Wireless Router set-up WPA Key - asks for Security certificate

Posted on 2009-05-24
Medium Priority
Last Modified: 2013-11-12
I have a Linksys WAP 4410N Wireless Router which  I have configured with WPA Security.  The issue I get is when a new PC wants to connect to it, it always says it can not find a security certificate for the PC.  I know how to get around this by going to the wireless Connection Properties and unticking the IEEE802.11 box.  But can I turn this off on the wireless device so it does not look for a security certificate.  The wireless works well with the WEP security set-up, but I would like to use the WPA setup so that I can input a key that is memorable!

Question by:mbelletty
LVL 11

Accepted Solution

Todd Mummert earned 2000 total points
ID: 24464231

Do you have your router configured for wpa2 instead of wpa?   I thought wpa2 was the one that asked for the security certificate.


Expert Comment

ID: 24466620
Ok, you are confusing a bunch of stuff together.

The box that you are unticking is 802.11x which always requires certificates.  

I would suggest the following:

First - Reset the router to Factory Defaults - This will give you a baseline on what is turned on in the router.

Second - Enable WPA2 - if your wireless devices support it.  It is more secure.  

Third - You don't want a "memorable" password!!  The object of wireless security is to keep folks out.  

Try this:  goto www.grc.com/passwords

Get one of the alphanumeric passwords (copy all 63 characters)  

Save the password onto a Thumb Drive

LVL 31

Expert Comment

ID: 24473959
I do agree with Mikesuss with getting WPA2 instead of WEP - all WEP is bad, might as well have it open to the world - you don't even have to remember a password and it is just about as secure...

Memorable passwords are generally discouraged against since they are usually just too short and will fall victim to dictionary and short phrase attacks.  However if you really want 'memorable', that doesn't mean it has to be 'short'.   Pick a longer phrase or 2, mix in a few numbers and symbols either as 1337, or built into the phrase as word substitutions (e.g. 1Flew^TheCuckoosNestOnADark&StormyNightPeterPiperPickedAPeckOfPickledPeppers).  Even though there is a dictionary based, it is mixed up, masked, and with a long enough phrase or combination of phrases plenty long enough to thwart most or all brute force attacks effectively just as well as a truly unique one while still being memorable (okay so maybe it might be crackable in 500 years instead of 800 or whatever - still plenty good enough).  Pick a longer phrase, the ingredients from the recipe for your favorite cookies - whatever is meaningful to you to remember.  Short repetitions, however, are not recommended (e.g. 1potato2potato3potato4) as the benefit will be reduced from that type down to a longer term, but still crackable within a realistic period of time - although the greater threat might be that it is vulnerable to someone watching your fingers on the keyboard since the pattern will become obvious and repeated long enough they will have all the time in the world to figure it out.  Also be careful of choosing lyrics to a song - although easier to remember many people have a nasty tendency to start humming the tune on occasion.
We Need Your Input!

WatchGuard is currently running a beta program for our new macOS Host Sensor for our Threat Detection and Response service. We're looking for more macOS users to help provide insight and feedback to help us make the product even better. Please sign up for our beta program today!


Author Comment

ID: 24479275
Just wanted to add that the client whose wireless it is is a public use building.  They have functions for clients in there, and often the client needs wireless access.  Hence, the WPA2 setup requesting a certifictae is painful as I need it to be simple so the function staff dont have to untick the 802.11 checkbox each time a client comes in.  I may try the WPA again ( which I know now does not have the security certificate request ) although I thought it did when I tried it.

Expert Comment

ID: 24479764
Actually what you need to do is add a open access point that is vlan'd and separate from their network.  Lock it down so it can't get access to anything, and use something like opendns to restrict where they can go.  If they don't want to leave it up all the time, plug the router into a switched outlet so they can turn it on and off.

Having security on a wireless system that needs to be shared is plain silly.

LVL 31

Expert Comment

ID: 24522051
>>Having security on a wireless system that needs to be shared is plain silly.

Not quite - it is one thing to have it publicly available, it is another thing to have it wide open.

With security you can track traffic easier for people that are going places they shouldn't be.

I agree with having two networks vlan off.  With certs, they can still be valid for a long period of time - you can have them registered or something.

The other method is shorter time usage - I'm honestly not sure how they do it, but many hotels are like this.  you try to go to the internet and you have to get a password from the front desk.  The homepage is probably the application name to look for - just been awhile since I've been to a hotel to give a recommendation.  that might be the model you want to look into.

Featured Post

WEBINAR: GDPR Implemented - Tips & Lessons Learned

Join the WatchGuard team on Thursday, March 29th as we recount some valuable lessons learned in weighing the needs of a business against the new regulatory environment, look ahead at the two months left before implementation, and help you understand the steps you can take today!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
This program is used to assist in finding and resolving common problems with wireless connections.
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

586 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question