3) Turn on encryption. Look under Wireless Security or a similarly tagged section. You want to turn on encryption here: Use WPA (or WPA-PSK) if all devices on your network support it. Otherwise use 128-bit WEP. Type in the key you'd like (or use a passphrase to generate the key if you're using WEP). Note  the passphrase you're using so you can type that password into your client machines.

4) Change the SSID. Nothing says "hack me" like a default SSID (essentially, the name of your router) like "linksys" or "belkin." Change it to something menacing, not "janesrouter." One router I can see from my office is named "virustrap." I can't imagine anyone willingly trying to hack into that network. Remember you'll need this SSID when you browse available wireless networks from your client machines. You'll find this setting under a menu called Channel or SSID, something like that.

After that, you've covered the basics of security. You'll probably have to reboot your router multiple times during this procedure (so it's best to use a cable to do the configuration), and don't forget to hit "Apply Changes" or "Save Changes" after every tweak you make.

You can continue to make more advanced wireless security changes if you'd like, but I think they're overkill. Still, if you're paranoid, you can turn off SSID broadcasting (so you have to type in the network name manually; it doesn't show up in the Windows scan). You can also turn on MAC address filtering, which limits access to your network to a list of clients that you specifically approve. If anyone really wants information about how to configure MAC filtering, email me or post a comment below and I'll whip up a blog post down the road.