Wi-Fi security has evolved in recent years to the extent that most modern routers are set up to be secure. Gone are the days where hackers (or pretty much anyone, in fact) would be able to connect to your Wi-Fi without even needing a password. Plus, Wi-Fi has adopted new encryptions methods and routers generally have built-in firewalls and security measures used to protect you from malicious attacks. With that said there might be some people wanting to find out how to hack Wi-Fi, and we’re going to help you stay protected.

See also: 10 best wireless routers to buy right now

How to hack Wi-Fi: Put simply, you can't

The truth is you can hack Wi-Fi, but without extreme patience and knowledge, it’s impossible. In fact, even for a professional hacker that’s well trained in hacking encrypted devices, it takes a huge amount of perseverance and dedication. Furthermore, even after hacking the Wi-Fi there might be limited information available, due to your computer’s or mobile device's own anti-virus, firewall and even encryption. In essence the effort and knowledge needed to hack a Wi-Fi connection often doesn’t make it worthwhile for a hacker, and certainly not for your home router at 34 Acacia Avenue.

Since you probably searched for ‘How to Hack Wi-Fi’ to find this article, you’ve probably already seen the fraudulent sites that offer you software that supposedly cracks any Wi-Fi code. These software programs are often riddled with malware and have tracking cookies within them to monitor your installation and use of the program. We highly recommend not downloading any such program, let alone performing an illegal act by attempting to hack someone’s Wi-Fi connection!

How to hack Wi-Fi: How can I stay safe from hackers?

Just in case there’s a really dedicated hacker in your local area, there are still a few steps you can take that will make their hacking very tiresome.

First and foremost, disable WPS. What is WPS?, we hear you cry. WPS stands for Wi-Fi Protected Setup, which was created to make Wi-Fi connections simpler and easier. Sounds great at first, until you realise that it creates an easier entry point for hackers. Since it uses an 8-digit PIN it’s even easier to hack through brute-force techniques. Essentially a hacker would use a program to constantly attempt at guessing your 8-digit PIN, until it guesses the right one; like deciphering a numerical padlock.

The easiest way to know if you’ve got WPS enabled is to look on your router or the box it came with, as it often has a distinct logo and a physical button located on your router to quickly access WPS. If you’re still unsure, you can go into your router settings, which is usually accessed by typing 192.168.1.1 or 192.168.0.1 (or other, depending on your ISP and router’s manufacturer) in your URL address bar and logging into your router’s admin panel. 

The problem with WPS is that it’s often enabled by default by router manufacturers, so it is good practice to disable it, especially if you never see yourself using it.

How to hack Wi-Fi: Change the admin password

As you’ve now logged into your router’s settings, you’ll also be able to see an option to change the router’s admin login details. We recommend changing this, as it’s simple to do so and protects you from anyone wanting to mess with your router's settings. Many routers (though not usually those which are provided by your ISP) come with a generic username and password, typically ‘admin’ and ‘password’. Changing this will mean it will become a lot harder and near impossible to hack into your router’s admin panel. 

Which Wi-Fi encryption should I use? WEP vs AES vs TKIP?

As we've said, modern routers usually have Wi-Fi security (a password) enabled by default. However, a password isn't simply a password. Wi-Fi can use different standards for encryption. As you’ll be able to see within your router settings for Wi-Fi, there are various different letters and numbers that might look like gibberish to you, so we’ll explain how safe they are.

First of all, the overarching encryption methods WEP, AES and TKIP.

  • Wired Equivalent Privacy (WEP) was the norm back in 1997, when the original 802.11 Wi-Fi standard was introduced. This is now deemed insecure and was subsequently replaced in 2003 by WPA through the TKIP encryption method. Therefore, if your router has the option or has it selected by default, you should change it to WPA (TKIP) or WPA2 (AES) immediately.
  • Temporal Key Integrity Protocol (TKIP) is also being phased out, but unlike WEP is still seen in most modern routers.
  • Advanced Encryption Standard (AES) was introduced shortly after TKIP, as the new and improved WPA2 standard, in 2004. This is the encryption you should be using with WPA2.

These are the most common encryptions and alongside their security modes, are the ones found in most routers nowadays. There are other methods of encryption and other routers that might house enterprise-grade encryption, but when it comes to consumer-grade Wi-Fi, these are the most common ones you’ll find. Put simply: use WPA2 (AES) if you can. Bear in mind that your Wi-Fi devices will also need to support this in order to talk to your router. Most do, but some older kit might not.

Wi-Fi security standards explained: WEP, WPA, WPA2

Alright, what's WPA? We've told you that WPA2 is the most secure and you should always aim for that. Thankfully nowadays router manufacturers choose WPA2 by default; this also includes ISP providers such as TalkTalk, BT, Sky and Virgin among the others who provide routers to customers. In fact, many use a combination of WPA2 and WPA simultaneously to ensure compatibility with the widest range of wireless kit.

You’ll also quickly see that you’ve got an option (sometimes by default) that has ‘-PSK’ and you’re wondering what that means. PSK or Pre-Shared-Key (also seen as Personal Shared Key), is the authentication that was developed for home users, where plain-English encryptions can be used. This is where enterprise-level authentication differs, where it uses a Remote Authentication Dial-In User Service (RADIUS) to secure its connections.

If you're offered the choice - you may not be - then choose WPA2-PSK (AES) rather than WPA2-PSK (TKIP).

If you find a device can no longer connect, this is where WPA2-PSK (TKIP/AES) comes in handy, as it uses the newer WPA2 encryption, whilst enabling older devices that might be stuck with TKIP to connect to your router. You may find it listed as WPA2-PSK (mixed mode).

How to hack Wi-Fi: Why is my internet slow?

This might seem odd to include in an article that talks about security, but you might be surprised that WPA and TKIP support only 54Mbps rather than the higher 802.11n rate of 300Mbps (and higher with 802.11ac) when using WPA and AES. Imagine this as a motorway lane, where data has to go from London to Birmingham on the M40. Through WPA and TKIP there’s only one lane that transfers all your data, meaning a lot of traffic and a six-hour drive. With WPA and AES you’ve got a four-lane motorway and the journey time is only a three-hour drive away.

Read next: Best 802.11ac wireless routers 2016.

Therefore, if you’re experiencing slow Wi-Fi, your router security methods could very well be the reason why you can’t load up PC Advisor fast enough. This is yet another reason to stay away from WPA and TKIP. In the WPA2-PSK (mixed mode) / WPA2-PSK (TKIP/AES) mode, your router will automatically detect which encryption to use, depending on which phone, tablet or other wireless device you have, which most of the time will have the ability to work with AES. Read next: How to improve Wi-Fi in the home.

Can I hack my own router?

For some, there's the option to customise your router even further, which requires you to change the firmware and void your router’s warranty.

The reasoning behind this is to make your consumer-grade router into an enterprise-grade one. Manufacturers don’t present advanced options to consumers as they don’t want to confuse them. We’re not going to give you a tutorial in this article, but you’ll be able to find plenty of information about certain firmware versions you can flash, such as DD-WRT and Tomato Firmware on their respective websites.

We hope this article has helped you stay more secure and will prevent hackers from stealing your data.