Defaults in Wi-Fi Access Points

March 7th, 2008 admin Posted in Wireless Access Points | Comments Off

Recently, Christian and I published an article on the role of defaults in wireless access points (APs) (a free draft is also available). The paper examines defaults for encryption, ssid, and channel number. In this post, I want to highlight a key finding on the the role of the default for encryption.For consumer APs, such as Linksys, we found an encryption usage of 23% overall. In contrast, for 2Wire, we found an encryption usage of 96%. As we point out in the paper, the explanation for this difference is largely due to the default setting.Here are the relevant screenshots:If the goal is to encourage the use of encryption to secure APs, then the default should be set to enable encryption. Another approach, which is less powerful (but cheaper from the vendor’s perspective) is to use labels and improve configuration software to encourage the use of encryption. California followed this approach with the “Wi Fi User Protection Act”, which had the support of the wireless industry. The law states that:

manufacturers of any device that “includes an integrated and enabled wireless access point… for use in small office, home office, or residential settings… [must] include a warning advising the consumer how to protect his or her wireless network connection, a warning sticker, or provide other protection that, among other things, requires affirmative action by the consumer prior to use of the device.” [Wi Fi Planet]