Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

How do I properly secure a mobile broadband hotspot?

Question:

What’s the best practice configuration for mobile hotspots? For example, the
Verizon 4G LTE 890L jet pack. Is it possible or recommended to change the
password that appears on the underside of the device? Should I change the SSID?
I have several of these units and must ensure the utmost security.

In this excerpt from
Answercast #60
, I look at the necessary security steps to take with mobile
hotspots.

Become a Patron of Ask Leo! and go ad-free!

Mobile hotspot security

Well, there are definitely several things you want to do with each one of
those devices.

I’m not really not that concerned about changing the SSID. I would
recommend that you do so mostly for your convenience, simply so that you have
an SSID that you can recognize when you see it over the air.

I carry a cellular phone that falls into this same category. It’s a mobile
hotspot that I can turn on. And yeah, I have my own SSID (it’s called Ask Leo!
surprisingly enough), but that doesn’t add a layer of security by any
stretch.

Adding security

What does though are the two things that you’ve just recommended. Definitely change the administrative password that appears on the underside
of the device.

What it boils down to is that anybody who could see the underside of the
device even briefly (maybe long enough to take a picture of it) could get the
administrative password to the hotspot.

That’s not something you want somebody else to have. So, change it to
something else. Change it to something that you know you will remember, and
that you can use then to administer the rest of the settings on that mobile
device.

Similarly, the other thing that you happened to mention that I would
strongly recommend you do is:

  • Make sure that the wireless hotspot is configured to only accept connections
    using WPA2 security;

  • And that that security have an appropriately complex or secure
    password.

Appropriately secure password

That is probably the most important part of the configuration of this
device. That’s what secures the actual conversation between the device and the
computers nearby. It prevents anybody within range from randomly snooping on
the conversations and potentially sniffing sensitive data that’s going across
that wireless connection.

Do that:

  • Change the administrative password, absolutely!

  • Make sure you’re using WPA2 security for the wireless connection itself.

  • Set an SSID, if you like. It can be something convenient, but don’t think that
    it adds any security.

And for the record, this applies not only to mobile hotspots – like the
dedicated devices you’re talking about. The little Mi-Fi kind of devices are
stand-alone but this absolutely applies to cellular phones – smartphones that
themselves that can be turned into wireless hotspots by running an appropriate
application.

Make sure that the administrative password (if there is one) is set
appropriately. Make sure that the Wi-Fi connection itself is similarly
configured to use WPA2 with an appropriately secure password.

End of Answercast #60 Back to –
Audio Segment

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

2 comments on “How do I properly secure a mobile broadband hotspot?”

  1. If a domestic WiFi router (where mobile or static) has WPA2 security and a strong password, does it really matter whether or not the Admin password is changed?
    I would have thought that my neighbours would not be able to connect to the router and therefore would not be able to access the admin login screen?
    Changing the admin password seems to me to be more relevant in a business environment?

    There is malware that, if it runs on your machine, knows about router default passwords – if you leave the router with a default password then it will reconfigure the router in ways that will eventually cause more malware to be downloaded onto your machine or worse. Even without the malware anyone who has access to your local network can play with the router if you don’t change the default password.

    Leo
    16-Oct-2012
    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.