Mastering the Use of Wi-Fi Network Security Keys

They might look intimidating, but they're not difficult to work with

Chaos Computer Club 29C3 (2012)

Patrick Lux / Getty Images

One essential aspect of setting up a Wi-Fi connection is enabling security with the correct settings. If you misconfigure these settings, Wi-Fi devices can fail to connect to the local network. Left to defaults or not configured at all, and they'll fail to protect your network against unwanted connections.

Of all the steps involved in configuring security on a Wi-Fi network, the management of wireless keys is the most important. A wireless key is a digital password that all users of devices on your network must enter to connect to the network and with each other. All devices on a local Wi-Fi network share a common key.

Wireless keys are made up of letters and/or digits in sequences called strings.

Wi-Fi Keys: Types and Options

Setting up security on a Wi-Fi network router, wireless hotspot, or client device involves choosing from among a list of security options and then entering a key string that the device stores. Wi-Fi keys exist in two basic forms:

  • ASCII — a sequence of letters and/or decimal numbers
  • hex — a sequence of hexadecimal numbers

Hex keys (strings like 0FA76401DB) are the standard format for Wi-Fi devices. ASCII keys are also called passphrases because people often choose easy-to-remember words and phrases for their keys — for example, ilovewifi and hispeed1234. Wi-Fi devices convert both ASCII and hex keys into binary numbers that become the actual key value used by the Wi-Fi hardware to encrypt data sent over the wireless link.

Some Wi-Fi devices support only hex keys and will disallow entering passphrase characters or report an error when you're trying to save a passphrase.

The most common security options for home networking include:

  • 64-bit and 128-bit WEP (wired equivalent privacy), neither of which is recommended because of its inferior level of protection
  • WPA (Wi-Fi protected access) and WPA2

Wi-Fi key restrictions depend on the options chosen as follows:

  • 64-bit WEP — Passphrases must be exactly five ASCII characters; keys must be exactly 10 hexadecimal digits.
  • 128-bit WEP — Passphrases must be exactly 13 ASCII characters; keys must be exactly 26 hexadecimal digits.
  • WPA and WPA2 — Passphrases must be between eight and 63 ASCII characters; keys must be 64 hex digits.

Additional rules apply to all of the above options when making Wi-Fi keys:

  • Choose keys longer than the minimum, if possible. Longer keys are more secure, although they are also much more difficult to remember.
  • Ensure that shared keys match exactly. All forms of Wi-Fi keys are case-sensitive.

Synchronizing Keys Across Local Devices

To ensure all devices on a home or local network are configured correctly with the same Wi-Fi key, first set a key for the router (or another access point) and then systematically update each client one by one to use the matching string. Exact steps for applying a Wi-Fi key to a router or other device vary slightly depending on the specific hardware involved, but as a general rule:

  • Enter keys into the router’s administration page for wireless settings.
  • Enter keys into a client device through its Settings app or operating system control panel.

Finding Keys for Routers and Hotspots

Because the sequence of numbers and letters in a Wi-Fi key can be long, mistyping and forgetting them is common. To find the key string currently in use for a wireless home network, log into the local router as an administrator and look up the value from the appropriate console page.

A device can't authenticate with the router unless it already has the correct key, so you might have to connect your device to the router via Ethernet cable.

Screenshot of a router main screen showing network security key

Some home routers come with Wi-Fi security options already turned on and default keys pre-installed. Such a router typically has a sticker on its bottom showing the key string. Although these keys are private and generally safe to use within a home, the stickers enable anyone inside a home to see its network settings and connect additional client devices to the network without your knowledge. To avoid this risk, override the key on such a router with a different string immediately when you first install it.