For the best security, performance, and reliability, we recommend this setting for Wi-Fi routers, transmitters, or access points used along with Apple products.
This article is primarily intended for network administrators and people who want to manage their own networks. If you’re trying to join a Wi-Fi network, one of the following articles will help:Mac: Connect to Wi-Fi and resolve Wi-Fi cases.iPhone, iPad, iPod touch: Connect to Wi-Fi & troubleshoot Wi-Fi issues.
About privacy & security warningsIf your Apple device displays a privacy alert or a weak security alert about a Wi-Fi network, it can reveal news about your device. Apple recommends that devices be connected to Wi-Fi networks that meet or exceed security standards in this article. Before changing the router settingsBack up the router settings just in case you need to restore them.Update the software in your device. This is important to make sure your devices have the latest security updates and are working optimally with each other.First, install a modern firmware update for the router.Then, update the software on other devices, such as your Mac and iPhone or iPad.On every device that has ever joined the network, you may need to forgo the network to make sure the device uses the router’s new settings when rejoining the network.Router settings
To ensure the device can connect securely &stable to the network, apply these settings consistently to every Wi-Fi router and access point, and to every band of a dual-band, tri-band, or other multiband router. Security
Set up to WPA3 Personal for better securitySet to WPA2/WPA3 Transitional for compatibility using older devices
Security settings determine the type of authentication and encryption used by your router, and the level of privacy protection for data transmitted over its network. Whatever settings you choose, always decide on a powered password term to join the network.WPA3 Personal is the latest and most conducive protocol currently available for Wi-Fi devices. This protocol can be used on all devices that support Wi-Fi 6 (802.11ax) and some more outdated devices.WPA2/WPA3 Transitional is a mixed mode that uses WPA3 Personal using devices that support that protocol and allows older devices to use WPA2 Personal (AES).WPA2 Personal (AES) is a synchronous option when you can’t use one of the more secure modes. In this case, also choose AES as a type of encryption or cipher, if available.Weak security settings that need to be avoided for routers
Do not create or join networks that use outdated and unused security protocols. This kind of protocol has been ineffective, reduces network reliability and performance, and resulted in the device displaying a security alert:WPA/WPA2 mixed modeWpa PersonalWEP, including Open WEP, WeP Together, WEP Transitional Security Network, or Dynamic WEP (WEP using 802.1X)TKIP, including all security settings with TKIP in its name
Settings that turn off security, such as Nothing, Open, or Unsafe, are also highly non-recommended. Turning off security will disable authentication &encryption & allows anyone to join your network, access resources along (including printers, computers, and smart devices), use your Internet connection, and monitor the websites you visit as well as other data transmitted over your network or Internet connection. This is a risk even if security is turned off ad interim or for guest networks. Network name (SSID)
Set to a single and unique name (small large alphabet sensitive)
A Wi-Fi network name, or SSID (service suite identifier), is the name your network uses to notify its presence to other devices. It is also the name that the nearest user sees on the list of networks available on their device.
Use a name that is unique to your network, and make sure all routers on your network use the same name for each supported band. For example, don’t use generic or default names such as linksys, netgear, dlink, wireless, or 2wire, and don’t give different names to the two.4 GHz and 5 GHz bands.
if you do not follow these guidelines, your device may not be able to connect stable to your network, to all routers on your network, or to all the bands available in the router. And devices that join your network will most likely detect another network of the same name, and then automatically try to connect to that network. Hidden network
Routers can be configured to hide their network name (SSID). Your router may mistakenly use “closed” to signify hidden, &”broadcast” to indicate hidden nir.
Hiding a network name does not protect the network according to detection or secure it against unauthorised access. And because of the way devices search for and connect to Wi-Fi networks, using a hidden network can reveal coverage that can be used to identify you and the hidden networks you’re using, such as home networks. When connected to a hidden network, your device may display a privacy warning because of these privacy risks.
To secure access to your network, use synchronous security settings. Filtering, authentication, MAC address access control
When this feature is enabled, your router can be set to allow only devices with certain MAC (media access control) addresses to join the network. You try not to rely on this feature to prevent unauthorised access to your network for the following reasons:This arrangement does not prevent network observers from monitoring or intercepting traffic on the network.MAC addresses can be copied, falsified(imitated), or changed easily.To help protect user privacy, some Apple devices use a different MAC address for each Wi-Fi network.
To secure access to your network, use synchronous security settings. Automatic firmware updates
If possible, set your router to automatically install app and firmware updates when available. Firmware updates can affect the security settings available to you and provide other important improvements to the stability, performance, &security of your router.
Set to All (preferably), or Wi-Fi two to Wi-Fi 6 (802.11a/g/n/ac/ax)
This setting, which is available separately for the 2.4 GHz and 5 GHz bands, controls the standard version of Wi-Fi that routers use for wireless communication. Newer versions show better performance and support more poly devices simultaneously.
In general, the best course of action is to enable each mode offered by the router rather than subrangkaian based on that mode. All devices, including older devices, can then connect using the fastest supported radio mode. This also helps reduce interference from nearby legacy networks &devices. Band
Activate all router-supported bands
Wi-Fi bands can be said to be the way where data flows. More bands will put higher data capacity &performance to your network. Channels
Each band of your router is divided into several independent communication channels, such as lanes on a highway. When channel selection is set to automatic, your router determines which Wi-Fi channel is best for you.
If your router doesn’t support automatic channel selection, choose which channel has the best performance in your network environment. This varies, depending on Wi-Fi interference in your network environment, which could include interference from routers and other devices using the same channel. If you have multiple routers, configure each router to use out-of-sync channels, especially when they’re close to each other. Channel width
Set to 20 MHz for the 2.4 GHz bandSet to Automatic or all width (20 MHz, 40 MHz, 80 MHz) for the 5 GHz band