With the Firesheep firestorm (there are over 1,000,000 search results as of this writing) blazing across the web, there is a lot of pressure on cafes, coffee shops and other establishments that offer free open WiFi to implement WPA2 encryption. While it’s trivial to set it up, fielding the questions from users can disrupt the normal flow of business. The most frequent question will probably be, “What’s the password?” Most places will post signs and/or print up instruction cards with the password on them, but here’s a simple trick that most will probably overlook: rename the SSID of the wireless router so it also gives the password.
Here’s an example: Let’s assume that I own a place called “Ken’s Cafe.” The SSID of my wireless router is KCWiFi. I’ve implemented WPA2 and made the password Ken’sCafe. All I have to do is change the SSID to something like this: KCWiFi (Password: Ken’sCafe). Probably many patrons will see that and just connect when prompted for the password.
This simple trick will work well because there is nothing confidential about a WPA2 password; it doesn’t matter what it is or who has it. Unlike WEP, each connection to WPA2 is unique and there is client-to-client isolation between the connections.