Security Corner

Nov 8 2010   2:56PM GMT

A Simple Trick to Make Public WiFi Encryption Easy to Implement

Ken Harthun Ken Harthun Profile: Ken Harthun

With the Firesheep firestorm (there are over 1,000,000 search results as of this writing) blazing across the web, there is a lot of pressure on cafes, coffee shops and other establishments that offer free open WiFi to implement WPA2 encryption. While it’s trivial to set it up, fielding the questions from users can disrupt the normal flow of business. The most frequent question will probably be, “What’s the password?” Most places will post signs and/or print up instruction cards with the password on them, but here’s a simple trick that most will probably overlook: rename the SSID of the wireless router so it also gives the password.

Here’s an example: Let’s assume that I own a place called “Ken’s Cafe.” The SSID of my wireless router is KCWiFi. I’ve implemented WPA2 and made the password Ken’sCafe. All I have to do is change the SSID to something like this: KCWiFi (Password: Ken’sCafe). Probably many patrons will see that and just connect when prompted for the password.

This simple trick will work well because there is nothing confidential about a WPA2 password; it doesn’t matter what it is or who has it. Unlike WEP, each connection to WPA2 is unique and there is client-to-client isolation between the connections.

2  Comments on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Cbyrd01
    The encryption keys used in WPA-PSK are derived from the pre-shared key (the 'password') so a well known password would not prevent a successful sidejacking attack such as Firesheep. It does make things more difficult for the attacker however, but may not be worth the hassle to users. For true security without the need for a password, check out my project on [A href="http://riosec.com/open-secure-wireless"]open secure wireless[/A]. Although it's RFC compliant and basically works now, it would require vendor support for usability. If you want to see this a reality, ask your vendor to support it! Thanks, Christopher
    0 pointsBadges:
    report
  • Ken Harthun
    Thanks, Christopher. I took a look. It appears to be an elegant solution and I believe you have discovered the real solution to open wi-fi. Good luck with your project!
    1,740 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: