Solved

How To hide the passkey of wifi network

Posted on 2013-12-25
21
381 Views
Last Modified: 2014-02-03
Hi ,
 i want to hide the passkey of my wifi network, as if we provide a wifi access to one person then the key is visible in there laptop wifi security option , and other people can also share it .

i want to hide this .
please advice
0
Comment
Question by:sanjeevkmrs
  • 7
  • 3
  • 3
  • +4
21 Comments
 
LVL 70

Expert Comment

by:garycase
Comment Utility
Actually the key is almost certainly stored in an encrypted form -- at least on Windows boxes.    If you're really concerned, use more than just a passkey ... add Mac address authentication (i.e. only devices on the specific Mac address list in the router can connect.).
0
 
LVL 87

Expert Comment

by:rindi
Comment Utility
Make sure your users don't have administrative rights on their PC's. Standard users can't view the passphrase.
0
 
LVL 3

Expert Comment

by:jb_yow
Comment Utility
Why not use DPSK (dynamic pre-shared key) instead of a simple passkey.
0
 

Author Comment

by:sanjeevkmrs
Comment Utility
if i will use DPSK then how it gona help ? please advice . also can we use dynamic pre-shared key wirelessly ?
0
 
LVL 37

Expert Comment

by:Bing CISM / CISSP
Comment Utility
for a small WiFi network, we commonly use a PSK (Pre-Shared Key), and it does have the issue you mentioned in the question.

if you want to prevent other people from using a known passkey especially on a shared computer, you need to use enterprise solution which is based on RADIUS and domain authentication.
0
 
LVL 87

Expert Comment

by:rindi
Comment Utility
Or as I mentioned earlier, only use standard accounts, not administrator accounts. Logging on as administrator to a PC for day-to day use is very bad practice anyway.
0
 

Author Comment

by:sanjeevkmrs
Comment Utility
i think registering mac address of the laptops will be fine as the users are having there independent laptops ,
please advice and also advice for a good linksys router in whihc i can register the mac addresses of the laptops on which the wifi can run
regards
0
 
LVL 5

Accepted Solution

by:
chanderpal singh rathore earned 168 total points
Comment Utility
Hi,

The only option in a managed environment would be to disable access to the network & Sharing center
http://www.technology-howto.com/2011/09/how-do-i-prevent-access-to-internet.html

In a small non managed environment, the only option is MAC filtering so even if someone has your Wi-Fi password, he can't access your network.


In a large scale non managed environment(Schools etc'...) this is NOT possible and was the cause of much criticizm towards Microsoft for implementing this stupid mechanism into Windows 7. School admins just made policies that you can connect to the network only using Windows XP and Vista.


or you can get more information on below link:
http://www.linkedin.com/groups/Does-anyone-know-way-remove-2618496.S.99377528
0
 
LVL 44

Expert Comment

by:Darr247
Comment Utility
If you're running a domain, just switch to using WPA2-enterprise authentication validated by RADIUS server, instead of WPA2-personal or WPA2-PSK.
0
 

Author Comment

by:sanjeevkmrs
Comment Utility
no i am not running a domain , its a simple router i need to keep in my camp so that my guys can access wifi on there laptops , but now as they can see the password in the security option of individual laptops they are sharing with other people , which i want to stop .
is it possible i can add the  mac  address of the people in router so that those people can only use wifi . instead of giving them password or putting password in there laptops ?

please advice
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 5

Expert Comment

by:chanderpal singh rathore
Comment Utility
Hi sanjeevkmrs,

You can use  mac address and follow the link to use mac address please refer

http://compnetworking.about.com/cs/wirelessproducts/qt/macaddress.htm
0
 

Author Comment

by:sanjeevkmrs
Comment Utility
please check the link is not working
0
 
LVL 5

Assisted Solution

by:chanderpal singh rathore
chanderpal singh rathore earned 168 total points
Comment Utility
Most Wi-Fi access points and routers ship with a feature called hardware or MAC address filtering. This feature is normally turned "off" by the manufacturer, because it requires a bit of effort to set up properly. However, to improve the security of your Wi-Fi LAN (WLAN), strongly consider enabling and using MAC address filtering.

Without MAC address filtering, any wireless client can join (authenticate with) a Wi-Fi network if they know the network name (also called the SSID) and perhaps a few other security parameters like encryption keys. When MAC address filtering is enabled, however, the access point or router performs an additional check on a different parameter. Obviously the more checks that are made, the greater the likelihood of preventing network break-ins.

To set up MAC address filtering, you as a WLAN administrator must configure a list of clients that will be allowed to join the network. First, obtain the MAC addresses of each client from its operating system or configuration utility. Then, they enter those addresses into a configuratin screen of the wireless access point or router. Finally, switch on the filtering option.

Once enabled, whenever the wireless access point or router receives a request to join with the WLAN, it compares the MAC address of that client against the administrator's list. Clients on the list authenticate as normal; clients not on the list are denied any access to the WLAN.

MAC addresses on wireless clients can't be changed as they are burned into the hardware. However, some wireless clients allow their MAC address to be "impersonated" or "spoofed" in software. It's certainly possible for a determined hacker to break into your WLAN by configuring their client to spoof one of your MAC addresses. Although MAC address filtering isn't bulletproof, still it remains a helpful additional layer of defense that improves overall Wi-Fi network security.

Do not confuse MAC address filtering with content filtering. Content filtering on a wireless access point or router allows administrators to maintain a list of Web site URLs or addresses that should not be accessed from the home WLAN.
0
 
LVL 70

Assisted Solution

by:garycase
garycase earned 166 total points
Comment Utility
Yes, you can certainly use MAC address filtering in the router to limit access to just those devices you want -- you could even turn off the security so no key was required if you do that, since only those devices with MAC addresses in the filtering table would be able to connect anyway.

Depending on the number of connections involved, however, this could be an administrative hassle ... you'd have to enter the MAC addresses for all of your users, and be sure to delete any that were no longer allowed access.
0
 
LVL 87

Expert Comment

by:rindi
Comment Utility
MAC addresses can be easily spoofed, so I can't really recommend that, particularly don't turn off the WPA2 protection. But if you can't force your users to not be admins, that is still the only way to get some sort of control.
0
 
LVL 44

Assisted Solution

by:Darr247
Darr247 earned 166 total points
Comment Utility
If you don't have a domain but want finer granularity of control, consider an actual HotSpot device where you can assign temporary passwords that expire after a certain amount of time.

e.g.
ZyXEL N4100 HotSpot with SP300E Printer
or
Guest Internet Solutions GIS-R3 Hotspot and
Guest Internet Solutions GIS-TP1 Ticket Printer
et al.
0
 

Author Comment

by:sanjeevkmrs
Comment Utility
Dear garycase,
                can i do mac address filteration in linksys 4500 ? or sugegst me some oither good router
0
 
LVL 70

Assisted Solution

by:garycase
garycase earned 166 total points
Comment Utility
Yes.   The details of how to set up MAC Filtering are on page 36 of the manual for the Linksys 4500

http://downloads.linksys.com/downloads/userguide/EA-Series_UG_Full_3425-00125D_EN_FR-CA_Web.pdf
0
 
LVL 44

Assisted Solution

by:Darr247
Darr247 earned 166 total points
Comment Utility
The MAC address is trivial to reset with tools available by default in most operating systems.

e.g.
Linux
# ifconfig eth0 hw ether 03:B0:01:d1:00:22

In Windows, the MAC address is stored in a registry key. The location of that key varies from one Windows version to the next, but just find it and edit it yourself. There are also free utils to change it for you (like, Macshift for XP, and ChangeMAC for Win7).

So filtering by MAC does not increase security.
0
 

Author Comment

by:sanjeevkmrs
Comment Utility
let me check
0
 

Author Closing Comment

by:sanjeevkmrs
Comment Utility
thanks
0

Featured Post

Save on storage to protect fatherhood memories

You're the dad who has everything. This Father's Day, make sure your family memories are protected. My Passport Ultra has automatic backup and password protection to keep your cherished photos and videos safe. With up to 3TB, you have plenty of room to hold the adventures ahead.

Join & Write a Comment

Lithium-ion batteries area cornerstone of today's portable electronic devices, and even though they are relied upon heavily, their chemistry and origin are not of common knowledge. This article is about a device on which every smartphone, laptop, an…
DECT technology has become a popular standard for wireless voice communication. DECT devices are not likely to be affected by other electronic devices and signals because they operate in a separate frequency-band.
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now