security wpa2 and wpa3 psk : how to know wich one is used per clients ?

dang21000 · October 13, 2024, 7:36pm

Hi,

I’ve setup my security profile for use passphrase.
I enable both wpa2 and wpa3 psk like this :

/interface wifi security set  ....  authentication-types=wpa2-psk,wpa3-psk  passphrase="Bienvenue"

I If i see registered clients in the “/interface/wifi/registration-table”, how to know wich wpa version is used per clients ?

Are they always in wpa2 or wpa3 ? An old OS like XP or android 8 can be in wpa2, but newer version ? are they in 2 or 3 ?

neki · October 13, 2024, 7:51pm

Just imagine that you are hacker and you want to hack your network, will you use WPA2 or WPA3 for that attack?

jaclaz · October 13, 2024, 8:50pm

… or some drug and a $5 wrench?
https://xkcd.com/538

neki · October 13, 2024, 9:08pm

Cracking WPA3 this way would be definitely cheaper then cracking WPA2 password conventional way…

infabo · October 13, 2024, 9:23pm

Active authentication type is shown in ROS 7.17+ registration table.

What's new in 7.17beta2 (2024-Sep-27 10:07):

*) wifi - show authentication type and wireless standard used by each client in registration table;

Coughy · October 14, 2024, 5:43am

Active authentication type is shown in ROS 7.17+ registration table.
What's new in 7.17beta2 (2024-Sep-27 10:07):

*) wifi - show authentication type and wireless standard used by each client in registration table;

like this very handy but only in latest beta as quoted here

dang21000 · October 14, 2024, 7:41am

Hi,

Thank you for all your replies.
I Don’t want drugs… You’re stupid or what?

I manage lot of ap and ssid with thousands maybe more stations.

wpa2 is used for legacy and I just want to identify an count during a month more/less the amount of clients still using wpa2. The goal is to to only use wpa3.

I’ll try 7.17b soon on the a test access point with test ssid.

Have a good day

rextended · October 14, 2024, 7:44am

Disable WPA2!!!

infabo · October 14, 2024, 7:52am

The good old admin wisdom: “Disable it and see who complains.”

holvoetn · October 14, 2024, 8:36am

But don’t forget you did because some time later someone will complain and you may not remember what has changed …

dang21000 · October 14, 2024, 8:56am

Yes, it’s necessary to have a count usage of wpa2 to ensure i’ll not lost clients… removing wpa2 must be done with clients, communication, planned date, etc…

mkx · October 14, 2024, 9:21am

Planning and advance notifications are highly overrated these days …

dang21000 · October 14, 2024, 9:26am

It’s for this reason i’m search the stations count per auth method.

rextended · October 14, 2024, 9:36am

If you want to force everyone to “throw away” all their perfectly working devices,
just because some moron of a salesman said that WPA3 is better for “mind games” on the internet,
and produce tons more garbage, go ahead.
Because while you’re watching and distracted by WPA3 you don’t see everything else.

dang21000 · October 14, 2024, 6:58pm

Hi,

I’ve just tested the beta 2 of 7.17, it work like a charm on a lab hapax3.
It’s easy to identified the auth method used by stations.

I’ll planned wpa2-psk “progressive kill” fews weeks after 7.17 release.

Thank you every one.