How To Check if Someone is Using Your WiFi
Having a network to administer used to be a job for IT specialists in big companies. However, the world has grown more technologically advanced, so now businesses small and large, most households, and libraries have their own network to manage and maintain. These days, setting up a WiFi connection is easy and inexpensive.
Some users have a WiFi network running off their cable or DSL Internet service, while others run WiFi using their smartphone as an access point. Most smart phones have the capacity to act as mobile hot spots and tether a wireless internet connection to other devices.
Signs That Someone is Accessing Your Wifi
Regardless of how many of us are using WiFi now, most of us haven’t been trained in network security. That means your WiFi network may well be vulnerable to malicious hackers or those who simply want to use your Internet access for free, either way, it’s unwanted and unlawful.
It helps to be aware of certain warning signs that can indicate that someone is connecting to your network without permission. One common sign is a slower Internet connection. Every Internet connection takes up some bandwidth, and if someone is downloading torrents or playing online games on your network without your permission, then your traffic is going to slow down.
Knowing who is using your WiFi and when is crucial for keeping your network secure. This tutorial will show you how to check if someone is using your WiFi, how to kick them off, and how to help prevent them and anyone else from accessing your WiFi again.
Check Who is Using Your WiFi Network
There are several ways to detect whether or not someone is using your wireless network, let’s go over a few.
Simple Methods to Check if Someone’s Accessing Your WiFi
One low-tech way is to shut off all your computers and smartphones and tablets so that none of your devices are turned on. Then, check the activity lights on your wireless router (often called a wireless modem if you’re connected to cable or DSL broadband Internet). If regular activity still appears on the router even though none of the authorized users are powered on, then that’s a sign that someone is using your WiFi without your permission.
Using the Web Browser to Access Your Router
The next step is to use a web browser to log onto your wireless router’s access page. Nearly all home routers have an online access page that you can get to from any computer that is linked to the router.
Common URLS for Routers
The URL to type into your browser window varies from router to router but it’s almost always an IP address. You can find the exact URL by checking your router documentation. Check on the router itself to see if the address is printed on the label, or by using the default addresses: a huge number of routers use http://192.168.0.1 or http://192.168.1.1.
If you use Xfinity (Comcast) to access the Internet, the default URL for accessing your router/modem may be http://10.0.0.1/.
You can just enter the number (e.g., “192.168.0.1”) in the address bar of your browser and hit enter. This will take you to the administrative interface for your router. You can find information on Netgear routers here, Belkin routers here, and information on Asus routers here.
Router Login Credentials
You’ll need to know the administrator password for your router to log in. You should have recorded this password when you set up your router, or it should have been set for you by the installation technician if you had someone else do your network setup.
The most common default username is
admin and the most common default password is
admin as well. Other very common default passwords are ‘1234’ or simply just the word ‘password’.
If you use a router/modem provided with your Comcast/Xfinity service and haven’t changed the password from the original one, the default username may be
admin and the default password might be just
Identifying Connected Devices
Once you’ve logged on, take a look at your router’s administration page for the list of connected devices. On a Netgear router, this is usually listed under Maintenance>Attached Devices. On a Linksys router, it’s listed under Network Map.
Other routers will have their own organizational structure for this information, but every router should provide it. Once you are at the list, you can identify every device listed by its MAC address.
Here’s a TechJunkie article offering a quick explanation of what MAC addresses are. All you need to know for now is that every device has its own unique number that’s used to identify it on the Local Area Network, which is your WiFi network in this case.
You can find the MAC address for all your computers, compare them to the list, and then see if there are any devices on the list that you don’t recognize as belonging to an authorized network user.
If you have trouble identifying all the devices listed, turn your devices off or refresh the map. It’s a process of elimination. Don’t forget to include smart TVs and any other devices connected to your WiFi such as Roku players or Amazon Echos.
If all this messing around with MAC address and router management pages is a bit outside of your technical comfort zone, don’t worry. There are some excellent third-party tools that will help you do the job.
F-Secure Router Checker
One such great tool is the F-Secure Router Checker. It is a free and quick solution to see whether your router had been hijacked or not.
Just navigate to the website, select the blue “Check Your Router” button and let the website do its work. It will assess any vulnerabilities in your router and alert you to them.
The WiFi Inspector
Another route is to download WiFi Inspector, a Google Play app that scans your WiFi network and tells you what devices are using it. It is a good way to identify devices accessing your network.
A great and simple tool to use for scanning a WiFi network is ZMap. Although it currently only runs on MacOS, Linux, and BSD, ZMap is an easy-to-use tool that provides a lot of functionality and a GUI to make it simple to understand. Windows users worry not, you can easily run ZMap in a virtual machine.
Often presented as the teacher of NMap, ZMap is a program you want to have in your virtual toolbelt.
Secure Your WiFi Network From Intruders
What should you do if you identify someone using your WiFi network without your permission? The first step is to remove them and then make sure they won’t be able to do it again.
The instructions below are tested using a Linksys Smart Router. Your router may differ slightly and use different terminology. Just adapt the following instructions to your specific model.
- Log into your router and access the admin interface.
- Select the Wireless part of the interface or find Guest network.
- Turn off the Guest network unless you specifically use it.
- Turn off wireless. On a Linksys router, this is a toggle. This will kick everyone off your WiFi, so notify anyone beforehand.
- Select WPA2 as the wireless security mode if it isn’t already selected. This is the best option for most users.
- Change the wireless access password and save changes.
- Enable wireless once more.
- Change the password on any devices that connect to WiFi.
If your router doesn’t support WPA2, you should upgrade; it’s the de facto standard for wireless security. For more on choosing the right router, please see this TechJunkie article on how to buy the right router for your needs.
Change the password to something as difficult as is practical while still being able to remember it. Mix upper and lower case letters and numbers. If your router allows, throw in a special character or two for good measure.
Additional WiFi Security Measures
Extra steps you can take include disabling WiFi protected setup and upgrading the router firmware. There should be a setting in the wireless part of your router that disables WPS. This is a known vulnerability in shared properties, dorms or other places where you don’t control who comes and goes. Turn it off to stop people being able to authenticate on your network if they have physical access to the router hardware.
Upgrading router firmware allows your router to benefit from any security patches or fixes. The recent KRACK vulnerability is a case in point, it found a weakness in WPA2 which was quickly patched out. Only a router firmware update can fully protect you, so allow automatic updates on your router if it is possible, otherwise, check regularly for updates.
Those are the basics of how to check if someone is using your WiFi and how to stop them from doing it again. Do you know of any other ways to achieve this goal? If so, please share them with us in the comments below!