Here’s a guide to some of the best practices you can embrace to ensure that your router — and, by extension, all your internet gadgets — is safe.

  • Routinely update the firmware
    • Even though a router lacks moving parts, it needs to be maintained with the latest security updates. Easier said than done, right? Here is a basic step-by-step for how to do that:
      • Consult the instruction manual for your router to get its IP address, a string of numbers that you will punch into a web browser for access to the router’s web dashboard. Jot down the number and store it somewhere safe like your filing cabinet.
      • After entering the router’s IP address into a web browser, log in to the base station with your username and password. In the router’s web dashboard, click on the firmware settings. Look for a button that lets you check for the latest firmware version.
      • If an update is available, choose to install it and let the router restart. Repeat this process every three to six months.
      • If you use a router provided by a broadband provider like Comcast or Verizon, call the customer service department and ask whether your equipment has been updated with the latest firmware.
    • Set a unique username and password
      • When you log in to your router, if your username and password are something like “admin” and “password,” you have a problem. Many Wi-Fi stations come with weak, generic passwords by default that manufacturers intend for you to change.
      • The problem with having a weak username and password is that anybody within range of your router could log in to it and change its settings, potentially opening it up to the outside world, said Dave Fraser, chief executive of Devicescape, a company that helps make public Wi-Fi networks more reliable for mobile phone service.
      • So while you are checking for firmware updates in your router’s web dashboard, make sure to also check your security settings and change the username and password to something strong and unique. Security experts recommend creating long, complex passwords consisting of nonsensical phrases and added numbers and special characters. (Examples: My fav0rite numb3r is Gr33n4782# or The cat ate the C0TT0n candy 224%.) Write down these credentials on the same piece of paper where you recorded your IP address.
    • Replace your router every few years
      • Even if your router still appears to work properly, the device has reached the end of its life when manufacturers stop supporting it with firmware updates, leaving it vulnerable to future cyberthreats. You can expect this to happen every three to five years. At that point, it is crucial to upgrade to a new piece of hardware.
      • The best way to check is to look up your router on the manufacturer’s website and read notes about its firmware releases. If there hasn’t been a firmware update in the last year, the router has probably been discontinued.
      • Among the routers affected by the VPNFilter malware, a significant portion of them were more than five years old, said Cisco’s Mr. Watchinski.
      • If it is time to update your router, rid yourself of some of these headaches by looking for a smarter router. Check for Wi-Fi systems that offer automatic updates to spare you the headache of having to check and download updates periodically. Many modern Wi-Fi systems include automatic updates as a feature. My favorite ones are Eero and Google Wifi, which can easily be set up through smartphone apps.The caveat is that smarter Wi-Fi systems tend to cost more than cheap routers that people are accustomed to. Eero’s base stations start at $199, and a Google Wifi station costs $119, compared with $50 for a cheap router. For both of these systems, you can also add base stations throughout the home to extend their wireless connections, creating a so-called mesh network.

        Fraser noted that more modern Wi-Fi systems should have longer life spans because the companies sometimes relied on different revenue streams, like selling subscriptions to network security services.