When a wireless network is deployed, authentication is the first thing that needs to be done before connecting it to devices. So, It is important to know the different aspects of the authentication methods. However, authentication should not be mistaken with the authorization.
Authentication is a process by which the identity of a user is verified by using some sort of credentials. On the other hand, authorization is more like authorizing a person to use the resources. Thus, in the most of the cases, authentication precedes authorization.
As far as authentication is concerned, there are mainly three types of WLAN authentication methods that are used today:
- Open authentication
- shared authentication
- EAP (Extensible Authentication Protocol) authentication
When a wireless network is deployed, a user knows about the particular network using its Service-Set Identifier (SSID). SSID, in simple terms, can be thought of as a wireless network identifier which is continuously broadcasted by the wireless network.
If you are really interested in knowing the different SSIDs your machine can see, then type the command below:
“netsh wlan show networks”
And it would look something like this:
Here, you can see a list of SSIDs as well as authentication types of those SSIDs. So, in the open authentication, if the device knows the SSID, it can directly join the network.
The shared authentication method is more secure than the open authentication. However, the shared authentication is basically employed on the individual and small business levels. A shared key, also known as Pre-Shared Key (PSK), is shared between the two parties. When the device tries to connect to that network, it puts in the key and if that matches, then the device is allowed onto the network.
Extensible Authentication Protocol (EAP):
EAP is the last types of WLAN authentication method, but the most secure authentication process of all. That’s why EAP is also deployed at the enterprise level along with an authentication server. A user logs into the wireless network using a variety of credential options.