Home > Articles > Cisco Network Technology > General Networking > Prevent Wi-Fi Eavesdroppers from Hijacking Your Accounts

Prevent Wi-Fi Eavesdroppers from Hijacking Your Accounts

Article Description

Password sniffing and account hijacking have become more prevalent in recent years because of Wi-Fi and software that make these hacking techniques so easy. Eric Geier shows you how to protect your privacy when logging on to online accounts that don't always use secure connections, like Facebook, MySpace, Twitter, and Amazon.
On Your Own Network

On Your Own Network

To prevent eavesdropping on your own wireless network, first make sure your wireless router (and all other access points) are set with at least the Personal/Pre-Shared Key (PSK) mode of WPA or WPA2 encryption. WPA2 uses a better encryption method than the first version, so try to use it. Keep in mind that all your computers and other Wi-Fi devices need to support the same encryption method as what's set by the router or access points. Any equipment manufactured in 2006 and after should support both WPA and WAP2. Older equipment may also by updating the driver of the wireless adapter or firmware of the router or access point.

If you're concerned about other users in your secured network (family members, employees, etc.) eavesdropping on your Internet traffic, consider using a VPN like that discussed in the previous section.

Another way to prevent eavesdropping between users is to enable AP isolation if the feature is supported by your wireless router and any other access points. It can also be called WLAN Partition or Layer 2 isolation. It blocks all user-to-user communication on the network. But keep in mind that it also blocks standard.

The best way to prevent user-to-user eavesdropping on your own wireless network while keeping the ability to use file and printer sharing is to use the Enterprise mode of WPA or WPA2 security. However, this requires setting up a separate RADIUS server to do the required 802.1X authentication and also requires a more complex configuration on each computer or device connecting to the wireless network. However, there are hosted services, such as AuthenticateMyWiFi, that make the whole process much easier and don't require you to have your own server.

4. Securing Individual Sites and Services | Next Section Previous Section