Splash of Style...Macs, Photography, Design, and other Passions

Change Linksys Router Wireless Security to WPA2

November 9, 2008 by debbie T | Wireless

It appears that WPA (with TKIP) wireless security has been found to have a flaw.

After the dust settled and more information was shared, it was learned that the crack isn’t such a horrible risk, but that’s not to say that the flaw won’t escalate in the future. I changed my Linksys router wireless security settings to WPA2 and AES so I don’t have to worry about it.

EDIT (2008-11-22): The Security Now podcast has a show dedicated to this problem. It’s a very geeky episode, but very informative.

For more detailed information on configuring the security settings on a Linksys router, please view my older tutorial:
http://splashofstyle.com/archives/2007/04/13/configuring-linksys-router/

Navigate to router’s IP address

In your browser (Firefox, Internet Explorer, Safari, etc), click or type the link http://192.168.1.1/ to open your router’s set up interface. This particular address is for Linksys routers. If you have another brand, you will need to go to the manufacturer’s web site to find their URL or consult the user manual.

I should stress that, if possible, you should be connected to the router via wire (Ethernet cable). Yes, it’s possible to connect to the router using your wireless connection, but if something goes wrong, it’s likely that you will lose your wireless connection. Make sure you have an Ethernet cable ready and waiting just in case, because if you lose your wireless connection, you will not be able to get back into the router to fix the problem.

Log into the router

You will need to type in your user name and password. Hopefully you changed it from the default, and kept the info in a safe place! 🙂

Backup router settings

If you have any doubts about changing your router settings, perform a backup first. It’s very easy!

  1. In the router interface, click the Administration tab
  2. then click Config Management
  3. Click the Backup button and save the file somewhere safe either on your desktop, or in My Documents. Somewhere you know you can find it later.
  4. If you need to restore the file, Browse to the file’s location first,
  5. Then click the Restore button.

wpid735-if-in-doubt-backup-your-router-settings-1.png

Change wireless security settings

Once you are logged into your router’s set up interface,

Click the "wireless" tab

  1. Then click the "wireless security" tab
  2. Change security mode to "WPA2 Personal"
  3. WPA Algorithms should be changed to "AES" – Do NOT change to “TKIP + AES” – it will still be
  4. You should already have a strong passkey – this is the password (key) that is used to sign into your wifi connection. I ended up editing my passkey so it included more characters. I heard from a reliable source, that a passkey should be at least 20 characters. Mine is about 30 characters long.
  5. Group key renewal – I changed my settings to 600 seconds. It was as low as my router would allow. I read that a quicker renewal is more secure. It was recommended to change to 2 minutes (120 seconds) but my router wouldn’t allow me to go that low.
  6. When all settings are set, click the Save Settings button.

wpid736-change-wireless-security-settings.png

Once the settings have been changed, hopefully your wifi connection will still work. If not, a computer restart might be in order. If you lengthened your passkey, then you will also need to type the new passkey into your computer’s wifi log in.

If your wifi still doesn’t work, then it could be that your equipment is too old. Your wireless card (in your computer) might not support WPA2 and AES. In that case, you will have to live with WPA and TKIP.

If you are stuck with TKIP, you can still minimize your risk by disabling QoS (Quality of Service) and that will help. (see screen shot below)

In your Linksys router settings, click the; Applications &amp Gaming tab, then QoS. Choose the Disable button.

Linksys-qos

As per Steve Gibson & Leo Laporte on the Security Now podcast, disabling QoS on your router is helpful, as QoS with TKIP is part of the WPA flaw.

But for peace of mind, if you can, change the setting to WPA2 and AES.

If you need a new router, the Linksys WRT54G Wireless-G Router is a solid choice!

Good luck!

There are 3 comments

  1. Dagnabbit – I was just sitting down to make a ScreenSteps tutorial on how to set WPA2 on a Linksys router – and then I happened to read this! Stole my thunder…but now I’m going to steal shamelessly and point my listeners here!

    Comment by Allison Sheridan on November 10th, 2008

  2. haha! no intentional thunder stealing!!!!

    I was hoping that you guys were going to be chatting about the subject, and I was glad when I glanced over your show notes this morning. Bart explains stuff so well, and I can usually understand it!

    I am all downloaded and ready to listen on the way to work today!

    Comment by debbie T on November 10th, 2008

  3. Updated the article to include a bit more information. After listening to the Security Now podcast, I understand the flaw a bit better.

    The flaw wasn’t the ‘be all end all’ problem that was portrayed in the press. There isn’t anything tragic that can happen as of now, but who knows what could happen in the future, so it’s a good idea to adjust your router settings to WPA2 & AES.

    If your wireless equipment is older, it might not work with AES; in that case, it’s a good idea to make sure QoS is disabled.

    Comment by debbie T on November 22nd, 2008