Step 1. Changing the admin password
One of the most serious mistakes often made is using the default, out-of-box, admin password (consider the frequently used “admin:admin” and “1234”). If you have not already done so, we strongly recommend resetting the password to something more sophisticated.
Step 2. Disabling remote management
Usually producers enable only LAN-based router controls by default, but this is not always the case. Make sure that you check whether your router's control interface is available over the Web.
Step 3. Disabling Broadcast SSID
As a rule, a wireless router transmits your Wi-Fi network ID (the so-called SSID) to everyone. This may be changed at will by unchecking the corresponding box in the settings. Then your network will not be so easily hacked.
Step 4. Using reliable encryption
Cybercriminals might use your home network for illicit activities and the police could end up on your doorstep! So we suggest enabling WPA2 encryption (WEP is not very reliable) and setting a stronger password for your Wi-Fi hotspot.
Step 5. UPnP et al.
Universal Plug and Play (UPnP), DLNA support (Digital Living Network Alliance) and the like, are better off disabled if not in use; you run a lower risk of being affected by vulnerabilities in software using these features.
Step 6. Updating built-in software
We suggest using the most up-to-date firmware from vendors' official websites: they frequently patch vulnerabilities and mistakes, which can open the point of entry to hackers willing to compromise your network.
Step 7. Not just the router
Absolutely 'ultimate' protection does not exist, as the years have proved. A sensible approach to router settings, using strong passwords and encryption and timely updates are the keys.