The differences between WPA-Personal and WPA-Enterprise
WPA-Personal (WPA-PSK):
This mode is appropriate for most home networks. When a password is set on a wireless router or an access point (AP), it must be entered by users when connecting to the Wi-Fi network.
On the PSK mode, wireless access can't be individually or centrally managed. One password applies to all users, and it should be manually changed on all the wireless clients once it’s manually modified on the original wireless router or AP.
The password is stored on the wireless clients. Therefore, anyone on the computer can connect to the network and also see the password.
WPA-Enterprise (WPA-802.1x, RADIUS):
This mode provides the security needed for wireless networks in business environments. It is more complicated to set up, and it offers individualized and centralized control over access to your Wi-Fi network. When users try to connect to the network, they need to present their login credentials.
This mode supports 802.1x RADIUS authentication and is appropriate in the cases where a RADIUS server is deployed. WPA-Enterprise should only be used when a RADIUS server is connected for client authentication.
Users never deal with the actual encryption keys. They are securely created and assigned per user session in the background after a user presents their login credentials. This prevents people from getting the network key from computers.
Summary:
WPA-Personal is a common method to secure wireless networks, and it is suitable for most home networks.
WPA-Enterprise provides the security needed for wireless networks in business environments where a RADIUS server is deployed.
Is this faq useful?
Your feedback helps improve this site.
TP-Link Community
Still need help? Search for answers, ask questions, and get help from TP-Link experts and other users around the world.