Helping people with computers... one answer at a time.

Giving a neighbor temporary internet access seems like a neighborly thing to do. Before you do it, you should understand the risks of sharing your internet.

I have a next door neighbor who has a different internet provider than mine. When her service goes down, she asks me for the password to my router so that she can connect to the internet. I have no problem providing her with the password, but I wonder if anyone in her house can access my computer now through the router. I trust her but I am concerned that others might try to hack into my system. Should I be worried?

Worried? That might seem a bit strong, but some worry could certainly be reasonable.

I'd at least be somewhat concerned.

The short answer to your question is that yes, it's quite possible that someone on her computer with less than honorable intent could cause you grief in several ways.

Let's look at how.

It's all about trust

We need to start by understanding exactly what it means to share your internet connection.

One of the reasons why using a router is so important is that it provides a firewall between an untrusted network, such as the internet, and a trusted or safe network, such as the local network on which you have all of your computers connected.

The Trusted and Untrusted boundary

You implicitly trust all of the computers that are connected to your local network on the trusted side of the router. You know that you've taken whatever steps are appropriate to keep them secure and you understand the expertise and knowledge of the users of those computers. The bottom line is that you have a reasonable level of safety associated with those computers being able to communicate with each other.

The most important side-effect of being able to trust all of the computers on the trusted side of the router is that you don't need to take a lot of extra steps to protect those computers from each other. The biggest example might be that you probably don't need to have a firewall enabled on each and every computer; the router's firewall protecting them all from the un-trusted internet is enough.

Sharing your internet

By giving your neighbor a password, I assume that you mean that you are giving her your existing wifi password and that she is connecting using a wireless connection. (The alternative would be to string a cable to her house and I'm pretty sure you're not doing that. Smile)

That means that her computer is connecting to the trusted side of your router.

This changes that trust dynamic dramatically.

Network Boundary - with a potentially untrusted computer

As you've said, you don't really know how much you can trust your neighbor or perhaps the other people in her house.

In other words, you just allowed an un-trusted connection to the formerly trusted side of your router.

What could possibly go wrong?

There are several ways that a non-trusted computer or computer user could cause issues for you.

  • It could infect your computers with malware.

    You don't really know how up-to-date they are on things like computer security. For all you know, their machines have never been updated, have never run anti-malware software, and are liberally infected with all forms of viruses and spyware.

    Since you've been able to trust all of the computers on the trusted side of your router up to this point, you probably didn't bother to put firewalls on each individual computer. As a result, they are potentially vulnerable to a network-based threat coming from your neighbors poorly maintained computers.

  • It could be used to access your computer.

    It's possible, though not very likely, that your neighbor could access your computers directly. I say that that's not likely because you would need to have something like remote desktop access enabled on your system. Chances are you don't as that's the default configuration.

  • It could be used to snoop on your data.

    A more likely scenario is that your neighbor would be able to access files on your machines using Windows networking.

    Exactly how much of your computer's data is visible will vary depending on how you set up your network, but in the absolute worst case, it's conceivable that your neighbor could access all of the files on all of your computers. While that's a bit unlikely, a more common scenario is that your neighbor could access "some" of your files - where some once again depends on your specific network configuration.

  • It could get you in trouble.

    We've heard recent news reports of this just recently; it is possible that you could be legally liable for the activity of your neighbor over your internet connection.

    For example, if your neighbor were to begin downloading copyrighted material, such as music or movies, or downright illegal material, such as some forms of pornography, that could be traced back to your internet connection from which you are ultimately liable. (Caveat: I am not a lawyer, but it's my understanding that in most jurisdictions, you are liable. Seek appropriate counsel, if you're not sure.)

  • It could slow you down.

    There's the inconvenience factor to take into account. Allowing your neighbor access to your internet could potentially impact your own ability to use it.

    If they regularly perform large downloads or use it heavily, you could see your own use slow down significantly. If they get blocked or banned from certain sites, it's possible that the block could be against your IP address and apply to you as well.

What to do?

Needless to say the easiest - and safest - answer is to politely decline. Perhaps you can explain that you have heard some horror stories and don't want to put yourself or your neighbor at the risk of experiencing any kind of problem or misunderstanding.

If you want to allow your neighbor to access the internet through your connection, then you should at a minimum look to lower your risk. For example, I would make sure to enable the Windows firewall on all of the computers connected to your LAN to protect you from some of the threats of malware or data snooping.

A more secure solution is to invest in a second router.

Using Two Routers

The internet would connect to router number one and your neighbor would connect to router number one.

Router number two would be connected on the LAN side of router number one and all of your computers would be connected to router number two. Router number two maintains our un-trusted/trusted demarcation where all of your computers can remain on a trusted local network and everything that is untrusted, including both your neighbor and the internet at large, are on the other side of that router.

Unfortunately, it can be a bit of work to set up correctly, and it doesn't do anything to address the liability or bandwidth issues. It does, however, protect the computers on your local network from any malicious activity on the part of your neighbor, intended or otherwise.

Article C4920 - September 2, 2011 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

14 Comments
Ken B
September 3, 2011 2:40 PM

Note that you might not hove to buy a second router. For example, our wireless router has built-in support for "guest access". This has a separate SSID (along with separate security and keys), and a separate subnet, and the router keeps the guest part of the connections away from your main network. And you can change the guest access password any time you want, without affecting your main network.

You still have the same issues of them using your ISP's connection, but it makes for a much easier setup.

Those aren't very common (yet) but they do make this scenario much easier indeed.
Leo
04-Sep-2011

John
September 6, 2011 8:11 AM

Just bought a Netgear N600 Dual Band router at WalMart for $79 that allows you to create a guest network.

Texan 2000
September 6, 2011 8:46 AM

One other little thing, the legality. I don't think that the ISP wants you to be providing a contractually leased connection to people with whom they do not have a contract. Result, the ISP could remove your service and blackball you with other providers.

catherine
September 6, 2011 12:22 PM

my boyfriend has my ip address so he used hid laptop in my home, can he get into my computer from his in another location to spy on me?

Bob
September 6, 2011 3:33 PM

The trust actually goes both ways. If you allow your neighbor to share your network, each of you is trusting each of the computers in the other's home -- and any casual user of those computers.

Do they trust you -- and anybody who uses your computer? Do you trust them?

Personal boundaries can be hard to maintain. "Uncle Bob, I just want to check my Facebook account."

HBS
September 7, 2011 8:49 PM

@Catherine:
If your BF has access to your wifi, he has access to the other computers on the network. What he might actually see, as Leo said, depends on how you have your network and each PC set up.
Also, there is software available to extend your network, world-wide. He could conceivably,while in range of your wifi, set up a web connection, which is accessible from anywhere. Not likely, but possible. I think what it comes down to is, if you don't trust your BF, change your wifi password.

Chris
September 8, 2011 7:26 AM

Hi, I have a need for a similar setup as Leo describes in his reply. You state that "it can be a bit of work to set up correctly" can you elaborate? Your solution would fit my needs, but I am having trouble with the specifics of setting up two Linksys WAG200's. I can either post a new question or supply further info.

Unfortunately "I'm having trouble" doesn't give me any details to go on. Try posting a complete description here. Thanks.
Leo
08-Sep-2011

SRemund
September 12, 2011 9:29 AM

If the neighbors ISP goes down, she should contact them, not ask someone to use their passwords. I would never do that, either ask or let it happen. Maybe she needs to get a better ISP. IMHO

Jim de Graff
September 13, 2011 9:06 AM

If possible, you should set your router to restrict use to specific macids (specific computers). That would prevent your neighbour from giving access to others. You may also have the option, depending on your router, of restricting internet access to specific times of the day.

I'd encourage you to read this article: Is MAC address filtering a viable wireless security option?
Leo
14-Sep-2011

john omeara
November 18, 2011 8:03 PM

This concerns how to set up a pair of routers, in serial, as described in "is it safe to share my internet connection . .".

I have tried to do this with two Linksys routers (different vintages) to provide an open connection for visitors/parents to a small non-profit school. There is some bit of knowledge I don't have in how to set up the addressing-subnets-address ranges.

Is there a reference somewhere on how to do this? Serial connection of 2 WiFi routers is an elegant solution, except when you can't find a configuration that works.

jay manship
December 12, 2011 6:33 PM

Most high technological routers these days have a Wifi guest account, which can be turned on or off just as easy as getting on to google. with that being said upgrade your router it is 2011. I suggest the N300 Netgear in your situation, $80 at best buy. If your looking for a cheap way create a lan, and add ur neighbor and restrict the internet abilities AKA parental controls. create passwords to even access any such information on your computer on the network change password every so often. google windows 7 create a network and do some research :)

I certainly wouldn't say that "most" routers have this features, lest people go looking for things they don't have. It's definitely a useful feature, but it is something you would need to look specifically for when purchasing a wireless router.
Leo
14-Dec-2011
Ron
May 1, 2012 10:12 AM

Hi Leo,

Thank you for this very value information, I need to ask if my desktop is safe since my second modem didn't have multi LAN plugs and I had to be creative. My neighbor wanted to share my Wi Fi so I split my phone line using a DSL filter connector and than connected the internet (phone Line) to my basic modem (no wi fi ) and using LAN directly to my desktop. Second, I connected the internet (split phone line) to a Wi Fi Router and gave her the code.

Thanks,

Ron.

Bella Bray
January 27, 2013 5:40 PM

my neighbor offered to use his wifi/no password, I've been using it a mth.now, but am very leary to download anything as I was told his cost would reflect my use. What all am I able to do on my tablet without extra cost to such a fine neighbor?

Mark J
January 27, 2013 11:31 PM

@Bella
He's taking a big risk. You may not abuse the privilege, but anyone could use his unprotected network. You might suggest he password protect his router and share the password with you. As for what you can do to keep costs down, normal Web surfing and email are generally low users of bandwidth unless you receive large attachments such as photos and music. Watching online videos and listening to music can also use a significant amount of bandwidth.

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to http://askleo.com/ask to ask your question.