Hacker News new | past | comments | ask | show | jobs | submit login

Not OP, but I've a guest network.



Guest network with no password is the way, some firmware allow you to turn the reset button into this function's switch.


Before WPA3 a network with no password offers less security than a network for which everybody knows the password.

In WPA3 finally the no password ("guest") case has randomly chosen keys using RFC 8110 instead of being unencrypted, so it's equivalent security to everybody knowing the password.

I agree no password is the best outcome, and WPA3 makes that finally no more dangerous than it needs to be.


I mean turn if off once guests are gone, yes it's not safe as everything on the network can be sniffed by your nosy neighbors, you can quanrentine this guest network from your ethernet to make it less revealing. It's meant to be a one-off thing to avoid hassle. Good to know they have that in WPA3.


In WPA3 the nosy neighbours can't sniff anything. If there is no password or they know it they can do an active MITM to get between users and your Access Point because it now uses a PAKE, but active attacks can be detected and would be a bit more than "nosy neighbours". If you use anything fancier than a password (including technologies like EduRoam or GovRoam, Active Directory login, whatever) any adversary has to attack that instead.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: