The FRITZ!Boxes from the German AVM are known for being very versatile. They are also regularly updated. We dive into the security settings of these routers. Many of the following tips and recommendations also apply to other brands and types of routers, but you will then have to look for exactly where a certain setting is located. This way you keep your FRITZ!Box safe and up-to-date.
The vast majority of routers in use are bursting with security vulnerabilities, as recently emerged after a extensive research by the German Chip. The biggest problem here is that many manufacturers do not or hardly send any firmware updates after the release of a router. And if that happens at all, many routers are not set up in such a way that those updates are installed automatically.
In fact, most users see a router as a ‘set-and-forget’ device that they don’t pay attention to for the life of the thing. The latter phenomenon is especially noticeable among private owners.
If you understand a little more about computers, you will understand that a router is also just a computer. Usually running on some Linux variant. Here too, loopholes and errors pop up from time to time that can lead to security problems. For desktop systems and servers, update packages are installed on a regular basis, on IOT stuff – including routers fall – often not at all.
FRITZ!Box can also be updated automatically
So lesson one: make sure that you manually check regularly whether there are updates available for your FRITZ!Box. Or turn on the automatic update function. To arrange this, log in via the web interface of your FRITZ!Box (usually accessible via 192.168.1.1). On the Overviewpage click on the top right Version up to date (or the notification that an update is available). In the latter case, click on the download/installation link and follow the prompts.
It is better to let things be handled automatically. Click on the tab for that Auto Update. You can now choose from three levels of auto-update feature.
Level III is actually the most recommendable, everything is handled automatically and you don’t have to worry about it anymore. The only drawback is that you may unexpectedly find yourself without internet and network connections in the house for a few minutes.
To make that unexpected aspect of it more manageable, toggle the Define Time Range and choose a start time for updates to be performed. As you can read, an update will be installed within three hours of that set time. So if you opt for a time in the nighttime hours, you will not be bothered by anything. click on Apply to make changes.
Change FRITZ!Box admin password
We come to another problem child: the admin password. Did you use the default password set by the manufacturer when you just logged in to the user interface of your FRITZ!Box? Or have you opted for a nice and easy-to-remember copy? Then it’s time to quickly adjust this.
If a malicious person somehow hooks up with you wifi network or can access it via the internet (we’ll get to that in a moment), then logging in with a standard password is very simple. Those default passwords are circulating everywhere online, if only in a router’s widely available PDF manual.
Fortunately, the chance that you use a default password with the FRITZ!Box is small, because during the setup you have to enter a password. secure password select. If you have not chosen a firm copy, you can adjust it by clicking below System (left column) on FRITZ!Box Users to click. Then click on the pin behind the user that was created during the installation (also administrator), the username varies (as it should).
Turn off online access immediately
First of all, check whether the option Access from the internet allowed off. If this is on, it is important to turn it off immediately. Enabled, this option makes it possible to manage your router online via the internet. A very bad thing, because not only do you expose the web interface to every potential malicious person in the world, but such a person can also try to get in through known security holes through back doors.
The possible (small) ease of use of a remotely manageable router in no way outweighs the major security risks associated with it! So out.
If you have not set a strong password for your FRITZ!Box, you can do so now. Use a password generator to generate a secure random character mix instance. Then copy and paste that in the field behind password.
click on Apply to implement any changes made. Furthermore, the FRITZ!Box offers NAS functionality via USB. By the option Access to NAS contents turning it off increases security a bit. Less useful if you actually use your router as central storage.
Do you really need extra features?
Many routers – including the FRITZ!Box – have all kinds of additional functions. Think of a NAS via USB, or a media server. If you do not use those parts (for example because you are using a real NAS), it is best to switch them off. Take a very critical look at unnecessary extras that are used here and there.
The NAS option in the FRITZ!Box can be found in the bottom left column Home Network and USB / Storage. An item lower you will find the Media Server at. It is – as was also clear from the research linked at the very beginning – that it is often these extras that contain the biggest security holes.
Buy a new router?
Of course, the more general tips also apply to both the FRITZ!Box and any router. Have strong WiFi passwords. In the case of the FRITZ!Box, you can also set up a guest network if desired (of course also provided with a strong password, guests can transfer the necessary data to their smartphone or tablet at lightning speed via a QR code). (left column) and then Guest Access.
Not necessarily needed? Then leave it out. But keep in mind if you simply give visitors your regular WiFi password, they also get access to everything available on your internal network. If a visitor, consciously or not, runs malicious apps that automatically search for data on your network, this is a significant security risk. Such a guest network is then a secure solution, completely separated from your home network.
Perhaps the most important security advice: if you’re using a really old router that hasn’t been updated for years, it’s time to recycle it. Do you have a provider-bound router that is already quite old, then don’t hesitate to buy a buy a new router. This not only provides much-needed safety, but often also provides extra speed.
.