@Sledge

Before you even consider encryption your first 2 lines of defence are to ensure you change your SSID from its default name and to enable MAC filtering.

Having established this you now need to enable the strongest possible authentication/encryption that your firmware supports. In order of best to worst these are:

WPA-TKIP (WiFi Protected Access - Temporal Key Integrity Protocol)

WPA-PSK (WPA - PreShared Key)

WEP - Open Authentication (Wireless Equivalent Privacy)

WEP - Shared Key Authentication

None

The strength of the WEP encryption decrease from 256 bit down to 64 bit. 128 bit and below has already been compromised.

To run WPA-TKIP you need to run a RADIUS server. WPA-PSK is the best solution for SoHo users.

If your firmware doesn't support WPA then use WEP-Open at the highest bit strength your firmware supports. Generate 5 WEP keys and change them at least weekly. Google for "WEP Hex Key Generator" and create hexadecimal keys of the appropriate length for the strength of encryption you are using. Most of the utilities you find on google will walk you throught this.

One of the weaknesses of WEP compared with WPA is that it uses the same key for initial authentication and subsequent real time data encryption. That is why for WEP, Open Authentication is better than Shared Key because you are not revealing your key for authentication and hacker cryptanalysis as part of your broadcast.