Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

How To hide the passkey of wifi network

Posted on 2013-12-25
21
Medium Priority
?
396 Views
Last Modified: 2014-02-03
Hi ,
 i want to hide the passkey of my wifi network, as if we provide a wifi access to one person then the key is visible in there laptop wifi security option , and other people can also share it .

i want to hide this .
please advice
0
Comment
Question by:sanjeevkmrs
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 3
  • 3
  • +4
21 Comments
 
LVL 70

Expert Comment

by:garycase
ID: 39739769
Actually the key is almost certainly stored in an encrypted form -- at least on Windows boxes.    If you're really concerned, use more than just a passkey ... add Mac address authentication (i.e. only devices on the specific Mac address list in the router can connect.).
0
 
LVL 88

Expert Comment

by:rindi
ID: 39739781
Make sure your users don't have administrative rights on their PC's. Standard users can't view the passphrase.
0
 
LVL 3

Expert Comment

by:Brian Garcia
ID: 39739821
Why not use DPSK (dynamic pre-shared key) instead of a simple passkey.
0
Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

 

Author Comment

by:sanjeevkmrs
ID: 39739849
if i will use DPSK then how it gona help ? please advice . also can we use dynamic pre-shared key wirelessly ?
0
 
LVL 37

Expert Comment

by:bbao
ID: 39739861
for a small WiFi network, we commonly use a PSK (Pre-Shared Key), and it does have the issue you mentioned in the question.

if you want to prevent other people from using a known passkey especially on a shared computer, you need to use enterprise solution which is based on RADIUS and domain authentication.
0
 
LVL 88

Expert Comment

by:rindi
ID: 39739869
Or as I mentioned earlier, only use standard accounts, not administrator accounts. Logging on as administrator to a PC for day-to day use is very bad practice anyway.
0
 

Author Comment

by:sanjeevkmrs
ID: 39739872
i think registering mac address of the laptops will be fine as the users are having there independent laptops ,
please advice and also advice for a good linksys router in whihc i can register the mac addresses of the laptops on which the wifi can run
regards
0
 
LVL 5

Accepted Solution

by:
chanderpal singh rathore earned 504 total points
ID: 39740057
Hi,

The only option in a managed environment would be to disable access to the network & Sharing center
http://www.technology-howto.com/2011/09/how-do-i-prevent-access-to-internet.html

In a small non managed environment, the only option is MAC filtering so even if someone has your Wi-Fi password, he can't access your network.


In a large scale non managed environment(Schools etc'...) this is NOT possible and was the cause of much criticizm towards Microsoft for implementing this stupid mechanism into Windows 7. School admins just made policies that you can connect to the network only using Windows XP and Vista.


or you can get more information on below link:
http://www.linkedin.com/groups/Does-anyone-know-way-remove-2618496.S.99377528
0
 
LVL 44

Expert Comment

by:Darr247
ID: 39740276
If you're running a domain, just switch to using WPA2-enterprise authentication validated by RADIUS server, instead of WPA2-personal or WPA2-PSK.
0
 

Author Comment

by:sanjeevkmrs
ID: 39745662
no i am not running a domain , its a simple router i need to keep in my camp so that my guys can access wifi on there laptops , but now as they can see the password in the security option of individual laptops they are sharing with other people , which i want to stop .
is it possible i can add the  mac  address of the people in router so that those people can only use wifi . instead of giving them password or putting password in there laptops ?

please advice
0
 
LVL 5

Expert Comment

by:chanderpal singh rathore
ID: 39745670
Hi sanjeevkmrs,

You can use  mac address and follow the link to use mac address please refer

http://compnetworking.about.com/cs/wirelessproducts/qt/macaddress.htm
0
 

Author Comment

by:sanjeevkmrs
ID: 39745690
please check the link is not working
0
 
LVL 5

Assisted Solution

by:chanderpal singh rathore
chanderpal singh rathore earned 504 total points
ID: 39745714
Most Wi-Fi access points and routers ship with a feature called hardware or MAC address filtering. This feature is normally turned "off" by the manufacturer, because it requires a bit of effort to set up properly. However, to improve the security of your Wi-Fi LAN (WLAN), strongly consider enabling and using MAC address filtering.

Without MAC address filtering, any wireless client can join (authenticate with) a Wi-Fi network if they know the network name (also called the SSID) and perhaps a few other security parameters like encryption keys. When MAC address filtering is enabled, however, the access point or router performs an additional check on a different parameter. Obviously the more checks that are made, the greater the likelihood of preventing network break-ins.

To set up MAC address filtering, you as a WLAN administrator must configure a list of clients that will be allowed to join the network. First, obtain the MAC addresses of each client from its operating system or configuration utility. Then, they enter those addresses into a configuratin screen of the wireless access point or router. Finally, switch on the filtering option.

Once enabled, whenever the wireless access point or router receives a request to join with the WLAN, it compares the MAC address of that client against the administrator's list. Clients on the list authenticate as normal; clients not on the list are denied any access to the WLAN.

MAC addresses on wireless clients can't be changed as they are burned into the hardware. However, some wireless clients allow their MAC address to be "impersonated" or "spoofed" in software. It's certainly possible for a determined hacker to break into your WLAN by configuring their client to spoof one of your MAC addresses. Although MAC address filtering isn't bulletproof, still it remains a helpful additional layer of defense that improves overall Wi-Fi network security.

Do not confuse MAC address filtering with content filtering. Content filtering on a wireless access point or router allows administrators to maintain a list of Web site URLs or addresses that should not be accessed from the home WLAN.
0
 
LVL 70

Assisted Solution

by:garycase
garycase earned 498 total points
ID: 39745724
Yes, you can certainly use MAC address filtering in the router to limit access to just those devices you want -- you could even turn off the security so no key was required if you do that, since only those devices with MAC addresses in the filtering table would be able to connect anyway.

Depending on the number of connections involved, however, this could be an administrative hassle ... you'd have to enter the MAC addresses for all of your users, and be sure to delete any that were no longer allowed access.
0
 
LVL 88

Expert Comment

by:rindi
ID: 39745765
MAC addresses can be easily spoofed, so I can't really recommend that, particularly don't turn off the WPA2 protection. But if you can't force your users to not be admins, that is still the only way to get some sort of control.
0
 
LVL 44

Assisted Solution

by:Darr247
Darr247 earned 498 total points
ID: 39747066
If you don't have a domain but want finer granularity of control, consider an actual HotSpot device where you can assign temporary passwords that expire after a certain amount of time.

e.g.
ZyXEL N4100 HotSpot with SP300E Printer
or
Guest Internet Solutions GIS-R3 Hotspot and
Guest Internet Solutions GIS-TP1 Ticket Printer
et al.
0
 

Author Comment

by:sanjeevkmrs
ID: 39747687
Dear garycase,
                can i do mac address filteration in linksys 4500 ? or sugegst me some oither good router
0
 
LVL 70

Assisted Solution

by:garycase
garycase earned 498 total points
ID: 39747731
Yes.   The details of how to set up MAC Filtering are on page 36 of the manual for the Linksys 4500

http://downloads.linksys.com/downloads/userguide/EA-Series_UG_Full_3425-00125D_EN_FR-CA_Web.pdf
0
 
LVL 44

Assisted Solution

by:Darr247
Darr247 earned 498 total points
ID: 39748284
The MAC address is trivial to reset with tools available by default in most operating systems.

e.g.
Linux
# ifconfig eth0 hw ether 03:B0:01:d1:00:22

In Windows, the MAC address is stored in a registry key. The location of that key varies from one Windows version to the next, but just find it and edit it yourself. There are also free utils to change it for you (like, Macshift for XP, and ChangeMAC for Win7).

So filtering by MAC does not increase security.
0
 

Author Comment

by:sanjeevkmrs
ID: 39794086
let me check
0
 

Author Closing Comment

by:sanjeevkmrs
ID: 39830260
thanks
0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
Lithium-ion batteries area cornerstone of today's portable electronic devices, and even though they are relied upon heavily, their chemistry and origin are not of common knowledge. This article is about a device on which every smartphone, laptop, an…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question