1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Is WPA-PSK by itself a good security measure?

Discussion in 'Networking' started by St!nkf!nger, Feb 6, 2007.

Thread Status:
Not open for further replies.
Advertisement
  1. St!nkf!nger

    St!nkf!nger Thread Starter

    Joined:
    Aug 24, 2003
    Messages:
    236
    I disabled SSID broadcast and enabled WPA preshared key encryption. It took a while to figure it out, but everything works great now. I was wondering if the two measures that I've employed are strong enough to keep intruders out. From the reading I've done it seems like WPA is the strongest type available to me, but is it enough?
     
  2. TerryNet

    TerryNet Moderator

    Joined:
    Mar 23, 2005
    Messages:
    77,941
    First Name:
    Terry
    WPA-PSK with a strong passphrase (minimum of 20 letters, numbers and special characters mixed) has never been broken. If somebody is holding a gun to your head and asking for the passphrase that may not be enough, but it's the best we have (other than WPA2).

    Disabling your SSID broadcast makes your network more difficult to use; it does not stop crooks as they quickly discern your SSID from the other packets that contain it and that are transmitted in clear text.
     
  3. St!nkf!nger

    St!nkf!nger Thread Starter

    Joined:
    Aug 24, 2003
    Messages:
    236

    So the SSID is more of a cosmetic thing rather than a solid security measure? If that's the case I'll turn it back on.

    Here's a question: When I set up the WPA on my Linksys router, there's a "WPA Shared Key" field that I'm required to enter something into. So I enter a simple to remember key, I chose a simple key to simplify the network setup. There's another field that's called "group key renewal" that's set at 3600 seconds. Now I'm guessing this is the time in between key renewals (which is done randomly, correct?), so if I were to check back every hour wouldn't the WPA Shared Key value be different? In my case it's not, it's always what I set it to be in the router config. Is this even how WPA works?

    So if my WPA is (eventually) set up correctly can I get away with using only WPA for my security needs?
     
  4. TerryNet

    TerryNet Moderator

    Joined:
    Mar 23, 2005
    Messages:
    77,941
    First Name:
    Terry
    You won't see the passphrase change because of TKIP (Temporal Key Integrity Protocol) but I understand that somehow the devices are synched and they internally change the key they are using and this is one of the strengths of WPA.

    WPA with a strong passphrase has not been broken (at least nobody has made a claim). Everything else has been broken.
     
  5. JohnWill

    JohnWill Retired Moderator

    Joined:
    Oct 19, 2002
    Messages:
    106,418
    Terry is right, use a strong key and WPA/WPA2, you're quite secure. :)
     
  6. St!nkf!nger

    St!nkf!nger Thread Starter

    Joined:
    Aug 24, 2003
    Messages:
    236
    Thanks guys. Here's another quick question. With WPA enabled will my Nintendo DS and Wii be able to access the network? I'm guessing they don't have the tech onboard to enter the keys so they can communicate.
     
  7. cwwozniak

    cwwozniak Trusted Advisor Spam Fighter

    Joined:
    Nov 28, 2005
    Messages:
    62,374
    First Name:
    Chuck
    Not sure about the Wii but the Nintendo DS only supports using much weaker WEP encryption.
     
  8. Crusnik

    Crusnik

    Joined:
    Feb 1, 2007
    Messages:
    310
    It'll work perfect with the Wii... But you're SOL when it comes to the DS =/. I ran into the same exact problem.

    Nintendo's solution is buying their $40 USB WiFi stick, which works with the DS and the Wii. Just shares your internet connection to Nintedo products.

    My soultion was digging out my old 802.11b router and hooking it to a spare NIC card on my PC and sharing the internet connection with ICS (Internet connection sharing). I used WEP, MAC filtering, DCHP off (have to staticly set IP's), and unbroadcasted SIDD. Almost the same thing as Nintendo's USB stick if you have the parts just laying around.
     
  9. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/541885

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice