Recommend:
To the knowledge base

Security tips for using MyFRITZ!Net

In addition to computers, smartphones and smart home devices, routers are also increasingly being targeted by hackers. Therefore, each FRITZ!Box is secured with an individual password and the integrated firewall fully protects the devices connected to the FRITZ!Box from attacks from the internet.

To offer your MyFRITZ! account and the FRITZ!Boxes registered with it the best possible protection against attacks, observe the following security tips and adjust the settings of your MyFRITZ! account and the registered FRITZ!Boxes, if necessary.

Note:All instructions on configuration and settings given in this guide refer to the latest FRITZ!OS for the FRITZ!Box.

1 Using individual account information

If you use MyFRITZ!Net to access several FRITZ!Boxes, use different account information in all of the FRITZ!Boxes. This way you can prevent unauthorized persons from accessing several FRITZ!Boxes with the same account information:

  1. Click "System" in the FRITZ!Box user interface.
  2. Click "FRITZ!Box Users" in the "System" menu.
  3. Click the "Add User" button.
  4. Enter an individual username for the user. Do not use a name that you already use in a different FRITZ!Box and do not use names that are easy to guess, such as admin, guest, fritzbox, remote, or user.
  5. Give the user an individual password that is strong enough. Do not use a password that you already use in a different FRITZ!Box or for a different service, such as your MyFRITZ! account, Amazon, Facebook, or Google.

    Note:You can find information on strong passwords in our guide Everything you need to know about strong passwords, for example. A password manager like Bitwarden or KeePass can help you keep track of things while also generating cryptographically complex passwords.

  6. Enable the option "Access from the internet allowed".
  7. Enable the option "FRITZ!Box settings" under "Rights". You can assign additional rights according to your individual needs.
  8. Click "Apply" to save the settings.

2 Using an alternative HTTPS port

  1. Click "Internet" in the FRITZ!Box user interface.
  2. Click "Permit Access" in the "Internet" menu.
  3. Click on the "FRITZ!Box Services" tab.
  4. In the field "TCP port for HTTPS", enter an unused port from the range 1024 to 65535 instead of the default port 443. This makes it more difficult for unauthorized persons to determine whether it is even possible to access the FRITZ!Box via HTTPS.
  5. Click "Apply" to save the settings.

3 Setting up additional confirmation with an authenticator app

The following steps are only necessary if it should also be possible to change security-relevant settings of the FRITZ!Box over the internet:

Installing an authenticator app

  1. Install an authenticator app on your mobile device that supports the TOTP procedure (for example Google Authenticator, Microsoft Authenticator, 2FAS Authenticator, Authy).

Configuring the authenticator app

  1. Click "System" in the FRITZ!Box user interface.
  2. Click "FRITZ!Box Users" in the "System" menu.
  3. Click the (Edit) button for the user who should be allowed to change security-relevant settings over the internet.
  4. In the section "Confirmation by App (One-time Password)", click "New Setup" and on the FRITZ!Box, confirm that the procedure may be executed, if you are asked to do so.
  5. Enter a name for the mobile device.
  6. Open the authenticator app and set up a new account.
  7. Point the camera on the mobile device at the QR code displayed by the FRITZ!Box until it is recognized.
  8. Click "Next".
  9. Enter the code shown by the authenticator app in the field "Enter code".
  10. Click "Next" and then "Finished".

4 Setting up additional confirmation for MyFRITZ!Net

Protect the login to your MyFRITZ! account on myfritz.net with additional confirmation, for example with an authenticator app, a fingerprint scanner or face recognition on the mobile device, or on the computer with a USB security key (U2F security token). Here we show you how to set it up using an authenticator app as an example:

  1. Call up myfritz.net in a web browser.
  2. In the corresponding fields, enter the email address and MyFRITZ! password you used to register with MyFRITZ!Net, and click "Log In".
  3. Solve the CAPTCHA.
  4. Click the three-dot menu in the upper-right corner of the web page and then click "Account Settings".
  5. Click "Additional protection".
  6. Click on "Configure" in the section "Configure Confirmation with One-time Password".
  7. Open the authenticator app and set up a new account.
  8. Point the camera on the mobile device at the QR code displayed in the MyFRITZ! account until it is recognized.
  9. Enter the code shown by the authenticator app in the field "Confirmation code".
  10. Click "Confirm".
  11. Click "Save" to save the recovery key for the MyFRITZ! account.
  12. Enable the option "I saved the key" and click "Finished".

Now your MyFRITZ! account and the FRITZ!Boxes registered with it are protected. See "Diagnostics > Security" for further information and recommendations on securing your FRITZ!Box.