NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Trying to disable WPS (bringing the topic to the top of lists again)
So - I've had my R6300v2 for a day. I've fiddled with most settings and I'm happy that for most things it'll do what I need. ALL EXCEPT WPS! A week ago I ordered a D-Link which shocked me whe...
Hi, thanks for your reply as it confirms what I wrote in message #4.
The problem I have with disabling the SSID broadcast to "enable" a security feature is that, from what I've read, it is not a very good way of doing things. Not all clients handle hidden SSIDs very well, for example, I have an old Nexus phone that can't seem to manage to re-connect when it needs to, while other devices are okay. Plus, if I've understood the techinical stuff, a hidden SSID requires the client to broadcast more often to remain connected - and for a mobile device that's not ideal for battery life.
But, whether I'm right or wrong about the downside of hiding SSID broadcast, I'd still like to see a feature that was available on an older piece of equipment still be available. There are lots of places where WPS is not wanted - let's just be able to turn it off from the settings.
You can't disbale WPS in stock firmware, and you are right hiding an SSID only creates issues for some devices.
Sarevian wrote:Hi, thanks for your reply as it confirms what I wrote in message #4.
The problem I have with disabling the SSID broadcast to "enable" a security feature is that, from what I've read, it is not a very good way of doing things. Not all clients handle hidden SSIDs very well, for example, I have an old Nexus phone that can't seem to manage to re-connect when it needs to, while other devices are okay. Plus, if I've understood the techinical stuff, a hidden SSID requires the client to broadcast more often to remain connected - and for a mobile device that's not ideal for battery life.
But, whether I'm right or wrong about the downside of hiding SSID broadcast, I'd still like to see a feature that was available on an older piece of equipment still be available. There are lots of places where WPS is not wanted - let's just be able to turn it off from the settings.
Are you saying that WPS is still active even when Enable Router's PIN is unchecked? This is what I have on my R7000.
TheEther wrote:Are you saying that WPS is still active even when Enable Router's PIN is unchecked? This is what I have on my R7000.
Thanks for your reply.
Indeed that's what happens for me.
Whether the tick box is checked or not seems to have no effect, WPS remains active and works very well ... if that's what is wanted!
In fact, it doesn't matter which setting is chosen in the R6300v2 (at least the one I've got) as it doesn't require a PIN number to set up the connection. Press WPS button, hit WPS setup and the mobile device (latest one I tried was a Galaxy Tab S) simply makes the connection.
If that's not happening for you then there's possibly some difference between the R6300 and R7000. But it is odd (unhelpful perhaps) that the setting screen seems to be identical when they may not actually be behaving the same.
TL;DR Disable the Router's WPS PIN. Then all you have to worry about is physically securing the router. WPS will only be enabled for 2 minutes after the WPS button is physically pushed.
Ok, I did some research.
There are two methods WPS can be used on many routers, including Nighthawks.
- By entering the router's WPS PIN from a client.
- By pushing either the physical button or the soft push button in ADVANCED > WPS Wizard
The WPS PIN in method #1 has been proven to be easy to hack. Netgear provides additional protection against PIN hacking by automatically disabling #1 if it detects 3 failed connections by the PIN method. It is also possible to disable #1 altogether as I have shown in my previous post by unchecking Enable Router's PIN.
The method you demonstrated is #2. You and netwrks are correct that it cannot be disabled, except by disabling SSID broadcast. The soft push button can only be accessed by logging into the router, so that's relatively secure. That leaves just the physical button on the router itself. If you can physically secure the router against prying hands, then you should be safe. WPS is not active when the PIN is disabled and is only active for 2 minutes after the push button is pressed.
If you are inclined, I suppose you could physically modify the router and remove/disable the push button. Personally, I think that would be overkill. If someone can physically access the router, then it would easier to connect to one of the Ethernet ports.
