Best Router Settings For Mac

Fox News Flash top headlines for April 9

Fox News Flash top headlines are here. Check out what's clicking on Foxnews.com.

Wireless Router Standards: Compatibility is Key. The wireless standards supported by a router. If you’re not familiar with Wi-Fi access point/router settings, you can try contacting your internet service provider. Ask your provider to help you view and change these settings. Summary of recommended settings. Here are the most important recommended Wi-Fi and router settings for use with Nest products. For more details, see the sections.

While the world is focused on the coronavirus, malicious hackers, cybercriminals and scammers are pushing out their own form of malware. IBM’s X-Force reports that COVID-19 related spam is up a whopping 14,000% over the last few weeks. Fake coronavirus cures, phony stimulus checks and convincing robocallers are competing for your money.
Tap or click here to see what these scams look like so you can avoid them.

But it could very likely get a lot worse. Consider if a state or hacking group wanted to launch a coordinated cyberattack. It’s a lot easier now than it was a few months ago. In the rush to stop the spread, we left our IT-protected corporate confines and started in earnest working from home.

People starting using video conference programs with no regard for security and providers had no clue how to handle the influx of new users. ‘Zoombombing’ entered our lexicon. Tap or click here for the setting you must change to secure your meetings.

The cybersecurity naive began hooking up new gear, signing on to work networks, swapping files, installing apps and programs. Many folks don’t have a clue about basic security settings. And I haven’t even mentioned the kids’ role in all this digital security pandemonium.

Don’t be complacent. Just like we had to work together to flatten the curve, we have to work together to secure our digital lives. It starts with your router.

First, check your router’s admin page

Before you start, make sure you can get into your router’s administration console; this is where you manage your router’s settings, including password management and firmware updates.

First, make sure your computer is connected (either wired or wirelessly) to your router, open a web browser and type in the router’s IP address.

The IP address is a set of numbers, and the default depends on your router’s manufacturer. The common ones are 192.168.1.1, 192.168.0.1 or 192.168.2.1.

If you don’t know your router’s IP address or password, it’s on the internet. Here is a site that gives you both in a matter of seconds. Note: Hackers know about this site, too!

1. Select the best encryption

Criminals love unsecured home Wi-Fi networks. Securing your Wi-Fi network can also shield you from unwelcome connections that may be using your network for illegal activities.

This is why it’s important to protect your Wi-Fi network with strong encryption. If you are required to enter a password to connect to your Wi-Fi, you already have some encryption enabled on your router.

There are different types of Wi-Fi encryption, and you have to make sure you use the most secure one you can.

The most widely-used Wi-Fi security protocol right now is still Wi-Fi Protected Access 2 (WPA2) encryption. However, this standard is over a decade old, and it is already susceptible to serious security vulnerabilities like 2017’s KRACK attack.

If you’re shopping for a new router, look for one that supports the newest security standard, called WPA3. These models have just started rolling out.

Every router has a different menu layout, but you should be able to find encryption under the “Wireless” or “Security” menu. You’ll have a number of encryption options; if you still have an older router, you want to select one that starts with “WPA2”. If your router is not WPA3 compatible, then “WPA2-PSK AES” is your best option right now.

However, if you have older Wi-Fi gadgets, you might have to select the hybrid option “WPA2-PSK AES + WPA-PSK TKIP” to get them working.

Best Wireless Router For Macs

Never choose Open (no security), or if it is using WEP, change the security setting immediately. An open network will make it easy for someone to steal your Wi-Fi, and the older WEP security is easily hacked.

If the only encryption options your router has are WEP or WPA, tell your router to check for a firmware update. Look in your manual for the instructions.

Don’t have your manual anymore? Try ManualsLib or ManualsOnline, which both have hundreds of thousands of manuals, from routers to refrigerators to anything else you might need.

If there’s no firmware update or your router updates but you’re still stuck with WPA or WEP, it’s time to buy a new router. These encryption methods are too unsafe to use, plus it means your router is probably more than 7 years old.

TECH ADVICE IN YOUR INBOX: Get tech tips you can trust with free email newsletters from my desk to your inbox. Tap or click here to try The Current, my new ad-free newsletter.

2. Pros set up an additional separate network

A great tactic is to put visitor devices on a separate network. You do this by setting up a completely different Wi-Fi router or enabling your router’s “Guest Network” option, a popular feature for most routers.

Guest networks are meant for visitors to your home who might need a Wi-Fi internet connection. They can connect without gaining access to the shared files and devices within your network.

This segregation will also work for your smart appliances, and it can shield your main devices from specific Internet of Things attacks.

To avoid confusion with your primary network, set up your guest network with a different network name (SSID) and password. Please make sure you set up a strong and super-secure password on your guest network, as well. You still won’t want crooks and strangers mooching off it for security reasons.

Newer routers do this segmentation automatically. With this feature, it allows users to put Internet of Things appliances on a separate network, shielding your central computers and other personal gadgets from attacks.

With this virtual zoning of your network, you can still allow all your smart appliances and hubs to communicate with each other while keeping your main computing gadgets safe in the event of an Internet of Things attack.

Also, if you’re worried about “wardrivers,” or people roaming around looking for Wi-Fi spots to hack, you can disable the broadcasting of your network and your guest network’s name (SSID) entirely.

3. Use the free parental controls

Best Router Settings For Mac Os

To shield your kids from inappropriate sites, most routers have built-in content filters, parental controls and time-based restrictions.

To enable these filters, visit your router’s administrator page or app again and look for a section called “Parental Controls” or “Access Controls.” Here, you can choose what type of sites to disable access to, set the schedule when the filters are in effect and set curfew hours for certain gadgets.

You can even set filters for specific IP and MAC addresses. The downside of this method is the inconvenience, plus it takes a bit of technical skill to pull this off. The good thing about this is that you’ll have a map of all your connected gadgets and their corresponding IPs.

To take this a bit further, turn on MAC (Multimedia Access Control) filtering. With MAC filtering on, you can specify which MAC addresses will be allowed to connect to your network at certain times.

Note: MAC addresses can usually be found in the gadget’s settings, label or manual. Look for a set of 16 alphanumeric characters. (Here’s an example of what a MAC address will look like: 00:15:96:FF:FE:12:34:56 )

4. Turn on the VPN

You have likely heard of a VPN (Virtual Private Network), which is an excellent way to boost your online security and privacy.

With a VPN, your gadget’s IP address is hidden from websites and services that you visit, and you’re able to browse anonymously. Web traffic is also encrypted, meaning not even your internet service provider can see your online activity. It’s a good way to hide your internet tracks from would-be snoops.

VPN services are typically accessed via software. I use and recommend ExpressVPN. Full disclosure, they are a sponsor on my national radio show and listeners get 3 months free.

Some newer routers can be configured with VPN capabilities straight into the router itself. Instead of protecting each gadget protected with its own VPN service, your router will protect every connected device.

Routers with this capability have open-source router software support (such as DD-WRT), and they can be configured to use services like OpenVPN.

Currently, there are a variety of open source and OpenVPN capable routers to choose from, but the most popular models are the Linksys AC3200 and the Netgear Nighthawk AC1900.

5. Turn on and test the firewall

One valuable tool that can protect your router from hackers is a firewall. With it, even if they manage to know your router’s location and IP address, the firewall can keep them from accessing your system and your network.

Almost every newer router has built-in firewall protections in place. They might be labeled differently, but look for features under your router’s advanced settings like NAT filtering, port forwarding, port filtering and services blocking.

With these controls, you can configure and specify your network’s outgoing and incoming data ports and protect it from intrusions. Be careful when tweaking your port settings though, since a wrong port setting can leave your router vulnerable to port scanners, giving hackers an opportunity to slip past.

To check if your router’s firewall and your ports are secure, you can use this online tool for a quick test.

BONUS TIP FOR EXTRA KNOW-HOW: Tech how-to: Set up multiple desktops to keep work and home separate

Multitasking can feel overwhelming when working from home. You’ve got your work tabs and personal tabs all running at once, not to mention all the new work-related programs you have to use.

Worse still is if you share a computer with the family. But you can separate work from home programs by using multiple desktops.

What digital lifestyle questions do you have? Call Kim’s national radio show and tap or click here to find it on your local radio station. You can listen to or watch the Kim Komando Show on your phone, tablet, television or computer. Or tap or click here for Kim’s free podcasts.

Copyright 2020, WestStar Multimedia Entertainment. All rights reserved.

Learn about all the latest technology on The Kim Komando Show, the nation's largest weekend radio talk show. Kim takes calls and dispenses advice on today's digital lifestyle, from smartphones and tablets to online privacy and data hacks. For her daily tips, free newsletters and more, visit her website at Komando.com.

This article is for network administrators and others who manage their own network. If you're trying to join a Wi-Fi network, one of these articles should help:

• Mac: Connect to Wi-Fi and resolve Wi-Fi issues.
• iPhone, iPad, iPod touch: Connect to Wi-Fi and resolve Wi-Fi issues.

Before changing the settings on your router

1. Back up your router's settings, in case you need to restore the settings.
2. Update the software on your devices. This is critical to ensure that your devices have the latest security updates and work best with each other.
   • First install the latest firmware updates for your router.
   • Then update the software on your other devices, such as on your Mac and on your iPhone or iPad.
3. On each device that previously joined the network, you might need to forget the network to ensure that the device uses the router's new settings when rejoining the network.

Router settings

To ensure that your devices can reconnect reliably to your network, apply these settings consistently to each Wi-Fi router and access point, and to each band of a dual-band, tri-band, or other multiband router.

Network name (SSID)

A single, unique name (case-sensitive)

The Wi-Fi network name, or SSID (service set identifier), is the name your network uses to advertise its presence to other devices. It's also the name that nearby users see on their device's list of available networks.

Use a name that's unique to your network, and make sure that all routers on your network use the same name for every band they support. For example, don't use common names or default names such as linksys, netgear, dlink, wireless, or 2wire, and don't give your 2.4GHz and 5GHz bands different names.

If you don't follow this guidance, devices might not connect reliably to your network, to all routers on your network, or to all available bands of your routers. And devices that join your network are more likely to encounter other networks that have the same name, and then automatically try to connect to them.

Hidden network

Disabled

A router can be configured to hide its network name (SSID). Your router might incorrectly use ”closed” to mean hidden, and ”broadcast” to mean not hidden.

Hiding the network name doesn't conceal the network from detection or secure it against unauthorized access. And because of the way that devices search for and connect to Wi-Fi networks, using a hidden network might expose information that can be used to identify you and the hidden networks you use, such as your home network. When connected to a hidden network, your device might show a privacy warning because of this privacy risk.

To secure access to your network, use the appropriate security setting instead.

Security

WPA3 Personal for better security, or WPA2/WPA3 Transitional for compatibility with older devices

The security setting defines the type of authentication and encryption used by your router, and the level of privacy protection for data transmitted over its network. Whichever level of security you choose, always set a strong password for joining the network.

• WPA3 Personal is the newest, most secure protocol currently available for Wi-Fi devices. It works with all devices that support Wi-Fi 6 (802.11ax), and some older devices.
• WPA2/WPA3 Transitional is a mixed mode that uses WPA3 Personal with devices that support that protocol, while allowing older devices to use WPA2 Personal (AES) instead.
• WPA2 Personal (AES) is appropriate when you can't use one of the more secure modes. In that case, also choose AES as the encryption or cipher type, if available.

Settings that turn off security, such as None, Open, or Unsecured, are strongly discouraged. Turning off security disables authentication and encryption and allows anyone to join your network, access its shared resources (including printers, computers, and smart devices), use your internet connection, and monitor data transmitted over your network or internet connection (including the websites you visit). This is a risk even if security is turned off temporarily or for a guest network.

Don't create or join networks that use older, deprecated security protocols like WPA/WPA2 Mixed Mode, WPA Personal, TKIP, Dynamic WEP (WEP with 802.1X), WEP Transitional Security Network, WEP Open, or WEP Shared. These are no longer secure, and they reduce network reliability and performance. Apple devices show a security warning when joining such networks.

MAC address filtering, authentication, access control

Disabled

When this feature is enabled, your router can be set up to allow only devices that have specified MAC (media access control) addresses to join the network. You shouldn't rely on this feature to prevent unauthorized access to your network, for these reasons:

• It doesn't prevent network observers from monitoring or intercepting traffic on the network.
• MAC addresses can easily be copied, spoofed (impersonated), or changed.
• To help protect user privacy, some Apple devices use a different MAC address for each Wi-Fi network.

To secure access to your network, use the appropriate security setting instead.

Automatic firmware updates

Enabled

If possible, set your router to automatically install software and firmware updates as they become available. Firmware updates can affect the security settings available to you, and they deliver other important improvements to the stability, performance, and security of your router.

Radio mode

All (preferred),or Wi-Fi 2 through Wi-Fi 6 (802.11a/g/n/ac/ax)

These settings, available separately for the 2.4GHz and 5GHz bands, control which versions of the Wi-Fi standard the router uses for wireless communication. Newer versions offer better performance and support more devices concurrently.

It's usually best to enable every mode offered by your router, rather then a subset of those modes. All devices, including older devices, can then connect using the fastest radio mode they support. This also helps reduce interference from nearby legacy networks and devices.

Bands

Enable all bands supported by your router

A Wi-Fi band is like a street over which data can flow. More bands provide more data capacity and performance for your network.

Channel

Auto

Each band of your router is divided into multiple, independent communication channels, like lanes in a street. When channel selection is set to automatic, your router selects the best Wi-Fi channel for you.

If your router doesn't support automatic channel selection, choose whichever channel performs best in your network environment. That varies depending on the Wi-Fi interference in your network environment, which can include interference from any other routers and devices that are using the same channel. If you have multiple routers, configure each to use a different channel, especially if they are close to each other.

Channel width

20MHz for the 2.4GHz band
Auto orall widths (20MHz, 40MHz, 80MHz) for the 5GHz band

Channel width specifies how large of a ”pipe” is available to transfer data. Wider channels are faster but more susceptible to interference and more likely to interfere with other devices.

• 20MHz for the 2.4GHz band helps to avoid performance and reliability issues, especially near other Wi-Fi networks and 2.4GHz devices, including Bluetooth devices.
• Auto or all channel widths for the 5GHz band ensures the best performance and compatibility with all devices. Wireless interference is less of a concern in the 5GHz band.

DHCP

Enabled, if your router is the only DHCP server on the network

DHCP (dynamic host configuration protocol) assigns IP addresses to devices on your network. Each IP address identifies a device on the network and enables it to communicate with other devices on the network and internet. A network device needs an IP address much like a phone needs a phone number.

Your network should have only one DHCP server. If DHCP is enabled on more than one device (such as on both your cable modem and router), address conflicts might prevent some devices from connecting to the internet or using network resources.

DHCP lease time

8 hours for home or office networks; 1 hour for hotspots or guest networks

DHCP lease time is the length of time that an IP address assigned to a device is reserved for that device.

Wi-Fi routers usually have a limited number of IP addresses that they can assign to devices on the network. If that number is depleted, the router can't assign IP addresses to new devices, and those devices can't communicate with other devices on the network and internet. Reducing DHCP lease time allows the router to more quickly reclaim and reassign old IP addresses that are no longer being used.

NAT

Enabled, if your router is the only device providing NAT on the network

NAT (network address translation) translates between addresses on the internet and addresses on your network. NAT can be understood by imagining a company's mail department, where deliveries to employees at the company's street address are routed to employee offices within the building.

Generally, enable NAT only on your router. If NAT is enabled on more than one device (such as on both your cable modem and router), the resulting ”double NAT” might cause devices to lose access to certain resources on the network or internet.

WMM

Enabled

WMM (Wi-Fi multimedia) prioritizes network traffic to improve the performance of a variety of network applications, such as video and voice. All routers that support Wi-Fi 4 (802.11n) or later should have WMM enabled by default. Disabling WMM can affect the performance and reliability of devices on the network.

Device features that can affect Wi-Fi connections

These features might affect how you set up your router or the devices that connect to it.

Private Wi-Fi Address

If you're connecting to a Wi-Fi network from an iPhone, iPad, iPod touch, or Apple Watch, learn about using private Wi-Fi addresses in iOS 14, iPadOS 14, and watchOS 7.

Location Services

Make sure that your device has Location Services turned on for Wi-Fi networking, because regulations in each country or region define the Wi-Fi channels and wireless signal strength allowed there. Location Services helps to ensure that your device can reliably see and connect to nearby devices, and that it performs well when using Wi-Fi or features that rely on Wi-Fi, such as AirPlay or AirDrop.

On your Mac:

1. Choose Apple menu  > System Preferences, then click Security & Privacy.
2. Click the lock in the corner of the window, then enter your administrator password.
3. In the Privacy tab, select Location Services, then select Enable Location Services.
4. Scroll to the bottom of the list of apps and services, then click the Details button next to System Services.
5. Select Wi-Fi Networking, then click Done.

On your iPhone, iPad, or iPod touch:

1. Go to Settings > Privacy > Location Services.
2. Turn on Location Services.
3. Scroll to the bottom of the list, then tap System Services.
4. Turn on Networking & Wireless (or Wi-Fi Networking).
   

Auto-Join when used with wireless carrier Wi-Fi networks

Wireless carrier Wi-Fi networks are public networks set up by your wireless carrier and their partners. Your iPhone or other Apple cellular device treats them as known networks and automatically connects to them.

If you see ”Privacy Warning” under the name of your carrier's network in Wi-Fi settings, your cellular identity could be exposed if your device were to join a malicious hotspot impersonating your carrier's Wi-Fi network. To avoid this possibility, you can prevent your iPhone or iPad from automatically rejoining your carrier’s Wi-Fi network:

1. Go to Settings > Wi-Fi.
2. Tap next to the wireless carrier's network.
3. Turn off Auto-Join.