2.3 Given a scenario, select and configure wireless devices and technologies
Authentication
📘CompTIA Network+ (N10-009)
What is Pre-Shared Key (PSK)?
A Pre-Shared Key (PSK) is a single, shared password used by all devices to join a wireless network.
This password must match the key configured on the wireless access point (AP).
- If the key matches → the device connects
- If the key is wrong → the device is denied
PSK is commonly used with security protocols like:
- WPA2-PSK
- WPA3-SAE (improved version of PSK)
How PSK Authentication Works (Step-by-Step)
- Administrator configures the wireless network
- Sets SSID
- Chooses security mode (WPA2-PSK or WPA3-SAE)
- Creates a passphrase
- Users connect to the Wi-Fi network
- Select the SSID
- Enter the passphrase
- Device and AP derive encryption keys
Both sides use the PSK to generate encryption keys.
This ensures data is encrypted while traveling through the air. - If the key matches → access granted
There is no username and password per user—only one shared key.
Security Considerations for PSK
PSK is secure only if the passphrase is strong.
To pass the exam, remember:
✔ Strong passphrase requirements
- At least 12–16 characters
- Mix of letters, numbers, and symbols
- Avoid dictionary words
✔ PSK weaknesses
- All users share the same password
- If one person knows it, it can be shared with others
- If one device is compromised, the attacker gets the PSK
- Changing the key disconnects everyone
✔ Improved PSK in WPA3 (SAE)
WPA3 replaces traditional PSK with Simultaneous Authentication of Equals (SAE), which protects against:
- offline password-guessing attacks
- dictionary attacks
But Network+ will still refer to it as PSK for simplicity.
When PSK Is Used in IT Environments
PSK is used when:
- The environment is small
- There is no RADIUS server
- You do not have per-user authentication requirements
- Quick and simple Wi-Fi setup is needed
Typical IT use cases:
- Temporary wireless networks
- Small branch offices
- Guest Wi-Fi (when combined with isolation features)
PSK vs. Enterprise Authentication
| Feature | PSK (WPA2/WPA3 Personal) | Enterprise (WPA2/WPA3 Enterprise) |
|---|---|---|
| Authentication method | Shared password | Unique username + password |
| Requires RADIUS server | No | Yes |
| Per-user control | No | Yes |
| Ideal for | Small/simple networks | Corporate networks |
| Security level | Lower | Higher |
Network+ often tests when to choose PSK vs Enterprise.
Best Practices for Configuring PSK
To score high on the exam, memorize these:
🔒 1. Always use WPA2-PSK or WPA3-SAE
Avoid older options like WEP or WPA.
🔑 2. Create strong passphrases
Never use simple or default keys.
🔄 3. Change PSK periodically
Reduces unauthorized access from previous users.
🧲 4. Disable WPS
Wi-Fi Protected Setup (WPS) is a security risk with PSK networks.
🌐 5. Use separate SSIDs
Example:
- One SSID for staff with a strong PSK
- Another SSID for guests with limited access
This isolates traffic and improves security.
Common Exam Questions on PSK (What CompTIA Wants You to Know)
Be prepared for questions such as:
✔ 1. What type of authentication uses a shared passphrase?
→ PSK
✔ 2. What wireless security mode uses PSK?
→ WPA2-PSK or WPA3-SAE
✔ 3. What is a weakness of PSK?
→ All users share the same key
✔ 4. When should PSK not be used?
→ In large corporate environments
→ When individual user tracking is required
✔ 5. How do you improve PSK security?
→ Use strong passphrases and WPA3
Summary
Pre-Shared Key (PSK) is a simple wireless authentication method where every user connects using the same shared password. It is easy to configure but offers lower security compared to enterprise authentication.
For the Network+ exam, remember its:
- purpose
- configuration
- strengths
- weaknesses
- best practices
Understanding these points ensures you can correctly select and configure PSK in a given scenario.
