|Perhaps useful to know/be aware of...|
You can restrict access to your router (via wifi) by using the MAC filtering routine. This is part of most (all these days?) routers management/security settings for wifi. This approach will make it harder for unauthorised users to access/use your router - and ride on your dsl service... It is the minimal level of security one can use.
Essentially you restrict access to only those MAC addresses stored in a list (in the router). You need to know the MAC address for each "wifi" user (the MAC address of the wifi adapter in their computer) you wish to allow access you router. And then you set the option to "these addresses only" (or whatever/however your router describes it).
This is often the first line of defence, as it does offer a (albeit a basic level or) degree of protection; and is then best followed/supported by a suitable encrypted "key" (128bit ascii - typically a mix of letters and numbers - which you choose/create.) All authorised users must know this key, and enter it when required in order to access/use your router (via wifi).
In a list of available wifi systems/routers any that are "secured" (or locked to unauthorised users - those who do not know the "key") usually have a symbol next to them in that list; typically it's a padlock; but may not always be that symbol. If you attempt to access (logon to) any router that is secured (WEP/WPA or similar key) you will be prompted for the required "key". And generally you can set your logon access to remember your details (i.e. that you know and have provided the key).
You can also hide the SSID (the router's name) which is otherwise broadcast for all to see.. But then all authorised users' must know what it is and provide that too when searching for and logging on to it...' Whereas if it's broadcast (but router is secured) they just need to know what to look for and know the required key. You can also often change the name of the router (change it SSID - and broadcast that...) to make it less obvious what make it is... And with some dsl providers... they broadcast their name (along with a number related to "your" service/account/router) as part of the SSID (but not necessarily including the actual make of the router); which may/may not be to your liking/preference either... (SKY in the UK do this, as does Virgin...) Depending on who your dsl service is from, depends on what you can do in terms of changing keys, SSID etc...
Depending on the make/model of router the Cat-5/ethernet connection/port indicators may/may not be lit at all if nothing connected to any give port. Equally if they are all lit regardless, then any that are in use will logically change to a different colour (e.g. green). My (rather elderly by current standards) Speedtouch only shows green indication for each cat-5 port that is active (something connected to it); otherwise each port indicator light is unlit... This was also the case for many older Netgear (wifi) routers.
Incidentally does anyone know if the security key set by Netgear is indeed "unique" to each; as in different for "every router they make/sell? Logically it might (ought) to be; but then again it might not be. I'd be inclined to change it to something "I" choose; and keep records of what I change it to in locations various... Hard-copy - with suitably vague reference as to what it refers to; and even similar emails to a couple of decent/secure email accounts - again with very vague references as to what it refers to (memory jogs as it were...).
Some years back there were instances of owners of at least one USA make of car in different parts of USA/Canada having the same remote key code... Granted the cars were sold a distance apart - opposite sides of the continent...; but nonetheless delegates at a conference or three (on the west coast USA) found out that they could access another car; i.e. another identical model, and drive it away - which did in fact happen (in error)... I think (I hope) which ever manufacturer it was did something to resolve this issue; they did at least acknowledge it as a remote possibility... Sadly with most domestic electronics etc. most folks leave factory set passwords/keys as received; and the determined hacker usually knows what they are likely to be (if there is info re' the make of router broadcast as part of the SSID)..., or can soon work out what it is based on his/her previous information/experience... But change the key (at least) and it becomes much harder (almost impossible) for them...?
But in answer your initial (simple) query... As "phil22" advises... delivered from Netgear with factory security settings already enabled... then yes it ought to be secure... And his advice to change the key at least is sound.