Learn how to avoid security risks while using Meshnet.
Introduction
When using Meshnet, it's essential to keep in mind the nuances of network security — even if you haven't encountered any issues yet. The purpose of this article is to offer actionable steps to fortify your Meshnet infrastructure against various types of cyber threats.
You find an unknown device on your Meshnet
If you discover an unknown device in your list of Meshnet devices, follow these steps:
1. Unlink the unknown device
Having an unknown device linked to your Meshnet network is a serious security risk. To remove the device you don’t recognize, you can use either the NordVPN app or the Nord Account website.
In the NordVPN app
Navigate to Meshnet .
Find the device list and unlink the suspicious device.
On the Nord Account website
Log in to your NordVPN account.
Select the Meshnet (by NordVPN) card.
Find the device list and unlink the suspicious device.
For detailed steps, consult the guidelines appropriate for your operating system:
Your account may have been compromised. Change your password as a preventive measure.
If you are using a desktop device
Log in to Nord Account using your current password.
In the upper-right corner, click your account name and choose Account settings.
Under Account details, Select Change password.
If you are using a mobile device
Log in to Nord Account using your current password.
Tap the three-bar menu in the upper-right corner of the screen.
Select Account settings.
Under Account details, tap Change password.
3. Enable MFA for your Nord account
Multi-factor authentication (MFA) is a security mechanism that verifies user identity by requiring two or more forms of authentication. This could be a combination of a password, PIN, token, USB security key, fingerprint, or facial recognition.
Tap the three-bar menu in the upper-right corner of the screen.
Select Account settings.
Navigate to Multi-factor authentication (MFA) and select Manage MFA.
An email with a verification code will be sent to you. Enter this code in the designated field.
Tap Set up under your preferred MFA method. Follow the on-screen instructions to complete the setup.
You have two options for enabling MFA for your Nord account:
Authenticator app
If you choose this method, use apps like Google Authenticator, Microsoft Authenticator, or Authy. These apps generate a code that changes every 30 seconds, which you'll need to enter when accessing your Nord Account.
Security key
If you prefer this method, use a Bluetooth, NFC, or USB security key that holds a unique PIN. Nord Account is compatible with FIDO2-certified USB keys, including various series like Security Key, Yubikey 5, and others.
An unknown device sends an invitation
If you do not recognize the email account of the sender, do not accept or reject the invitation.
You're unsure about the invitation sender
If you're unsure whether an invitation is from someone you know, directly ask the supposed sender to confirm if they sent the invitation.
Review access permissions for linked devices
Linked devices can access your device resources based on specific permissions you've set.
Check your device's permission settings to see what each linked device can access.
For more details, consult these pages:
Change permissions if you want to restrict access to certain resources.
Example
You can block a device from accessing your local network when it routes traffic through your device, as shown:
Consider traffic routing risks
Traffic routing offers great opportunities but comes with its own set of risks.
Public IP exposure
If someone routes their traffic through your device, your public IP address could be associated with their online activities.
Local network access
A threat actor who gains Local network permissions could potentially access other devices on your local area network (LAN) and make unauthorized changes.
Network monitoring
A device that you are routing traffic throughcould maliciously monitor your network activity, including DNS queries, thereby gaining insights into your online behavior.
Remember that the privacy of your Meshnet network depends on the reliability of its members. By following the security measures outlined above, you can enjoy a safer Meshnet experience.