Used Router Security: A Buyer’s Guide

TL;DR

Buying a used router can save money, but it carries risks. This guide shows you how to check for problems and secure your new (to you) device before connecting it to the internet.

1. Before You Buy: Initial Checks

1. Model Number & Firmware Support: Check if the router model is still supported by the manufacturer with security updates. Older, unsupported routers are a big risk. Search the manufacturer’s website for your model number.
2. Physical Condition: Look for obvious damage – cracks, broken ports, signs of tampering.
3. Ask Questions: Find out why the previous owner is selling it. Was it working perfectly? Has it been reset to factory settings?

2. Resetting the Router

This is crucial. You need to remove any old settings.

1. Find the Reset Button: Usually a small recessed button on the back or bottom of the router.
2. Press and Hold: Use a paperclip or similar tool. Press and hold the reset button for 10-30 seconds while the router is powered on.
3. Wait for Reboot: The router will reboot to its factory default settings. This can take a few minutes.

3. Accessing the Router’s Admin Interface

Every router has an admin interface you use to configure it.

1. Connect to the Router: Connect your computer directly to the router using an Ethernet cable (not Wi-Fi initially).
2. Find the Default IP Address: This varies by manufacturer. Common ones are 192.168.0.1, 192.168.1.1, or 10.0.0.1. Check the router’s label or the manufacturer’s website.
3. Open a Web Browser: Type the default IP address into your browser’s address bar and press Enter.
4. Login: Use the default username and password (usually ‘admin’ for both, but check the router’s label).

4. Changing Default Credentials

This is the most important security step.

1. Navigate to Admin Settings: Find the section in the admin interface for changing the username and password (often under ‘Administration’, ‘System Tools’ or similar).
2. Create a Strong Password: Use a long, complex password with a mix of uppercase and lowercase letters, numbers, and symbols. Do not reuse passwords from other accounts.

5. Updating the Router’s Firmware

Firmware updates fix security vulnerabilities.

1. Check for Updates: Most routers have a section in the admin interface to check for firmware updates (often under ‘Administration’, ‘System Tools’ or similar).
2. Download and Install: If an update is available, download it and follow the on-screen instructions to install. Do not interrupt the process!

6. Securing Your Wi-Fi Network

Protect your wireless connection.

1. Change the SSID: Change the default network name (SSID) to something unique and unidentifiable.
2. Choose WPA3 Encryption: If your router supports it, use WPA3 encryption for the strongest security. Otherwise, use WPA2 with AES encryption. Avoid older protocols like WEP or WPA.
3. Enable a Strong Password (WPA Key): Use a long, complex password for your Wi-Fi network.
4. Hide SSID (Optional): Hiding the SSID makes it slightly harder to find your network, but isn’t foolproof.

7. Enabling Firewall

A firewall helps block unwanted access.

1. Enable SPI Firewall: Most routers have a built-in SPI (Stateful Packet Inspection) firewall. Make sure it’s enabled in the admin interface (often under ‘Firewall’, ‘Security’ or similar).

8. Consider Advanced Security Features

These are optional but recommended for advanced users.

• MAC Address Filtering: Allow only specific devices to connect based on their MAC address (not a strong security measure, as MAC addresses can be spoofed).
• Guest Network: Create a separate guest network for visitors.
• UPnP: Disable UPnP unless you specifically need it. It can create security vulnerabilities.