In part 3 of my blog series, “Wireless Access Point Security 101” I’ll now provide steps 7 through 10 to guide you through re-configuring your wireless access point for secure WiFi:

Step 7. Change the SSID to something other than the default. If you are offering wireless service to the public (i.e. customers and clients), then set this to your company name or something else obvious. If offering public wireless connectivity, be sure to post signs about your free wireless access that includes not only the correct SSID but also the password to access the free but encrypted wireless network (see step 9).

Step 8: Don’t bother with disabling SSID broadcast. You are not actually hiding your network, as you are still using physical radio waves and the SSID is still contained in many other common packets that hacker sniffer tools can pick up in a matter of seconds. All you are doing it making connecting to the network more of a hassle for your valid users.

Step 9: Turn on WPA or WPA-2 encryption. Even if you are offer free wireless access to the public, still turn on wireless network encryption of at least WPA strength. If you know every device that will need to connect will support WPA-2, that is your best and most secure option. Select the PSK, Personal, or pre-shared key version of WPA or WPA-2. Then, set an strong passphrase (notice I did not say password word – it should be 14+ characters and somewhat complex) if you are using the network for private use only, or re-use the network name as the password if you are offering free wireless access to the public. If you need some help picking a password, consider using the password related tools and guidance at grc.com under the headings of the perfect passwords or password haystacks.

Step 10: Turn off the WPS (WiFi Protected Setup) or WSC (WiFi Simple Configuration) feature of your WAP. This is likely enabled by default in order to qualify for WiFi Alliance certification, but since hackers have discovered how to abuse this service and take over control of your wireless network your only option is to turn it off.

Keep reading next week for the conclusion of the steps you need to finish the re-configuration.