Every vendor does it a bit differently, so consult your manual, or Google the vendor and get instructions that way. You can encrypt the wireless communication, or you can tell the router to only listen to certain computers (your own).

You need to first of all change the SSID on the wireless router.
Change it to something like M&f36@rT and write it down so you don't forget it and select do not broadcast the SSID.
Then change your computers to connect to the new network name.
Your network will then be invisible to about 99% of the population.

Then you can look into the encryption later.

do what riredale did too. Smart people can get around most setups (if they REALLY want to get on). The two safest ways are encryption & only letting certain computers on your network. You can select which mac address are allowed on your router. On my router I only allowed the ethernet & wirelesss mac addresses of the two computer in our house on there.

HF is correct. You also select which computers have access to the internet.
We have computes that are part of the wirless LAN and not have access
to the WAN. DLink has this ability.

Change SSID from the manufacturers default.
Don't bradcast the SSID.
Use encryption (most have at least 64 bit).
Allow computers on the wireless from certain MAC (mac filterering).
Permit WAN(internet access) from certain computers only
(you can time block access on some routers to working hours only) .

enable (choose) a WEP key......

WEP can be broken into in minutes now.
Use WPA

Ditto to the above....I have my encryption settings maxed out etc and have had no problems. It took a little hassle getting it set up but it is/was worth it. I have a Motorola and the control panel is pretty straightforward. If you have a Motorola and get stuck, I found the customer support very helpful (my encryption didn't work initially and I had to call them).

Good Luck....make those free loaders get their own service!

Not broadcasting your SSID is a waste of time and can make it that much harder for you to establish your own connections initially. My laptop reads all SSID's whether or not they are being broadcast.

As mentioned before, go ahead and change the SSID to something other than default, and something that does not identify you personally (ie, your name, address, etc). Use some kind of encryption WPA is best, but it may not work on OS before Win XP (depending on your adapter's drivers). Make your password/pass phrase something wacky - a series of numbers, characters, letters, etc. You don't want normal words/names that would make you vulnerable to a dictionary attact. Enable MAC address filtering, allowing only the MAC addresses of your own equipment to connect to your wireless router.

Most routers also have a variable on the number of IP addresses they will assign - you can set this figure to the number of devices you have connecting to your router.

Once everything appears secure, and is operating normally, you can disable SSID broadcast if you wish, but as I said before, it does little to prevent even average users from seeing the ID anyway.

Finally - accept one reality. Anyone who wants to, and is even the slightest bit serious, can crack all these safeguards and get in. Chances are, however, such an individual would choose a network with fewer safeguards in place.

WEP isn't an encryption protocol beyond anything much more than a hashing algorithm with the hash key being something that can be homed in on with someone monitoring your usage. 64bit is said to take 20 minutes, 128 a few hours, if you are using it a lot.

WPA is much better but many devices were given the title of WPA before the standards were agreed on. So expect some milage differences especially between vendors or families of a given vendor.

Another option is to use a wireless access point with the wired side of it going into something that requires yet more credentials. One fairly popular technique is to use a VPN technology into a router or firewall and only accept those VPN packets on the interface that the wireless access point connects on. However you need to judge the merits of this approach with the price and knowledge required to configure it. DrayTek 2600G and 2900G routers have the ability to only permit VPN connections over wireless LAN if you select it. Thereby restricting the link layer from casual immitation just from knowing the equivalency or encryption settings.

Other approaches use an agent to unlock the ability to bridge onto the wired section of the access point. 802.1x is the typical technology name, but again, this needs some planning and might not suit you.

Other options include replacing the omnidirectional antenna with a more beam shaped alternative and winding down the power to the minimum required setting. However most firmware doesn't expose the power controls.

I've had quite a bit of success using Linksys WRT54G with Satori4 (free) Tinybox linux firmware (UK£45) at my PC end, configured as an end station - which the linksys default firmware doesn't provide as an option.Using a DrayTek 2600G ADSL router (c. UK£100) on the line to the ISP. The advantage of using the WRT54 being that you can slave 4 PCs remoted from your access point without having any USB or PCI drivers to load or have compatibilty issues - if you are like me, you already have an ethernet port. Also, the antenna is far more readily positioned with a better line of sight angle than many USB or PCI wireless adapters.

Of course, if you are paranoid over security, wire up some UTP appropriate for the environment you are putting this comms solution into.

Changing the WEP key frequently is another ploy to make the perpetrator move onto some other poor householder.