Helping people with computers... one answer at a time.
Using a password protected WPA2 is a minor inconvenience for a very significant level of additional security. I'll explain...
I handle the Wi-Fi hotspot for a library and have been using WPA2 with an openly distributed passphrase. Another library has no security whatsoever. Is there a greater risk using no security because for our library the passphrase is so openly available to possibly bad guys?
The short answer is absolutely! Using WPA2 with a password adds significant levels of security beyond an open Wi-Fi hotspot, even if everybody in the room knows the password.
When you've got an open Wi-Fi hotspot, all of the information that's being transmitted by each of the computers connected to that hotspot is being transmitted in the clear. That puts the onus of security on each individual computer user.
That's not necessarily a good assumption to make.
They all then have to make sure that they're using https and secure connections and doing the right thing to use an open Wi-Fi hotspot safely. I've got an article on that.
When WPA2 is used, it has a very interesting characteristic. Even though the password that you use is the same for everybody, each individual connection between a computer and a hotspot uses a different encryption key.
What that means is that while there are multiple computers connected to the same hotspot, they cannot sniff each other's data in any unencrypted form. They do not have mutual access to all of the information that's being transmitted and received by that access point. It's actually a very good design point for WPA.
It's one of the many problems with WEP security. If you're using WPA even though everybody's using the same password, the actual encryption key that gets applied to the data is selected to be unique for each connection and therefore each connection is safe from every other connection.
I honestly wish that every open Wi-Fi hotspot in the world would switch to this model. In other words, I wish that at Starbucks there was a board on the wall that said, "The Wi-Fi password is..." and then you would need to specify that password in order to connect to the hotspot. It is a minor inconvenience for a very significant level of additional security.
Unfortunately, Starbucks and all of the other open Wi-Fi hotspot providers in the world know that anything that isn't as simple as possible is going to give them customer service issues and the baristas just aren't going to be prepared when someone asks for help.
So, that's the issue. It is definitely much more secure to have the WPA connection with a publicly posted password than to have an open Wi-Fi hotspot.
Comments on this entry are closed.
If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.
If you don't find your answer, head out to http://askleo.com/ask to ask your question.