0

WPA2 PSK is used to encrypt packets to and from a router. All the members on the network have the wifi password, so theoritically if one of them is untrustable they could be able to capture and decrypt packets from my machine.

Is there anything to get around this or eliminate this security vulnerability? I guess the only solution would be to use a VPN? Is there any other solution to add another layer of encryption?

Please note that I need a solution for the home/presonal setting, on a limited budget.

Anders
  • 64,406
  • 24
  • 178
  • 215
shah
  • 1
  • 1
  • 3
    Possible duplicate of [Can other WIFI users see my network traffic?](https://security.stackexchange.com/questions/161689/can-other-wifi-users-see-my-network-traffic) – browly Dec 06 '18 at 23:01
  • I would suggest to use a VPN for your whole PC not only for your Browser. In WPA3 this problem will be solved so you could try to change it as soon as possible – Cyberduck Dec 06 '18 at 23:01
  • yes my vpn connects automatically after starting my pc. – shah Dec 06 '18 at 23:05
  • What services/activity are you trying to protect and from who? Bank activity? Chats and emails? If your service's website uses HTTPS then your typical nosy housemate will not be able to see anything beyond the domain name of the sites you visit. If the site forces the browser to use the best encryption (TLS 1.3) then even a well funded professional can't decrypt the traffic. They can just see the domain you are connecting to and the volume of data you are transmitting... so perhaps they could deduce that you are streaming some video, but they won't know what specific video it is. – Owen Dec 07 '18 at 06:14
  • protect the sites i visit, bank information, usernames and passwords.... yeh they all use HTTPS. so i guess im safe. – shah Dec 09 '18 at 16:11

1 Answers1

1

Use WPA2-Enterprise (which uses 802.1X). Not only does every user have their own credentials, but their connections are encrypted with different keys. Note that this requires additional infrastructure; a RADIUS server at a minimum.

multithr3at3d
  • 12,355
  • 3
  • 29
  • 42
  • its not justifed as i only have 4 people on the network and im a personal user in a home setting. – shah Dec 06 '18 at 22:45
  • @shah, if you have conditions that constrain acceptable answers to your question, you should include them in the question. The answer given here is correct given the information you previously provided. – YLearn Dec 07 '18 at 01:30