38
submitted 3 months ago by clark@midwest.social to c/privacy@lemmy.ml

At risk of sounding stupid, I need some pointers on how to set up a Wi-Fi router and make it as private and secure as possible.

To sound even more stupid, I don't really know what PiHole is, or why some people route their traffic through a VPN. I suppose my main questions are these:

  • What Wi-Fi router should I get?
  • How do I configurate it as somebody who is somewhat privacy-conscious but not very tech-savvy?

I don't really know how regular Wi-Fi routers work, what the common worries are, how/if data is at risk of being leaked, and so on. So, any pointers would be appreciated! Feel free to direct me to any privacy guides, as well. Cheers!

you are viewing a single comment's thread
view the rest of the comments
[-] pezhore@lemmy.ml 13 points 3 months ago* (last edited 3 months ago)

The brand/type of wifi router is more of a technical requirements discussion than privacy discussion.

For instance, I live in a two story townhome rental with the modem in the basement - so I picked up an Orbi mesh system to bounce wifi up to the second floor. I also have a fairly complex network with IoT VLAN, DMZ (for remote VPN) and other network segments - again the orbi doing different VLANs per SSID was a deciding factor.

I've also only used the Orbi as an access point, relying on a dedicated firewall/router for that stuff.

If you're looking at a flat network (e.g. everything on one segment - the typical home user setup), pretty much any WiFi router from Best Buy or equivalent will do the job. Check your current devices to see if you can take advantage of WiFi 7 technology - otherwise save a few bucks and go WiFi 6.

For security purposes, change the default SSID (the wireless name) to something unique - and change the password to something from correcthorsebatterystaple.net. You don't need the default jumble of letters and numbers to be secure.

Lastly, getting to your privacy concerns, look at the DHCP settings - that's what hands out IP addresses to your devices so they can reach the internet. Change the DNS servers to something other than your ISP. This looks like a good starting point.

The big things are to make sure you don't expose your router management to the Internet (the default shouldn't do that) and to make sure you periodically check for firmware updates.

If you want to up your game, you could look at spinning up a self-hosted DNS server like Pi-Hole - but that can be a bit more advanced to get setup and troubleshoot if something goes wrong.

[-] greywolf0x1@lemmy.ml 2 points 3 months ago

and change the password to something from correcthorsebatterystaple.net.

i wonder how secure or private it is to use a password generated online. You should use a password manger instead. They have built-in password generators

[-] pezhore@lemmy.ml 1 points 3 months ago

Ideally, sure use a password generator - but I wouldn't worry about the security of a password generator like the one I linked.

  1. There's no linking of the password you generated to whichever account you are creating.
  2. There's no guarantee from the web operator's perspective that you are actually using the generated passwords for anything at all.

Again, use bitwarden's generator - or equivalent - for passphrases, but in the absence of that correcthorsebatterystaple.com is good enough for a non-shared password.

this post was submitted on 08 Sep 2024
38 points (100.0% liked)

Privacy

32492 readers
375 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS