News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Mac Security: Wi-Fi Security

    Posted on Nathan Parker Comment on the AskWoody Lounge

    This topic contains 9 replies, has 5 voices, and was last updated by

     Nathan Parker 3 weeks, 2 days ago.

    • Author
      Posts
    • #1685060 Reply

      Nathan Parker
      AskWoody_MVP

      This is the final installment of our Mac Security series (although not my final Mac related post as I’ll continue posting each weekend). If anyone has any additional Mac security topics I haven’t covered, feel free to post a thread, and I’ll be pleased to answer it.

      This week I wanted to briefly examine three areas relating to Wi-Fi security.

      Securing In-Home Wi-Fi

      It is important to ensure one’s in-home Wi-Fi network is secure, as not securing one’s in-home Wi-Fi network opens the door to attackers, as well as anyone simply using your home Internet connection for free. My personal recommendation is to use a Wi-Fi password that utilizes WPA2 instead of WPA or WEP. If you’re not sure which form of Wi-Fi security you have, ask your router manufacturer or ISP. If it’s anything less than WPA2, find out what it would take to switch the security to WPA2. WPA3 is also coming which will be even more secure, but it doesn’t have broad device support at the moment. Eventually, it will be good to migrate to WPA3.

      Adding Guest Access to Wi-Fi

      Many routers also offer the ability to enable guest access to the Wi-Fi network, and it’s generally a good idea to enable a router’s guest access, provided it’s also secured with a password that’s separate from the main Wi-Fi network password, and that guest access also uses a WPA2 password. When guests are visiting, you simply don’t want them having full access to everything on your network when accessing your Internet. Taking a few moments to provide them with a separate network that allows them to access the Internet without handing them the keys to your main network is a smart move. Even then, it is good to only give out the guest network password to guests you’d trust on your network. If guests perform anything nefarious or illegal on your network, it could get traced back to you (as I have seen with some churches with guests in the past).

      Use a VPN on Public Wi-Fi

      Now that I have unlimited data on my iPhone and high data caps on my iPad and iPhone’s mobile hotspot, I’ve had less of a need to use Public Wi-Fi. I can use my iPhone and iPad on LTE and connect a Mac to my iPhone’s mobile hotspot on-the-go. However, for the times when I need to dip into Public Wi-Fi, I use and recommend others use a VPN. (Virtual Private Network). Public Wi-Fi networks are generally not secure, and anyone on the network can snoop around on network traffic. This article explains what a VPN does. VPN’s were originally created for office workers who needed to remote into their company network (I do this for a company I remotely work for), but consumer versions of VPN providers have gained popularity since they route Wi-Fi traffic through a secure tunnel. I’ve personally tested WiTopia and Private Internet Access. Both offer good performance. I found Private Internet Access works well with Windows/Android whereas WiTopia works well with macOS/iOS. I’m personally using WiTopia at the moment since I need Cisco IPSec support. VPN services come in multiple “flavors” (PPTP, L2TP, Cisco IPSec, and OpenVPN are the main ones). PPTP is an older variant that isn’t as secure. I personally recommend L2TP or Cisco IPSec (I’ve had the best experience with Cisco IPSec). OpenVPN is solid as well but a little harder to configure. Verizon also offers Safe Wi-Fi which I may test at a later date.

      Thanks for reading the Mac Security series! Feel free to post any questions!

      Nathan Parker

      3 users thanked author for this post.
    • #1692529 Reply

      Alex5723
      AskWoody Plus

      25,000 Linksys routers are reportedly leaking details of any device that has ever connected to it

      The flaw that may have been leaking data since 2014 reportedly exposes routers that haven’t had their default passwords changed, and it can even help lead hackers to physically locate devices and users in the real world…

      https://appleinsider.com/articles/19/05/18/researcher-claims-25000-linksys-routers-are-leaking-details-of-devices-that-have-ever-connected-to-them

      1 user thanked author for this post.
    • #1697984 Reply

      Nathan Parker
      AskWoody_MVP

      Thanks for this. I only spent a short time with a Linksys Velop. Glad I took it back and went with a cloud-managed router (Cambium Networks) from my ISP. It is disturbing to know.

      Nathan Parker

    • #1699113 Reply

      OscarCP
      AskWoody Plus

      Thanks for choosing to write about this topic. It is amazing that, as noted by Alex5723,  certain routers “may have been leaking data since 2014” and nobody noticed, or else chose to do something about it!

      A few years ago , when I first got it, I changed the password in my WiFi router so it is no longer “12345” or whatever it had been assigned to it in the factory. And the WiFi channel encryption is WPA2 .

      2 users thanked author for this post.
    • #1701102 Reply

      anonymous

      According to ArsTecnica’s Dan Goodin has reported WPA3 is already broken before release to market:
      https://arstechnica.com/information-technology/2019/04/serious-flaws-leave-wpa3-vulnerable-to-hacks-that-steal-wi-fi-passwords/

      Maybe WPA3 will all be fixed by release to market?

      2 users thanked author for this post.
    • #1708565 Reply

      Nathan Parker
      AskWoody_MVP

      Good article on WPA3. It likely will, and another reason I recommend holding off on WPA3 and sticking with WPA2 at the moment. WPA2 is pretty solid and better than the other technologies out there, so I’ll run with it until WPA3 has ironed out the kinks.

      I also use an enterprise WAP instead of consumer devices. I’ll allow the consumers to be the “beta testers” while I stay on tried and true technology that works.

      Nathan Parker

    • #1743674 Reply

      Paul T
      AskWoody MVP

      The biggest issue with WiFi on Mac is the requirement to provide the password to connect. Entering
      l]rd%~@$XT=_$22(5Truz1L4+=+0#rW]OX[I9~_Ag9^rf0g>"iMWU+Ct";R!*SQ
      on the keyboard is not trivial, especially if you are visiting.
      At least on Win/Android you can use the “slightly less secure” WPS push button.

      cheers, Paul

      • This reply was modified 3 weeks, 3 days ago by
         Paul T.
      • #1744971 Reply

        OscarCP
        AskWoody Plus

        Paul T: I am typing this at home, in my Mac laptop and connected to my router via WiFi, as usual since I first set up the WiFi feature when I first got this machine in June of 2017, except for a few occasions when I’ve had to send some information I was very cagey about potentially being spied upon, so I connected to the router using the Ethernet cable, with WiFi off.

        And never, after that very fist time, have I had to enter my WiFi password again.

        Maybe you are remarking on some other kind of connection via WiFi? At a hot spot, or some coffee shop, perhaps? My laptop stays home almost all the time, with only rare excursions into the wider world. And I’ve never tried to connect to hot spots anywhere, or to some business’ place or hotel WiFi, even then.

        • #1744974 Reply

          anonymous

          And never, after that very fist time, have I had to enter my WiFi password again.

          Methinks that’s the event that @paul-t is referring to in his post just above yours! 🙂

          Even if it’s only once, sometimes entering a very lengthy, complex password can be challenging, especially if one is using a tablet or phone which only has an on-screen keyboard with a different special character layout than a traditional, physical keyboard.

    • #1745398 Reply

      Nathan Parker
      AskWoody_MVP

      A few pointers:

      1. On a Mac, you can copy/paste Wi-Fi passwords into the Wi-Fi password field, and even select a box saying “view password” to ensure it is in there correctly.
      2. Macs have physical keyboards. Only iOS devices (iPhones and iPads) have virtual keyboards, and you can even connect a physical keyboard to an iPad (I use one with mine occasionally).
      3. You can likely copy/paste a Wi-Fi password onto iOS devices as well, and there are ways to easily share Wi-Fi passwords with iOS users.
      4. Once you join a Wi-Fi network on a Mac, it will sync the password and auto-connect iOS devices that are signed into the same iCloud account.

      Nathan Parker

      1 user thanked author for this post.

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Mac Security: Wi-Fi Security

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.