40

One of my neighbours hacked the password of my router and he uses my limited internet package. I change the wifi SSID almost daily, but he can hack it easily. Today, he changed the SSID to a hate speech "insult".

How can I stop him? I need a quick and powerful solution. Is there any easy-to-use software that protects my wifi?

I have an idea but I don't know how to do it. Sometimes my mobile (smart phone) finds a wifi network that does not have a password. So, I can connect to it easily. When I access the internet, all websites are unavailable. And I can not surf any webpage. How to do something like that?

Edit: I'm Using WPA/WPA2 PSK

13
  • 7
    Is this 'router' provided by the ISP, or something you purchased? If it is your equipment, then a full reset + reconfigure would be a good idea. If it is ISP owned, I would contact your ISP and ask them for help doing a full reset+reconfigure.
    – Zoredache
    Commented Dec 10, 2015 at 23:01
  • 3
    the most common hack on WPA is to intercept a handshake and to run a dictionary attack on it. so if you haven't yet, use strong password. nothing that looks like a word or anything. something like one of those: random.org/passwords/…
    – njzk2
    Commented Dec 11, 2015 at 15:20
  • 3
    Isn't this a question for SuperUser? I mean, it's not about how to implement/deploy a security solution, only about how to use existing security options. Commented Dec 11, 2015 at 15:22
  • 8
    If you are really using WPA with a password of a decent length, maybe the point failure is somewhere else? Maybe you have a trojan on your computer?
    – Christian
    Commented Dec 11, 2015 at 15:30
  • 6
    @Brian Correct, I agree it's very unlikely any "hacking" is happening here. We're seeing the "I'm hacked" claim more and more across the SE network, usually boils down to the OP not understanding what's going on, so defaulting to a claim of being "hacked". To perform this "hack" it would require quite a lot of time, and technical know-how. And the outcome is simply temporary internet access? I don't buy it, it's simply not worth the "attacker's" time. OP has something configured wrong...
    – SnakeDoc
    Commented Dec 11, 2015 at 21:52

7 Answers 7

72

There are two different passwords that access different functions. If an attacker has the admin password, then he / she can change the SSID, WiFi password, and any other settings on the WiFi router.

To fix: ensure your WiFi security setting is WPA or WPA2. Then change the WiFi password to a long one (at least 12 characters, more is better) with special characters and numbers (such as #, $ %, !, 1, 6, see for example Is there any point in using 'strong' passwords?). Also, make sure the admin password on the WiFi router is changed from the factory default. This admin password is different than the WiFi password. It should also be a long complicated password, but do NOT make it the same as the WiFi password. The WiFi password is the one you give to friends and family to access your WiFi. The admin password should be kept with you only, or people you REALLY trust, as it can be used to change WiFi settings. Once this is done, change the SSID back to one you like.

Also, make sure to disable the feature called Wi-Fi Protected Setup (WPS). See http://www.howtogeek.com/176124/wi-fi-protected-setup-wps-is-insecure-heres-why-you-should-disable-it/ for details on why WPS is not recommended.

If the attacker is still able to change the SSID and any passwords, your system is more deeply compromised and I would recommend contacting a computer expert or store who can help you clean your system. They can also give you advice on if there is anything local law enforcement can do, as your attacker is likely committing a crime.

4
  • 29
    Worth noting: Some routers don't disable WPS when you switch it to 'Off' in the admin panel. In that case, you need to buy a new router. Commented Dec 10, 2015 at 19:21
  • 3
    8 is too low to recommend as a minimum password length these days, as it is easily brute forced with consumer grade hardware. I would suggest 12 as a minimum. Commented Dec 10, 2015 at 19:23
  • 3
    Another note, Make sure you cannot access your router settings web-page with it's external IP. I have run into many routers where they have the web interface open to the internet by default. I ended up rerouteing port 80 to 1.1.1.1 in my port forwarding settings. If this is the case, your neighbour, or frankly anyone in the world, can change settings, and upload compromised firmware to your router, all they need is the password for the web interface.
    – Lektonic
    Commented Dec 11, 2015 at 14:53
  • Comments are not for extended discussion; this conversation has been moved to chat.
    – Rory Alsop
    Commented Dec 11, 2015 at 20:16
13

Ok I am changing my answer after reading all the comments. You need to understand the basics:

  1. SSID = The SSID is the name of the wireless broadcast from your router. This is not a username.

  2. If the person keeps getting in then its possible your security is not WPA2 like you think it is. or your password for the wifi is really weak or common. try a randomised password.

  3. If he can connect to your wifi, he can connect to your router through a web browser. Typically the address to access a router in the browser is 192.168.0.1 OR 192.168.0.254 OR 192.168.1.1 OR 192.168.1.254 .... (to get the address more officially rather than guessing, open up command prompt in windows and type: ipconfig /all and look for your default gateway related to your network settings)

  4. Upon accessing the router through the web a DIFFERENT password is used, if you use a netgear router the password could actually not exist and the user name will be admin.

  5. When into the router you can change things such as the SSID easily.

How would I solve these issues?

  1. Reset the router to factory default.

  2. Change the router user name and password (NOT THE SSID)

  3. Now change the SSID and make the wireless password / encryption a randomly generated WPA2-PSK.

  4. A firmware update

  5. If this fails, follow these steps, reset your devices as he may have bugged you in someway.

3
  • 4
    The router's IP address is usually the default gateway for a device that's connected to it. You may want to provide instructions for looking up your default gateway, rather than listing several common router IPs that may or may not be right. Commented Dec 10, 2015 at 20:01
  • @DanHenderson you are 100% correct, I should do that, will edit this in a little while (now to remember how to use windows)
    – TheHidden
    Commented Dec 11, 2015 at 10:34
  • 1
    @silverpenguin ipconfig/all might be what you need.
    – vasin1987
    Commented Dec 12, 2015 at 2:02
5

Change your security to block ALL devices, except MAC addresses of your own gear. You'll have to look them up and enter each one manually. But the change should stop him cold.

9
  • 15
    MAC filtering on a Wifi router is not true security Commented Dec 10, 2015 at 18:54
  • 4
    MAC spoofing. Commented Dec 10, 2015 at 19:28
  • 6
    Though MAC spoofing is possible, so is password guessing. That is, it makes no sense to ignore a security feature simply because it's possible to bypass it, especially if there's no evidence that the "neighbor" even knows it can be done. Listing approved MAC addresses is a viable tactic until it's shown to fail. Commented Dec 11, 2015 at 11:02
  • 1
    I used this for a long time until I read several articles saying it doesn't really provide any more security than setting a good password, and it was a huge hassle to have to maintain a big list what with friends coming over and so many devices already in the house. I recommend creating a password pattern that results in a 12+ length password and is variable by the URL you're connecting to. That way, you memorize your single pattern, and you have a unique password for everything. Commented Dec 11, 2015 at 21:12
  • 2
    @user2338816, comparing MAC spoofing to password guessing a fallacy when it comes to wireless. Your MAC is there every time your device transmits a frame to be learned by anyone in the area. The only way this would relate to password guessing is if the OP were to hand out cards with his new password to all his neighbors each time he changes it.
    – YLearn
    Commented Dec 12, 2015 at 0:36
5

Changing the SSID won't save you from this annoyance.

You need to do a "back to factory settings reset" (Check the manual of your router, sometimes it has a tiny button to allow this)

After that:

  • Enter the router config page (with the default admin password)
  • Put a new router admin password (strong one preferable)
  • Change the default SSID and password the router recreates (hiding SSID broadcast helps a tiny bit)
  • If you have your router near your wireless devices, reducing the transmission power will help another bit (in case the attacker isn't close)
  • Disable WPS (some routers can be hacked via WPS)
  • Disable remote admin (in case the remote admin password has been compromised or if you don't need frequent ISP support).

If the attacker keeps getting in, consider a firmware upgrade or a router replacement.

Hope this helps.

3
  • 2
    The statement that "hiding SSID broadcast helps a tiny bit" is nonsense. Someone who is determined enough to break into a home wireless router multiple times won't be slowed down much (if at all) by a hidden SSID. Further this potentially makes you more vulnerable to a wider audience as your devices will now all (not just the ones that do it by default) be broadcasting your SSID in probe requests wherever they go.
    – YLearn
    Commented Dec 12, 2015 at 0:31
  • By "tiny bit" I meant "script kiddies won't be annoying you". A really determined person can go as far as getting inside a house, or doing Social Engineering or installing trojans on the devices.
    – El Gucs
    Commented Dec 12, 2015 at 8:37
  • 2
    Even script kiddies will be able to get past a hidden SSID.
    – YLearn
    Commented Dec 12, 2015 at 15:59
4

Does your router have WPS enabled? If so, disable it.

You say you change your router password often, do you mean the admin password to log into your router, or the password to connect to the WiFi? Change both to something complicated. If you're not changing the router admin password it's entirely possible he has compromised that.

Alternatively it's possible he's compromised your PC at some point when he was connected to your WiFi.

You mention that sometimes your phone connects to a WiFi network that doesn't have a password... is this when you're at home?

1
  • 1
    Change the admin password for the router. If that's still the default one, or was shared with your WiFi password, any other measures you take are pointless until you change it.
    – AlexH
    Commented Dec 10, 2015 at 12:19
2

Disable wireless administration: Change the setting that allows administration of the router through a wireless connection to off . This means that you need to connect with a LAN cable for administration. This disables any wireless hacking into the router.

-2

On most routers you should make certain that you've turned off remote administration. You should only allow the administration of your router from hardwired IPs. That way, even if they get the SSID password, they're not changing your router.

Also... move your router further away from the hacker. If you don't know who it is, move it to a different room, wait for them to hack it, move it again, etc. If you have a basement, you might put it there as long as it is still useable to you. If they get a crappy signal, they'll likely move on.

3
  • 1
    "hardwired IPs"? Do you mean wired connections? And by "SSID password", do you mean the router admin password? Moving the AP is unlikely to deter a determined neighbour, as this seems to be. "Remote administration" usually means accessing the AP's admin page form the Internet, not from the local network.
    – schroeder
    Commented Dec 10, 2015 at 19:48
  • 7
    The substance of this answer - disabling access to the device's administration controls via WiFi - is great advice, but between the inappropriate word choices that @schroeder pointed out and the suggestion to relocate the router (unnecessary if you've disabled wireless administration), I can't bring myself to actually upvote it without significant improvements. Commented Dec 10, 2015 at 20:06
  • s/hardwired/a specific, limited set of/ Commented Dec 11, 2015 at 19:10

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .