Definition of WiFi Authentication

WiFi Authentication

Many people take WiFi for granted due to its ubiquity, but that doesn’t change the fact that it is one of the most wide reaching innovations of the modern era. The convenience of connecting wirelessly to a network has had an incredible effect on users, IT admins, and cost. But, in order to access the network, users must authenticate. So, what is the definition of WiFi authentication?

How WiFi Enables Freedom

WiFi authentication

Untethering from a desk and wirelessly authenticating to the network allows users a boost in collaboration, flexibility, and convenience. With freedom from wires, laptops now allow for users to take their work into the conference room with them for a meeting. IT admins no longer have to hire contractors to pull ethernet cords throughout an entire building and into a server room. WiFi even allowed users to work remotely from anywhere with a signal. Clearly, WiFi has made networking a much more convenient affair for both users and admins. But, convenience often leads to risk.

Before WiFi networks, users connected to the Internet in their offices via wired connections that were managed by a domain controller within Microsoft® Active Directory® (MAD or AD). The domain controller would authenticate users and allows access to specific computer resources, including the network. This setup allowed for proximity-based security. If you could plug in an ethernet cord to your system, you could gain access to the network by leveraging your unique credentials. Credentials were not shared, which leads us to the biggest issue with conventional WiFi authentication.

Shared WiFi Credentials Results in Risk

WiFi security KRACK

Wireless networks are often authenticated to via a single shared SSID and password. These credentials usually get passed around via sticky note, email, or word of mouth. Any of these means of communication pose the risk of interception by bad actors. Now, should the IT admin even find out a breach occurred, they have to undergo the annoying and security-deficient task of changing the password and disseminating that information company wide—more passed sticky notes?

Further, WiFi signals broadcast throughout the entire office but spill out into the parking (Read more...)

*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Ryan Squires. Read the original post at: