Google Nest Wifi and Google Wifi devices have several built-in security measures to protect you and your online world.
Google Nest Wifi and Google Wifi's firewall creates a barrier between your Wi-Fi network and the Internet, protecting your data from unsolicited connections or connection attempts. It’s a stateful firewall, meaning it keeps track of connections (Transmission Control Protocol (TCP) streams, User Datagram Protocol (UDP) communication) traveling across it. Only data associated with a known active connection is allowed through the firewall.
Note: Settings like Universal Plug and Play (UPnP) and port forwarding allow devices to bypass the firewall and have an open connection, leaving them potentially vulnerable.
WPA2 and WPA3 security
Google Nest Wifi and Google Wifi secure your Wi-Fi network with either WPA2 protocol or the newer WPA3 protocol. Using WPA3 protocol makes your Wi-Fi network highly resistant to security risks like offline dictionary attacks.
By default, Google Nest Wifi and Google Wifi use the WPA2 protocol to maximize compatibility with legacy connected devices (such as phones, tablets, or laptops). However, you can turn on WPA3 transition mode in the Google Home app. This setting allows both WPA2 and WPA3 devices to join your Wi-Fi network. For Google Wifi devices initially set up in the Google Wifi app, you will need to add your network to the Google Home app to use this feature.
Note: Some legacy WPA2 devices may be incompatible with WPA3 and experience connection issues when WPA3 transition mode is on. OnHub devices do not support WPA3.
Google Nest Wifi and Google Wifi don't support legacy protocols like WPA and WEP because they have been deemed unsecure by the Wi-Fi Alliance and industry experts. There are also known and documented attacks against WPA and WEP. WPS, a mechanism that lets a device join a wireless network without entering a password, is also not supported for security reasons.
To turn on WPA3 transition mode:
- Open the Google Home app .
- Tap Wi-Fi .
- Tap Settings .
- Turn on WPA3.
Note: When you turn WPA3 on or off, your network will restart and devices will lose connectivity.
Google Nest Wifi and Google Wifi receive automatic software updates to make sure you always have the latest security features and protection from recently discovered security threats. These updates may include open source components and go through several rigorous reviews.
All software updates are signed by Google. Google Nest Wifi and Google Wifi can’t download or run any software that isn’t signed and verified.
All communication between Google Nest Wifi or Google Wifi devices and Google is secured by Transport Layer Security (TLS). This is a protocol that ensures privacy between a device and a server to make sure no one else sees or tampers with the message.