Readers like you help support MUO. When you make a purchase using links on our site, we may earn an affiliate commission. Read More.

If you suspect your router is hacked, switching it off and turning it back on again is often the first recommended step. But, does a simple reset really make your router secure again? The answer is, it depends–mostly on how you reset your router and what you do immediately after resetting it.

How to Tell if Your Router Is Hacked

Everyone should know the most common signs of a hacked router. Keep in mind that all of these signs in isolation could point to a variety of issues but, if you’re experiencing any of the following for an extended period of time, you should investigate the cause:

  1. Browser redirections: If your browser keeps redirecting you to websites you’re not trying to visit, there’s a good chance that either your network or device is hacked.
  2. Router login issues: If the password for your router admin account is suddenly different, hackers may have changed it to keep you out of your own network.
  3. Slow internet connection: Every internet connection experiences slowdowns but, if your connection is unusually slow for extended periods of time, you want to investigate the issue
  4. Unknown IP addresses: Assuming you can still log in to your router admin account, seeing unrecognized IP addresses connected is a key indicator that your router is hacked.
  5. Suspicious messages: If you receive ransomware messages, fake antivirus notifications, increased pop-ups, or other suspicious messages, this could indicate your network and/or device is compromised.

Keep an eye out for suspicious activity and regularly check which devices are connected to your Wi-Fi network. Hopefully, an unexpected connection simply means a cheeky neighbor has guessed your Wi-Fi password. But, if they can access your network, what’s stopping experienced cyber criminals?

Will Resetting the Router Boot Out Hackers?

Resetting your router cuts all connections and reboots from scratch, including any hacker connections. However, if your router reboots with the same login credentials, nothing is stopping hackers from reconnecting or logging in to your system again.

To boot hackers out of your system–and keep them out–you want to reset your router and change your credentials (router login name, router password, network name and network password).

This way, you’re booting hackers off your system with the reset and preventing them from regaining access by changing your login credentials. Unfortunately, this won’t undo anything malicious hackers have already done with your device, data, etc.

This is why it’s important to regularly check for unrecognized connections and take action quickly. Also, you should regularly perform router reset cycles as part of your online security strategy.

How to Reset a Hacked Router Properly

If you suspect your router has been hacked, follow these steps immediately to properly reset your device:

1. Perform a Factory Reset

The first thing you want to do is reset your router to its factory settings. This reverts all of your router’s settings to their original state, including router login name, router password, network name and network password–as well as anything else hackers may have changed.

reset button tp link router

This is most effective when you’ve changed your credentials from their factory defaults before hackers gain access. In these instances, a factory reset will cut the hacker’s connection and prevent them from regaining access with the same credentials.

You’ll want to change these credentials again after the reset but never reuse details hackers may have compromised in the past.

2. Update Your Router's Firmware

Before you change any credentials, make sure your router’s firmware is updated to the latest version. A factory reset will also revert your router to the original firmware version it shipped with, so you’ll need to manually install the latest update.

Most firmware updates patch security vulnerabilities, so you always want to make sure you’re running the latest software. Again, you should regularly check for router firmware updates as part of your home network security strategy.

3. Change Your Router's Login Credentials

With your router reset and running the latest firmware, it’s time to change your access credentials. First, you’ll want to change the login name and password of your router, which gives you access to the administration software.

Type your router’s IP address into a web browser and use the default login credentials to access the administration panel. The layout and available settings in router software vary from one manufacturer to the next.

All manufacturers allow you to change the password for your router and some also allow you to change the login name, too. The most important thing here is to choose a secure password that’s easy to remember but difficult for hackers to crack, even if they’re using automated programs.

4. Change Your Router's Network Name (SSID)

Next, you should change the name of your internet network, which is called the service set Identifier (SSID). This is the visible network name nearby users can see on their devices when they look for networks within reach.

Changing this will make it harder for hackers to identify your network, and it also sends a signal to others that your network is secure. Default network names can make you an attractive target to hackers because they suggest other default settings will remain in place and overall security is weak.

If you want to step up security even further, you can change the SSID for your network and, then, hide your Wi-Fi network to stop it showing up in the list of available networks for nearby users.

5. Change Your Network Password

Once you’ve set an SSID, you’ll want to create a new password for connecting wirelessly to your network. The field for defining your wireless password could be located in several places, depending on the router you’re using.

A lot of manufacturers group the network name and password fields together, but you might have to look elsewhere–for example, the security certification settings section.

6. Disable Remote Management

Remote management is a common feature that allows users to access your router from anywhere in the world. This allows you–and, potentially, anyone else–to access the admin account using the login name and password you’ve set (or default credentials if you haven’t changed them).

This is a major security weakness, but most routers allow you to disable remote management or limit the devices that can access it. For example, you can normally limit access to one device or a set of devices using their IP addresses.

7. Turn Off Wi-Fi Protected Setup (WPS)

Wi-Fi Protected Setup (WPS) makes it easier for new devices to connect to a network without providing a password. If you look at your router, you might notice a button labeled WPS. Pushing this button temporarily allows nearby devices to connect to the network without selecting the network on their device or typing in a password.

WPS is a convenient feature if you have many devices connecting to your network, but it’s also a security risk. If a lot of people have physical access to your router, you should turn WPS off. You can always create a guest network for people to access without a password if you want people to connect easily to your network.

What Should You Do After Resetting a Hacked Router?

After resetting a hacked router and changing your login credentials, you should take the following steps:

  1. Check which devices are connected to your network: Log in to the admin panel of your router and check which devices are currently connected to your Wi-Fi network to make sure nothing unrecognized is connected.
  2. Monitor your network for strange behavior: Keep an eye out for the signs of a hacked router that we discussed earlier–especially the signs that first raised your suspicions.
  3. Scan your devices for malware: Run quality anti-virus software on all of your devices to check for viruses, malware, and other malicious programs hackers may have targeted you with.
  4. Check if your personal data has leaked: Hackers may try to access your personal data (email addresses, passwords, payment details, etc.) so look for any signs of data breaches: suspicious login attempts, unusual account activity, password changes you didn’t make, etc. Also, enable security features like two-factor authentication if you haven’t already.
  5. Keep an eye out for suspicious payment activity: Some hackers will go straight for your bank balance so keep track of payments for anything suspicious–including any paid activity on subscription accounts.

By following these steps, you’re checking that your router is secure once again. Secondly, you’re investigating any potential hackers may have caused while they had access to your router and taking steps to mitigate any risk.

Keep Your Router Safe from Hackers

Preventative measures are always the best strategy when it comes to cybersecurity. When it comes to home networks, hackers are normally looking for easy targets. Protecting your network doesn’t only make it harder for hackers to access, it probably puts off most of them from even trying.