Almost half of internet users continue to use their Internet routers with default settings, according to a new Broadband Genie study.

The survey, based on responses from 3,242 broadband users, offers a detailed view of people’s network security habits.

The study found that 47% of respondents never changed their router’s default settings, while 81% kept the default administrator password, and 69% kept the same Wi-Fi password since installation.

The same data also revealed that 84% of users never updated their router, and 85% still use the default network name (SSID) that came with the device.

Even worse, awareness of why these security measures are important remains low, with 73% of respondents unaware that changes are needed.

Default Credentials and Firmware Flaws Drive Most Breaches

The study also highlights three security problems responsible for router compromises:

• Default administrator passwords (81%) – Default login details remain the most common entry point for cybercriminals.
• Outdated firmware (84%) – Updates to routers that contain fixes for vulnerabilities are rarely applied.
• Default SSIDs (85%) – Default network names often reveal the router’s make and model, which in turn helps attackers determine whether known exploits can be used.

Steps to Improve Home Network Security

Deploying the solutions needed to address the concerns raised by the survey is a straightforward process and requires minimal effort.

1. Change Administrator and Wi-Fi Passwords

Replace all default credentials with strong, unique passwords containing a mix of letters, numbers, and symbols.

2. Rename the Network

Modify your SSID so it doesn’t include the router brand or personal identifiers.

3. Keep Firmware Updated

Check for firmware updates often or enable automatic updates if available.

4. Disable Unused Remote Features

Turn off WPS, UPnP, and remote administration unless strictly necessary.

5. Monitor Connected Devices

Review your router’s connected device list and remove any unfamiliar entries.

Frequently Asked Questions

How often should I update my router’s firmware?
As often as possible or automatically if the option exists.

Can I secure a router supplied by my internet provider?
Yes. Change the Wi-Fi password, rename the SSID, and check connected devices.

Is WPA3 encryption sufficient protection?
WPA3 strengthens encryption but doesn’t fix weak credentials or outdated software.

Should I disable remote management?
Yes, unless you need it for work or troubleshooting. Limiting remote access significantly reduces the attack surface.

What should I do if I suspect my router has been hacked?
Perform a factory reset, install the latest firmware, and change all passwords.