Wireless Encryption

Started by Moonshine, Jul 08, 2015, 08:44:34

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Moonshine

Good Morning Netters,

Please could someone advise the safest/most secure type of encryption for home Wi-Fi?

The options on my router are as follows:

1) Mixed WPA-PSK+WPA2-PSK
2) WPA2-PSK (Wi-Fi Protected Access 2 with Pre Shared Key)
3) WPA-PSK (Wi-Fi Protected Access Pre Shared Key)

Also, if I select on my router not to broadcast the SSID, does that mean that others will definitely not be able to see my connection?

Many thanks for your help.

Moonshine.

Simon

Others with more expertise may wish to comment also, but I think option 1 is probably the best one to choose as that covers both .

With regards the SSID, you can change it to whatever you like, so other people who may see it listed will not know it's you.  I think it might be inconvenient to disable it, as then your own devices won't be able to 'see' it.  :)
Simon.
--
This post reflects my own views, opinions and experience, not those of IDNet.

Ray

I'd agree with Simon and use option 1, I'd also leave the SSID on but change the name to something more meaningful to you.
Ray
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Moonshine

Thank you, that's most helpful.

If it's just to connect my smart phone to wifi at home (I haven't got my home PC set up with wifi - it's via Ethernet, which I'm happy with), and I disable broadcasting the SSID, I assume my smart phone won't be able to detect the connection at all then?  Is there actually any security benefit to not broadcasting the SSID?!

Also, can I leave my home PC set up as wired (Ethernet), but still connect my smart phone to my wifi at home?  Do I need to change any other settings?  There's a button on the front of my router for wifi, but I've never clicked it before!

Is there anything else I can do to protect my connection that I'd need to be aware of?

My smart phone seems to have some kind of wifi called 'wifi sense' - but I've read that it's not very secure??!

I'm just entering the 21st century by buying my first smart phone, so this is all very new to me being a total technophobe!

Many thanks for any advice in advance.

Moonshine.

nowster

Option 2 (WPA2-PSK only). Not broadcasting the SSID will not stop the miscreants from detecting your AP from other traffic.

The only reason to use option 1 (WPA/WPA2 mixed) is if there is some old equipment which cannot handle WPA2.

Never ever use WEP nowadays. It's trivially crackable within a couple of minutes using a five year old laptop (my own penetration tests on my own kit).

Oh, and make your password a long (4-6 words) memorable nonsense phrase rather than a complex untypeable mess of mixed case numbers and symbols.

https://xkcd.com/936/

Moonshine

Thank you nowster.   :)

pctech

Also set WPA group rekey interval to something like 120 seconds.


Moonshine

Quote from: pctech on Jul 08, 2015, 20:31:16
Also set WPA group rekey interval to something like 120 seconds.



Good Morning,

Thank you for this.  I have absolutely no clue how to do it though, or what it achieves??!!  I have a Netgear DGN1000 if that's any help, and couldn't see anything in the wireless router settings for this, or in the advanced section - unless I'm missing something and looking in completely the wrong place??

:)