Digital Lab studied 29 routers by evaluating them for about 60 different security practices and protection of personal data, as well as 100 other data points for evaluating speed, ease of use and other factors.
"Routers are the conduit through which everyone travels data that's why it's so important to look closely at how they handle security, "said Robert Richter, who oversees security research and privacy testing.
Discovered security issues include:
- 20 routers allow users to change it password, but not the web apps username that is used to change settings, including the password Wi-Fi
- 20 routers do not protect against multiple failed connection attempts, possibly allowing one hacker use software that tests passwords until the system is broken.
- 11 routers allow users to set very weak passwords (those with fewer than eight characters or lacking any complexity). Some routers do not require users to change the default login credentials of 'admin' and 'password«
- Two-thirds of routers had the Universal Plug and Play (UPnP) networking protocol enabled by default, with a history of security failures.
- 11 routers do not support automatic software updates
- Few router manufacturers say how long they will provide firmware updates
In terms of performance, 18 of the traditional 20 routers tested earned a "good" score for moving around 28 meters. And all nine mesh routers earned a higher rating for range over 44 and 100 meters, so if you have a larger area that needs consistent coverage, mesh routers are a better option.
For traditional routers that have a good security rating, the privacy and performance comes with Synology RT2600ac and Netgear Nighthawk X10 AD7200. The highest rated mesh routers include Netgear Orbi and Eero.
How to secure your router
No matter what router you have in your office or home, there are many steps you can take to make sure it is as safe as possible.
- Set a strong password
- Disable features you do not use, including UPnP, and disable remote management
- Turn on automatic updates or, if this is not an option, periodically check for new software updates manually
- Turn on WPA2 or WPA3 (if available on your router) and make sure WEP is turned off
If your router is outdated and only supports WEP or WPA or if it no longer receives any updates, you should purchase a new router.