10 Wi-Fi Tips We Validate and Debunk
Some suggestions you read online just aren't valid anymore.
Sep 25, 2023 | Share
Equipment Guides, Technology
There’s a lot of advice online about how to improve your Wi-Fi security and troubleshoot connections. We have a few articles dedicated to both. But things change. Kids grow. Technology advances. And rules from ten years ago may no longer be valid in the here and now. Yet you see the same carbon-copied suggestions over and over.
After testing and reviewing dozens of routers, we see the same outdated suggestions splashed all over the internet and wonder with a heavy sigh, “Why is that even a thing anymore?” So, here we are to clear the air about 10 of the most common Wi-Fi security and troubleshooting tips you’ll find online. We’ll explain why they do and don’t apply to modern Wi-Fi so you’re better informed about what you should really do—and don’t do.
Jump to: Admin name and password | Strong passwords | Enable firewall | Enable encryption | Remote management | Log out as admin | Adjust antennas | Change network name | Change channels | Relocate router
Jump to:
Security
The modern routers we’ve tested don’t use the old-school admin/password scheme. Kevin Parrish | HighSpeedInternet.com
Change the admin name and password
Our take: This suggestion rarely applies to modern routers, gateways, and mesh systems.
Modern standalone routers no longer use the old-school admin/password setup or derivatives of it. Based on the routers we’ve tested, none required us to set an administrator name. It’s not an option anymore, so ignore this suggestion unless you have an ancient router with mouse wheels spinning inside.
The password aspect is different. Generic default passwords are out the door based on what we’ve seen. Manufacturers now provide unique passphrases and PINs for each router, printed on a label affixed to the bottom or on a sheet in the packaging. You use them to log onto Wi-Fi, but then you’re immediately forced to create a “local” router login password before using it. There’s no getting around this step.
And don’t think for one minute you can just use “password” or something simple. Here are the requirements we pulled from TP-Link’s router:
- Must have no spaces
- Must be 6-32 characters long
- Must contain two types of the following characters: letters, numbers, and symbols
Meanwhile, mesh systems are a different animal. You absolutely must create a cloud account to use them, so just like any other online account you have, you sign up using a valid email address and then create an account password following rules similar to the ones listed above.
In a nutshell: Say goodbye to the admin/password security fiasco that plagued routers for years.
Use a strong password
Our take: Definitely do this for every device and service you use.
Modern routers, gateways, and mesh systems force you to create a new password before you can set them up. Routers and gateways require a “local” password to manage the network locally and a cloud account for app-based remote management. Nearly every mesh system we’ve tested requires a cloud account for local and remote management.
Use a trusted password manager to create a strong password, or create a passphrase using letters, numbers, and symbols—the router, gateway, or mesh system will tell you if it’s as good as gold or not. Heck, let your smartphone create one for you, as it’s difficult to crack and easy to find if you need it.
For Wi-Fi, manufacturers now supply passphrases or PINs unique to the router, gateway, or mesh system. You’re not required to change it like you’re forced to create the router login one, but we highly suggest you do. You can always share it with a QR code if you make it too difficult to remember.
In a nutshell: Use tools to help you create strong passphrases to protect every device and service you use.
The NAT is your first firewall and it’s always enabled by default, as is the SPI firewall if available. Kevin Parrish | HighSpeedInternet.com
Enable the firewall
Our take: You only have to enable the firewall if you previously disabled the firewall.
First, the Network Address Translation (NAT) component on your router, gateway, or mesh system is always enabled by default. NAT allows all your devices to send and receive internet data through the router’s public IP address. It’s similar to how everyone in the house sends and receives mail using the same physical address. Plus, NAT automatically denies any unwanted incoming traffic, so it’s your network’s first line of defense.
If you disable NAT, you can’t send and receive data from the internet. Plus, you’re subject to all that potentially dangerous inbound traffic. So, we can’t think of a reason why it would be disabled out of the box or disabled manually.
Second, many routers also now include a stateful firewall, which briefly inspects all inbound and outbound data packets to determine whether they should be blocked or allowed based on learned traffic behaviors and those defined in a preset security policy. The Stateful Packet Inspection (SPI) firewall is usually enabled by default if the router has one, and the only time you may want to disable it is to see if your speed improves.
In a nutshell: NAT is your low-level firewall, and it’s always enabled—never disable it. The SPI firewall inspects the state of your connections and is your second mid-level firewall. It’s normally enabled by default, so only disable the SPI firewall for troubleshooting.
Every modern router we’ve tested has encryption enabled by default. Kevin Parrish | HighSpeedInternet.com
Enable network encryption
Our take: This is old advice. Every wireless device you own, including your router, has encryption enabled by default.
Security firms even tell you to enable Wi-Fi encryption, which illustrates how many troubleshooting tips are old and generic. Every wireless device you own now has encryption enabled by default—there’s nothing you need to do to secure your wireless connections.
Likewise, we’ve never tested a router or mesh system with encryption disabled. For example, the TP-Link router we had for testing was set to WPA2-PSK [AES] out of the box. Heck, even on the latest models, WPA2-PSK is usually the default protocol over the newer WPA3 one for multi-device compatibility’s sake.
Of course, there may be instances where encryption isn’t enabled on public Wi-Fi, but that seems to be a rare occurrence anymore. If you see an unsecured Wi-Fi connection, don’t use it. That’s just shady in our book, especially for 2023.
In a nutshell: Device and router makers have your back when it comes to securing your Wi-Fi connection, but be sure the websites you visit use encryption too (HTTPS).
If available, remote management is almost always disabled by default. Kevin Parrish | HighSpeedInternet.com
Disable remote management
Our take: This suggestion still applies if remote management is available on your router and enabled by default.
Remote management is a means of modifying your router or gateway settings via a web browser when you’re off the local network, like from a hotel room or office. We want to say it’s an old-school feature and isn’t a thing anymore, but it still shows up on a few routers. Some routers don’t have this feature.
Remote management is usually disabled by default, based on what we’ve seen. It used to be a security risk because it was tied into the static usernames and passwords manufacturers supplied with their products. Now, usernames are out the window, and you create your own local password with letters, numbers, and symbols before you even set up your network.
Manufacturers generally push their mobile apps as your go-to interface for remote network management now, so you don’t need the web version unless you want to remotely change a setting that’s not available in the app.
In a nutshell: Remote management is probably not the security risk it once was because modern routers deal with logins. It’s usually disabled by default, but be sure to switch it off when you’re not using it just to be safe.
Log out as the administrator
Our take: This is an outdated suggestion that no longer applies.
Guess what? You don’t need to. By default, modern routers and gateways automatically log you out of the web interface after about 30 seconds of inactivity. We know because we keep having to log back in during testing. It’s a pain, but we totally get it. Of course, older routers used by great-great-grandma may still keep you logged in indefinitely, so be sure to properly exit the interface if that’s the case.
Mesh systems use cloud accounts, so they stay logged in much longer on your mobile device. And since you have facial recognition, fingerprint scanning, or a PIN in place (and shame on you if you don’t), there’s no security concern about staying logged in to manage your network.
In a nutshell: Modern routers and gateways automatically log you out after a period of local inactivity, whether you’re using the web interface or app. Mesh system apps generally keep you logged in, so be sure to lock your device when it’s not in use.
You’re not forced to change your Wi-Fi network’s name, but it can reduce some confusion. Kevin Parrish | HighSpeedInternet.com
Change the Wi-Fi network’s name
Our take: This is still useful.
Okay, so this is legit to some degree. Routers, gateways, and mesh systems allow you to change the Wi-Fi network name (SSID) during setup. It’s not a requirement like the login password is, but you probably don’t want to broadcast the manufacturer’s name to every neighbor on the block.
And here’s why. First, changing the SSID eliminates confusion. If your neighbor also has a TP-Link router and never changed the default network name, you may wind up trying to connect to the wrong Wi-Fi network and throwing your router out the window in frustration. There’s usually a mix of letters and numbers at the end to differentiate the two networks (as shown above), but still, save yourself some frustration by changing the network name.
You may read that hackers can park outside your home and break into your router after seeing the manufacturer’s name and looking up the admin/password combinations online. But since modern routers don’t use those admin/password schemes, this security scare really only applies to older routers. Seriously, if router manufacturers thought SSID names were a security risk, they’d force you to change it during the setup just like they do with the login password.
The bottom line: Changing the SSID is best for eliminating confusion and broadcasting fun names. Security firms tell you it’s good for thwarting hackers, too, but unlike the login password, it’s an optional change (even NETGEAR uses that word), not a required one.
Do you need more speed than what your plan currently provides?
If you know your equipment is running smoothly but don’t have enough bandwidth to handle all your traffic, enter your zip code below to see if a faster plan is available in your area.
Troubleshooting
Rotating your antennas to reach another floor changes the shape and range of your Wi-Fi network. Kevin Parrish | HighSpeedInternet.com
Adjust your router’s antennas
Our take: This suggestion may shift your Wi-Fi speed woes elsewhere.
Some standalone routers have external antennas you can reposition at will. The intent behind adjusting them is to send Wi-Fi signals up or down to another floor in your home or office. But really, all you’re doing is changing the shape of your Wi-Fi donut.
Radio waves broadcast perpendicular to the antenna. If you position each antenna vertically, then the broadcast is horizontal. Horizontal antennas broadcast vertically. Got it? Good.
When all external antennas are vertical, Wi-Fi resembles an elongated donut. In contrast, gateways and mesh nodes have internal antennas that are arranged to broadcast in a sphere. So, while standalone routers with external antennas are excellent for long range, mesh nodes are ideal for multi-floor Wi-Fi.
That said, if half of your router’s antennas are vertical and the others are horizontal, you lose the long range you once had—but now you have better coverage upstairs. It’s something to consider if you notice lower-than-usual speeds in your bedroom after pointing Wi-Fi down into the basement.
In a nutshell: Adjusting the antennas to shoot Wi-Fi onto the second floor reduces your long range. You may want a mesh system instead for multi-floor Wi-Fi.
Changing channels may be a fruitless attempt to fix your Wi-Fi speed woes if your neighbors are using the same group. Kevin Parrish | HighSpeedInternet.com
Change your Wi-Fi channel
Our take: Changing your Wi-Fi channel may or may not work.
Okay, this can get kinda in the weeds, so let’s start by saying this: You may not even be able to change your Wi-Fi channel, and if you can, it may still be a fruitless attempt to fix your Wi-Fi. If that’s a good enough explainer for you, feel welcome to move on to the next section. We won’t be offended. Promise.
For starters, all three Wi-Fi connections (2.4 GHz, 5 GHz, and 6 GHz) are divided into channels. Each channel is a narrow sliver of wireless spectrum that can be combined (bonded) to make larger ones. The larger the channel, the more throughput (speed) you get. Here’s how channel bonding works:
20 MHz | 40 MHz | 80 MHz | 160 MHz | 320 MHz | |
---|---|---|---|---|---|
# of channels | 1 | 2 | 4 | 8 | 16 |
Now, let’s look at the 5 GHz band because it’s what we use the most, and it’s a good example of why changing channels may not solve your speed woes.
All modern smartphones, tablets, and computers support bonded channel widths of up to 80 MHz or 160 MHz, depending on the model. Likewise, nearly every router and mesh system we’ve tested defaults to an 80 MHz-wide bonded channel out of the box.
Routers automatically select the best channel during setup—usually a lower one (36–48) paired with a set width of 80MHz. That can cause problems because settings display the channel selection listed as Auto. When you’re troubleshooting and decide to select a channel manually, there’s usually a drop-down menu listing all the available channels the router supports.
The problem is that routers typically list the individual 20 MHz channels, not the larger ones. For example, the drop-down menu listed channels 36 to 161 on the TP-Link router we had for testing, while the channel width selector listed 20 MHz, 20/40 MHz, 20/40/80 MHz, and 20/40/80/160 MHz. Again, the higher the channel width number, the more speed you get from the router.
So, when you use a Wi-Fi analyzer app and see one neighbor is on channel 36 and one is on channel 48, then you may think you’re good to go using channel 40 or 44 with an 80 MHz width.
But you’re not. As the table below shows, you may all be using different channel centers, but you’re all still using the same 20 MHz channel group.
160 MHz | 50 | 144 | N/A |
---|
80 MHz | 42 | 58 | 106 | 122 | 138 | 155 |
---|---|---|---|---|---|---|
20 MHz | 36 40 44 48 | 52* 56* 60* 64* | 100* 104* 108* 112* | 116* 120* 124* 128* | 132* 136* 140* 144* | 149* 153* 157* 161* |
* Dynamic Frequency Selection channels used by radar.
The best scenario is for one network to use 36–48 (aka channel 42) and one to use 149–161 (aka channel 155). But that may not be possible, either because your router doesn’t support channel 52 and higher or because you can’t switch channels at all. Another option is for every network to use 20 MHz or 40 MHz channel widths (not shown in the table), but good luck in making that happen.
And then we have the two superwide 160 MHz channels. Getting full speed out of them can be its own struggle. Not only do routers create these channels by bonding eight smaller, highly used channels each, but most of those little channels fall under Dynamic Frequency Selection—which means they’re also used by radar. If your router even thinks radar activity may be at play on any 20 MHz DFS channel, it vacates that channel and scans it again later.
For you, that means the 160 MHz channel width you selected just dropped to 80 MHz or lower, which translates to slower speeds.
In a nutshell: Changing channels may not do anything to improve your speed on the 2.4 GHz and 5 GHz bands. Your best bet (for now) is the 6 GHz connection if you have a router and devices that support it. Most mesh systems don’t even let you change channels.
Relocate your router
Our take: This suggestion applies if most of your devices have a bad connection.
Placement does matter when it comes to squeezing the most speed out of your router or gateway. But we also know, based on testing, that the connection you choose and the devices you own also play a major part in your speed woes, so there are some factors to consider before you uproot your router.
For starters, the 2.4 GHz Wi-Fi band has a longer reach than the 5 GHz one. Plus, 5 GHz radio waves have a harder time penetrating thick objects, so at first glance, the 2.4 GHz connection seems like the better choice.
But if speed is what you need, the 5 GHz connection is your ideal connection. Modern routers do an excellent job pushing 5 GHz signals throughout your home without losing too much speed.
For example, with one router we tested, we stood in front of the air handler closet to check the speeds as the router pushed signals through three walls, a few doors, and lots of metal. We recorded a 586Mbps average using a Wi-Fi 6 device connected to the 5 GHz band and 105Mbps when connected to the 2.4 GHz band. That’s a big difference in speed.
We generally tell you to place your router or gateway in a central location, and that still applies. You want the Wi-Fi donut to fill as much square footage as possible. But there may be cases (like this writer) where you can’t relocate the router due to where the modem or ONT sits without installing a super long Ethernet cable or having your internet provider relocate its equipment—which can be costly.
In a nutshell: Relocating your router or gateway may or may not be beneficial. In some cases, it may be impossible without some investment. If your router is in the basement or a closet, then yes, please do relocate it if you can. Otherwise, you may want to consider installing the best Wi-Fi extender or switching to a mesh network system.
Author - Kevin Parrish
Kevin Parrish has more than a decade of experience working as a writer, editor, and product tester. He began writing about computer hardware and soon branched out to other devices and services such as networking equipment, phones and tablets, game consoles, and other internet-connected devices. His work has appeared in Tom’s Hardware, Tom's Guide, Maximum PC, Digital Trends, Android Authority, How-To Geek, Lifewire, and others. At HighSpeedInternet.com, he focuses on network equipment testing and review.