Events for all Levels and InterestsStay
Jump Start Your Career GrowthStay
Get on the Higher Ed IT MapStay
Uncommon Thinking for the Common Good™Stay
Wireless WPA2 MSCHAPv2
Reading through the news, I saw that at Defcon MSCHAPv2 has been effectively compromised. https://www.cloudcracker.com/blog/2012/07/29/cracking-ms-chap-v2/ This includes the use of it in WPA2 connections to radius servers for authentication. Per the article, the current recommendation for enterprise wireless deployments is to move to using client certificates for authentication.
It seems that using client certificates for authentication will be difficult for many schools because of the issue of publishing and distributing certificates to user on their multitudes of different devices. Does anyone have any good thoughts or recommendations on migrating to certificate based authentication with the proliferation of students owned computers and mobile devices we all experience.
Network Support Technician
University of Mount Union