Gruss Gott wrote: > My wording was off, I meant that there are 2 types of WPA, not that > Personal was better Enterprise. My Mac has the following choices: > > WEP (3 types: password, 40/128 Hex, 40/128 ASCII) > LEAP > WPA (2 types: Personal and Enterprise) > > I went with the WPA Personal as it seemed like most secure choice. My > PSK is long phrase that is 20+ characters with mixed characters and > numbers.
>From the offered choices, WPA Enterprise is the best. LEAP is about as safe as >WPA Personal (it has the same dictionary attack issues) and WEP is the worst. WPA Enterprise uses the same mechanism as 802.1x: pass the credentials on to the RADIUS server and have the RADIUS server authenticate them. That means you can use many different authentication schemes, even in a roaming network: it is in fact a whole class of solutions (LEAP, EAP-TLS, PEAP, EAP-TTLS, EAP-MSChap, EAP-MSChapV2 etc.). It is not very suited for personal use, few people run a RADIUS server, but ideal for the enterprise where people just tie their RADIUS server into a user database. WPA Personal (PSK) uses the same methods for encrypting the air channel, but the method for the initial authentication is weaker. You can only set up one or a few pre-shared keys and the per-user keying that works with RADIUS and a central user database doesn't work with PSK. So not only will the same key be used more often (reducing entropy), more people will share the key. Jochem ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Special thanks to the CF Community Suite Gold Sponsor - CFHosting.net http://www.cfhosting.net Message: http://www.houseoffusion.com/lists.cfm/link=i:5:136031 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/5 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:5 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.5 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
