Configure WPA wireless security for home networks

An update for Windows XP Service Pack 1 users provided operating system support for WPA security. If you haven't received this update automatically, follow these steps:

  1. Open Internet Explorer, click the Tools menu, and then click Windows Update.

  2. Look for Recommended Update 815485 under Windows XP.

You'll need to install this update and use wireless adapters and an access point or router that supports WPA.

Configure WPA-PSK for your router or access point

The first step in constructing an ultra-secure home network is to set up your WPA-capable router or access point for WPA-PSK. Use a wired connection, if possible, to specify these settings since a wired connection will not be impacted if you make a mistake. Start by accessing the administrative internal webpage of your access point or router.

Here's how to configure equipment for WPA-PSK after accessing the web administration interface.

  1. Locate a menu labeled Security or Network Authentication. Choices for WEP, WPA, WPA-PSK, and NONE will be available from this menu.

  2. Click WPA-PSK.

  3. Enter a hard-to-guess passphrase (between 8 and 63 characters) in the WPA Pre Shared Key field. This is also known as a Shared Secret.

  4. Enter a Rekey Interval (normally the unit is seconds).

  5. Click Apply or Reset, depending on the vendor's implementation.

Configure WPA-PSK on Windows XP

After you've set up your router or access point for WPA-PSK, you'll need to configure the wireless properties on each computer for WPA-PSK as follows:

  1. Right-click the wireless connection icon in the notification area, and then click View Available Wireless Networks.

  2. Select the WPA-PSK capable network you want to attach to by clicking the SSID (Service Set Identifier).

  3. Enter the Shared Secret (passphrase) in the Network Key field and again in the Confirm Network Key field. Although the text refers to a network key, the passphrase can be entered here.

  4. Click Connect.

  5. To configure WPA-PSK or edit an already configured Shared Secret, click the Advanced button.

  6. In the Wireless Network Connection Properties dialog box, do one of the following:

    • If the wireless network is not already configured and does not appear in the lower window, select it, and then click Configure.

    • If a wireless network is already a Preferred network and appears in the lower window, select it, and then click Properties.

    The Network name (SSID) of the access point or router you are configuring is displayed.

  7. Select WPA-PSK from the Network Authentication box.

  8. Use the default TKIP Data encryption method.

  9. Enter the Shared Secret/Passphrase that you entered in the wireless router or access point under Network key.

  10. Enter the Shared Secret/Passphrase a second time under Confirm network key, and then click OK.

You should now be able to successfully connect to your WPA-PSK-enabled router or access point.

Tips to strengthen wireless security

Here are additional steps you can take to secure your wireless home network:

  • Never use the default SSID provided by the manufacturer. You can optionally turn off the broadcast of the SSID name, but this won't stop determined hackers from finding it.

  • Set up an access control list by Mac address of all devices you want to associate with the access point or wireless router.

  • Change the default password provided by the manufacturer on the access point or wireless router.

  • Place the access point or router in the center of your home and not near a window.

  • Turn off administrative access over wireless if possible.