How to get rid of Wi-Fi squatters with two easy steps.

Sometimes you notice that your Internet connection slows down suddenly without any apparent reason. You may think this is normal or it can be due to the number of tasks you're performing simultaneously. Sadly this is not always the actual reason for it. It may also happen when somebody squats your Wi-Fi and uses it to connect to the Internet. Luckily there are ways to address these problem and keep out these pesters for good.

• Step 1 - The first step is to check your current IP configuration from Command Prompt by using the command Ipconfig /all (Fig. 1) (the command is ifconfig /all for Linux and Mac). From there you can recover your whole TCP/IP configuration; you'll need your IP address, your hostname, the router's IP Address and the MAC Address of your computer and of your other connected devices.

In the screenshot resulting from running the command, your MAC Address is listed as Physical Address, which makes perfect sense. MAC (Media Access Control) Address identifies physically a device (think of the equivalent of an SSN or of an ID for a human being) and, unlike the IP Address, it can't be changed (at least theoretically, as tools able to do it, such as macchanger, are currently available).

• Step 2- Once you know this data, open up the configuration webpage for your router.  To do this, you need the router's IP Address, which is displayed, after running the ipconfig /all command, under Default Gateway. Once you've recovered the router's IP Address from Command Prompt (Fig. 1), enter it in your web browser to access the router's configuration page (e.g.: if your router's IP is 192.168.1.1, open up your web browser and enter 192.168.1.1 as a URL). From there, click Connected Devices to see which devices are currently connected to your Wi-Fi. You'll be shown a list displaying their hostname, IP address and MAC address. If you notice an unknown device in the list (Fig. 2), copy its MAC address and look it up on http://www.coffer.com/mac_find/ .

This website allows you to find the manufacturer of a device knowing its MAC address. If the result shows that the unknown device doesn't belong to your network, you'll surely up with an intruder who was squatting your Wi-Fi.
Last night I was checking out some online material for this post, so I looked up my router page and...Bang! There you are, pesky squatter! (Fig. 2) At this point, you want to restart the router to kick him off and change your Wi-Fi settings to ensure a higher security. 

Fig. 1 (Click to enlarge)

Fig. 2

   

 How to secure your Wi-Fi

 The first thing you want to do is to use a higher level of encryption.

1. Make sure to use WPA (Wireless Protected Access) or WPA2 or WPA3 (even better).
2. Use a strong password instead of the default one and don't store passwords in your browser. I strongly recommend using a password manager, such as LastPass (see here for more information).
3. Use a custom SSID (Service Set Identifier, i.e. network name): that's usually set to the name of the manufacturer followed by the model number on the router. If you don't display this information, a hacker will have a harder time cracking your network.
4. Check Connected Devices list: I have already explained why and how to do it.
5. Turn off Guest Networking: it's mostly enabled on the router by default, but it makes your Wi-Fi more penetrable, as allows others to access your network.
6. Enable MAC address filtering: this setting will allow only the devices whose MAC address is in a list of authorized devices to access the network. It is the safest configuration but it can become a hassle if you have multiple devices, because you'll have to enter the MAC address of any new device you want to connect to your network into the router's configuration page. On the other hand this prevents unknown devices from hacking in even though they should break the password. Experienced hackers anyway can change the MAC address of their computer to workaround this setting. Update: if the hacker has a packet sniffer, this measure is practically useless, because MAC addresses are transmitted in unencrypted form.
7. Don't broadcast your SSID: This setting can discourage inexperienced hackers, as your network will not show up. Some devices will anyway show any networks they find even though they can't identify their names. What's more, the SSID can be tracked down from data packets transmitted across the network, by analyzing them with specific tools.