Changing the default passwords on the router is the most effective way to prevent unauthorized remote access. Default passwords can be easily found online and are a common target for attackers. By changing the password to something unique and strong, it significantly reduces the risk of unauthorized access. Disabling unused ports is a good practice as well, but it does not directly prevent unauthorized remote access. Enabling WPA3 encryption is critical for wireless security but does not directly apply to preventing remote access via the router's administrative interface. Port forwarding is used to allow external devices to access internal resources and, if not configured securely, can actually increase the risk.