WPA2 Enterprise Authentication Certificate Security



  • While reading up about WPA2-Enterprise, it states that it is more preferred over WPA2-Personal as it allows authentication via digital certificates which prevents over-the-air attacks.

    However, I am unsure of the following implications about this implementation. If WPA2-Enterprise was to be implemented:

    • Can the authentication cert on machine A be dumped out, installed on machine B and use to authenticate to the network?
    • If user A uses a domain user account to login to machine A, and connects to the network using an authentication cert. user A also has a local admin account on machine A. Is it possible for the local admin account to obtain the authentication cert of the domain user account on machine A and install it onto machine B and login using the same domain user account?
    • Can I issue unique certificates to each machine for authentication or do they have to request one during the authentication process?

    Apologies in advance for the weird question, have no previous experience with WPA2-Enterprise at all!



  • Can the authentication cert on machine A be dumped out, installed on machine B and use to authenticate to the network?

    technically, yes.

    If machine A was a domain user, but has local admin privileges is the above scenario still possible?

    I didn't get the first part: how machine can become a user?

    Can I issue unique certificates to each machine for authentication or do they have to request one during the authentication process?

    yes.



Suggested Topics

  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2