Use the Intel® PROSet/Wireless WiFi Connection Utility
Personal Security
Personal Security Settings
Set up Data Encryption and Authentication
Enterprise Security
Enterprise Security Settings
Network Authentication
802.1X Authentication Types
The following sections describe how to use the Intel® PROSet/Wireless WiFi Connection Utility to set up the required security settings for your WiFi adapter. See Personal Security.
It also provides information about how to configure advanced security settings for your WiFi adapter. This requires information from a systems administrator (corporate environment) or advanced security settings on your access point (for home users). See Enterprise Security.
For general information about security settings, see Security Overview.
In a home wireless network you can use a variety of simple security procedures to protect your wireless connection. These include:
Wi-Fi Protected Access (WPA) encryption provides protection for your data on the network. WPA uses an encryption key called a pre-shared key (PSK) to encrypt data before transmission. Enter the same password in all of the computers and access point in your home or small business network. Only devices that use the same encryption key can access the network or decrypt the encrypted data transmitted by other computers. The password automatically initiates the Temporal Key Integrity Protocol (TKIP) or AES-CCMP protocol for the data encryption process.
WEP encryption provides two levels of security:
For improved security, use a 128-bit key. If you use encryption, all wireless devices on your wireless network must use the same encryption keys.
You can create the key yourself and specify the key length (64-bit or 128-bit) and key index (the location that a specific key is stored). The greater the key length, the more secure the key.
Pass phrase (64-bit): Enter five (5) alphanumeric characters, 0-9, a-z or A-Z.
Hex key (64-bit): Enter 10 hexadecimal characters, 0-9, A-F.
Pass phrase (128-bit): Enter 13 alphanumeric characters, 0-9, a-z or A-Z.
Hex key (128-bit): Enter 26 hexadecimal characters, 0-9, A-F.
With WEP data encryption, wireless station can be configured with up to four keys (the key index values are 1, 2, 3, and 4). When an access point or a wireless station transmits an encrypted message that uses a key stored in a specific key index, the transmitted message indicates the key index that was used to encrypt the message body. The receiving access point or wireless station can then retrieve the key that is stored at the key index and use it to decode the encrypted message body.
CAUTION: WiFi networks using no authentication or encryption are highly vulnerable to access by unauthorized users.
On the WiFi connection utility main page, select one of the following methods to connect to an infrastructure network:
If there is no authentication required, the network connects without a prompt to enter any log-on credentials. Any wireless device with the correct network name (SSID) is able to associate with other devices in the network.
To create a profile for a WiFi network connection with no encryption:
When WEP data encryption is enabled, a network key or password is used for encryption.
A network key is provided for you automatically (for example, it might be provided by your wireless network adapter manufacturer), or you can enter it yourself and specify the key length (64-bit or 128-bit), key format (ASCII characters or hexadecimal digits), and key index (the location where a specific key is stored). The greater the key length, the more secure the key.
To add a network key for a Device to Device (ad hoc) network connection:
To add a password or network key:
When WEP encryption is enabled on an access point, the WEP key is used to verify access to the network. If the wireless device does not have the correct WEP key, even though authentication is successful, the device is unable to transmit data through the access point or decrypt data received from the access point.
Name Description Password
Enter the Wireless Security Password (Pass phrase) or Encryption Key (WEP key).
Pass phrase (64-bit )
Enter five (5) alphanumeric characters, 0-9, a-z or A-Z.
WEP key (64-bit)
Enter 10 hexadecimal characters, 0-9, A-F.
Pass phrase (128-bit)
Enter 13 alphanumeric characters, 0-9, a-z or A-Z.
WEP key (128-bit)
Enter 26 hexadecimal characters, 0-9, A-F.
To add more than one password:
WPA* Personal Mode requires manual configuration of a pre-shared key (PSK) on the access point and clients. This PSK authenticates a user's password or identifying code, on both the client station and the access point. An authentication server is not needed. WPA Personal Mode is targeted to home and small business environments.
WPA2* is the second generation of WPA security that provides enterprise and consumer wireless users with a high level of assurance that only authorized users can access their wireless networks. WPA2 provides a stronger encryption mechanism through Advanced Encryption Standard (AES), which is a requirement for some corporate and government users.
NOTE: To achieve transfer rates greater than 54 Mbps on 802.11n connections, WPA2-AES security must be selected. No security (None) can be selected to enable network setup and troubleshooting.
To configure a profile with WPA-Personal network authentication and TKIP data encryption:
If your wireless access point or router supports WPA2-Personal, then you should enable it on the access point and provide a long, strong password. A long password provides stronger network security than a short password. The same password entered in the access point needs to be used on this computer and all other wireless devices that access the wireless network.
NOTE: WPA-Personal and WPA2-Personal are interoperable.
Wi-Fi Protected Access (WPA*) is a security enhancement that strongly increases the level of data protection and access control to a wireless network. WPA enforces 802.1X authentication and key-exchange and only works with dynamic encryption keys. For a home user or small business, WPA-Personal uses either Advanced Encryption Standard - Counter CBC-MAC Protocol (AES-CCMP) or Temporal Key Integrity Protocol (TKIP).
To create a profile with WPA2*-Personal network authentication and AES-CCMP data encryption:
AES-CCMP (Advanced Encryption Standard - Counter CBC-MAC Protocol) is a newer method for privacy protection of wireless transmissions specified in the IEEE 802.11i standard. AES-CCMP provides a stronger encryption method than TKIP. Choose AES-CCMP as the data encryption method whenever strong data protection is important.
If your Wireless access point or router supports WPA2-Personal, then you should enable it on the access point and provide a long, strong password. The same password entered into the access point needs to be used on this computer and all other wireless devices that access the wireless network.
NOTE: WPA-Personal and WPA2-Personal are interoperable.
Some security solutions may not be supported by your computer's operating system. You may require additional software or hardware as well as wireless LAN infrastructure support. Contact your computer manufacturer for details.