Helping people with computers... one answer at a time.

Mobile security is important. There are several things you'll want to do to secure your hotspot.

What's the best practice configuration for mobile hotspots? For example, the Verizon 4G LTE 890L jet pack. Is it possible or recommended to change the password that appears on the underside of the device? Should I change the SSID? I have several of these units and must ensure the utmost security.

In this excerpt from Answercast #60, I look at the necessary security steps to take with mobile hotspots.

Mobile hotspot security

Well, there are definitely several things you want to do with each one of those devices.

I'm not really not that concerned about changing the SSID. I would recommend that you do so mostly for your convenience, simply so that you have an SSID that you can recognize when you see it over the air.

I carry a cellular phone that falls into this same category. It's a mobile hotspot that I can turn on. And yeah, I have my own SSID (it's called Ask Leo! surprisingly enough), but that doesn't add a layer of security by any stretch.

Adding security

What does though are the two things that you've just recommended. Definitely change the administrative password that appears on the underside of the device.

What it boils down to is that anybody who could see the underside of the device even briefly (maybe long enough to take a picture of it) could get the administrative password to the hotspot.

That's not something you want somebody else to have. So, change it to something else. Change it to something that you know you will remember, and that you can use then to administer the rest of the settings on that mobile device.

Similarly, the other thing that you happened to mention that I would strongly recommend you do is:

  • Make sure that the wireless hotspot is configured to only accept connections using WPA2 security;

  • And that that security have an appropriately complex or secure password.

Appropriately secure password

That is probably the most important part of the configuration of this device. That's what secures the actual conversation between the device and the computers nearby. It prevents anybody within range from randomly snooping on the conversations and potentially sniffing sensitive data that's going across that wireless connection.

Do that:

  • Change the administrative password, absolutely!

  • Make sure you're using WPA2 security for the wireless connection itself.

  • Set an SSID, if you like. It can be something convenient, but don't think that it adds any security.

And for the record, this applies not only to mobile hotspots - like the dedicated devices you're talking about. The little Mi-Fi kind of devices are stand-alone but this absolutely applies to cellular phones - smartphones that themselves that can be turned into wireless hotspots by running an appropriate application.

Make sure that the administrative password (if there is one) is set appropriately. Make sure that the Wi-Fi connection itself is similarly configured to use WPA2 with an appropriately secure password.

End of Answercast #60 Back to - Audio Segment

Article C5909 - October 11, 2012 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

2 Comments
Doug
October 11, 2012 3:37 PM

treat your mobile broadband hotspot like a regular WiFi hotspot

Richard
October 16, 2012 3:31 AM

If a domestic WiFi router (where mobile or static) has WPA2 security and a strong password, does it really matter whether or not the Admin password is changed?
I would have thought that my neighbours would not be able to connect to the router and therefore would not be able to access the admin login screen?
Changing the admin password seems to me to be more relevant in a business environment?

There is malware that, if it runs on your machine, knows about router default passwords - if you leave the router with a default password then it will reconfigure the router in ways that will eventually cause more malware to be downloaded onto your machine or worse. Even without the malware anyone who has access to your local network can play with the router if you don't change the default password.
Leo
16-Oct-2012

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to http://askleo.com/ask to ask your question.