The Perils of Shared WiFi Passwords

Hey, what’s the WiFi password?

How many times have you asked or been asked this question? And how many times have you given your home WiFi password to someone you don’t know that well? Ever given your company WiFi password to someone outside your company? How many times would you guess your colleagues have done it?

wifipassword.jpg

Shared WiFi passwords can easily fall into the wrong hands. Most of the people who know your password have no idea how to cause trouble with it, but it only takes one person with the proper hacking skills to steal data, install malicious software, or just use your bandwidth for nefarious purposes.

One obvious solution is to set up a guest network. This is a great idea; you can segregate the guest network so devices on it can’t interact with each other, and you can set bandwidth limits so guests can’t eat up all your precious Megabits. You should definitely set one up if you haven’t already. But what if one of your colleagues mixes them up and accidentally gives out the password to the internal network? Or if you fire someone with an axe to grind who has the internal network password memorized?

For a more thorough solution, you have two options. The first is to cycle your internal WiFi password regularly. Every 3-6 months you change it and tell everyone the new password. It’s not perfect (someone could do a lot of damage over the course of several months until the next password change) and it’s a pain (no one likes getting kicked off WiFi and having to remember a new password that often), but it’s better than nothing.

The second option is to have user-specific WiFi passwords. You use a technology called WPA2 Enterprise on your internal network that forces each user to sign in with their own username and password. When someone leaves the company, you shut off their account and they’re locked out. And people are way less likely to give out their own password to strangers.

Ideally, you can leverage user accounts you already have for this (most network equipment can sync with Single Sign-On solutions like OneLogin or with Active Directory), but these can be separate accounts if necessary.

Setting up WPA2 Enterprise is fairly simple and painless, and whenever you’re ready to step up your WiFi game, Kinetix is ready to help.