Follow ZDNET: Add us as a preferred source on Google.
ZDNET’s key takeaways
- US agencies back proposal to ban TP-Link routers.
- A ban could soon impact businesses and consumers.
- Act now to protect yourself, regardless of the outcome.
Growing concerns that the US government is closer than ever to banning one of the world’s most popular router brands might make you wonder how to improve your home security.
What’s going on with TP-Link?
The idea of banning TP-Link routers first emerged around a year ago, when hardware produced by the company — founded in China — was allegedly linked to a spate of cyberattacks. US government departments launched an investigation into whether TP-Link could pose a national security risk, with particular emphasis on its ties to China, despite TP-Link operating from Singapore and establishing a new headquarters in the United States last year.
“By establishing our global headquarters here in the United States, we’re not just expanding our presence — we’re making a long-term commitment to American consumers and businesses,” the company said.
Also: America’s favorite router might soon be banned in the US – here’s what we know
Now, a new report published by The Washington Post suggests that “more than half a dozen” federal departments and agencies are backing a plan to ban future sales of TP-Link routers in the United States.
Why? The US government alleges that TP-Link is a risk as it “handles sensitive American data and because the officials believe it remains subject to jurisdiction or influence by the Chinese government,” according to The Washington Post.
This means that alongside ByteDance’s TikTok, a ban on a popular consumer product could very quickly become reality. A sweeping ban on TP-Link without much — if any — real evidence may have been unthinkable a few years ago, but considering the erratic behavior of the White House in recent months — in my opinion — anything is now possible.
Has TP-Link responded?
TP-Link has fought tooth and nail to deny all allegations of Chinese government control and influence, design tampering, or knowingly allowing vulnerabilities in its consumer product line. TP-Link said that it “vigorously disputes any allegation that its products present national security risks to the US”
Also: TP-Link’s new Wi-Fi 7 router is a travel-friendly option that won’t break the bank
The company commented that “no government — including China — has access to or control over the design and production of our products,” adding that “all core product and data security functions across TP-Link are handled within the United States, with clear accountability to US leadership and oversight structures.”
Router vulnerabilities to know
- Hardware and chip-level implants: Hardware and chip-level flaws or implants are often placed as backdoors into vulnerable hardware, and impacted devices may require flashing to remove them.
- Zero-day vulnerabilities: Zero-day vulnerabilities are security flaws that are actively exploited before a patch has been made available. Unfortunately, on rare occasions, a router manufacturer may say there are no plans to patch zero-days and will recommend you replace vulnerable hardware instead, especially if they involve legacy products.
- Outdated firmware: If you do not update your router’s firmware, you will not receive critical security updates and patches that protect your device.
- Botnets: Botnets are networks of devices bonded together through malware. They seize control of IoT devices, routers, cameras, smartphones, and more to launch Distributed Denial of Service (DDoS) attacks, propagate malware, steal data, and run spam farms.
- Password spraying: Many threat actors today run “spray and pray” programs that use automated password-cracking scripts and intrusion tools. The most common combinations — such as “admin” and “123456” — are tested against Internet-connected devices in the hope of finding the right username and password to gain entry. The easier the password is to remember, the easier it is to crack.
- Exposed remote interfaces: Sometimes, users might not be aware that their router has an exposed interface or management controls that allow attackers to quietly infiltrate their device. The issue is often compounded when passwords are easy to guess.
- Weak encryption: When Wi-Fi connections use weak encryption protocols, such as WPA, it can be extremely easy to infiltrate and spy on users of the hotspot.
How to secure your Wi-Fi and home networking devices
When you are changing router settings, you will usually need to go into your preferred browser and type in a web address. For TP-Link routers, this is often http://tplinkwifi.net. For others, try http://192.168.0.1 — but this does depend on your router, manufacturer, and model. A quick Google search will usually tell you.
1. Replace weak, outdated credentials
Unfortunately, weak, easy-to-guess credentials are the main reason routers are compromised, leaving you vulnerable to surveillance and other cyber threats. Default credentials should be changed as soon as your router becomes your online hub, and you can usually do so in your router’s control panel.
2. Update your firmware
Not every router will automatically update its firmware — far from it. Older routers are at the most risk of compromise, but even the newest top-of-the-range products can be just as much at risk if their firmware has not been updated for a while.
Also: How to update your router’s firmware (and why you should be doing it regularly)
Firmware updates can improve stability and reliability, but their most crucial purpose is to patch vulnerabilities. It’s still an awkward process, though, and so if automatic updates are available in your router’s dashboard, allow them and save yourself the hassle of a manual update.
3. Enable a firewall
Ensure your router and devices connected to your Wi-Fi hotspot have a firewall enabled. These should be on by default unless you have a reason to temporarily disable them, but they should be on at all times. Firewalls are often the first line of defense against intrusion and can also filter out malicious websites, phishing domains, and other online threats.
4. Disable remote management functions.
Head into your router’s settings and ensure any options that allow for remote access, control, or management are left unchecked or disabled.
5. Ensure you are using strong Wi-Fi encryption
WPA3 is the latest protocol for securing Wi-Fi hotspots and should always be used if it is an option in your router settings. Most modern routers will enable WPA3, but if you have an older model or Internet of Things (IoT) devices, this protocol may not be recognized. If you face connection issues, try WPA2/WPA3 mixed or transition modes.
6. Use a Virtual Private Network (VPN)
A VPN is one of the best ways to secure your online communication today. VPNs encrypt your information and online communication, making it far more difficult for eavesdroppers to see what you are doing online and where. They are a must for using public Wi-Fi networks but should also be used at home for additional security. They can also be used to hide your home IP address, too.
Also: Best VPN services 2025: Stay protected online with the best VPNs in the market
7. Replace aging routers
Eventually, support for all tech, including hardware and operating systems, ends. This means they will no longer receive security updates or patches, and customers may be left without support.
Regarding routers, this opens up a myriad of problems. Unpatched vulnerabilities will leave your hardware exposed to cyberattacks — potentially compromising other devices connected to your hub — and you may experience slow speeds, bottlenecks, dropped connections, and reliability issues.
Whether or not you opt for a TP-Link model is up to you, but modern router options will generally improve your security and router performance.
Should I replace my TP-Link router?
There is no official confirmation of the government’s stance — yet. And without hard proof and the backing of over 300 ISPs, we continue to recommend TP-Link products in our best routers of 2025 guide, as well as our favorite mesh networking devices.
While we will monitor this ongoing story closely, we think it is too early to say whether or not you should replace your TP-Link router or any of its other home security products, such as cameras.
Also: The best VPN routers of 2025: Expert tested and reviewed
It’s important to note that TP-Link routers were targeted by the CovertNetwork botnet earlier this year, and there have been prior vulnerability disclosures in TP-Link hardware. However, I don’t consider this reason enough to disconnect TP-Link devices, and the company is far from the only router vendor to experience cybersecurity issues.
Get the morning’s top stories in your inbox each day with our Tech Today newsletter.
