Oregon State University

OSU Secure

What is OSU_Secure?

OSU_Secure is an option for those on campus who require data encryption while accessing the internet. It uses a 48-bit initialization vector and a 128-bit encryption key and utilizes Temporary Key Integrity Protocol (TKIP) to achieve security. This is a useful option for those who enjoy the leisure of online banking, but don't want to be concerned with unencrypted information being transmitted through the wireless network.

Why WPA?

WPA offers a more secure method of using OSU's wireless network. OSU_Secure SSID is the preferred method to securely access the OSU Network and the Internet. Wireless clients using the OSU_Access network will be limited to what they can access. You can use the VPN service on the OSU_Access network to have similar to secure access capabilities that OSU_Secure provides.

What is WPA?

WPA or Wi-Fi Protected Access is a class of systems to secure wireless computer networks. There are two classes of WPA that allow secure access to a wireless network:

  • WPA-PSK
  • WPA-Enterprise

WPA-PSK works well in a SOHO environment where a strong (minimum 20+ characters) Pre-Shared Key can be shared amongst a few wireless clients. WPA-Enterprise is more suitable for large organizations using an external authentication method. Both classes of WPA require encrypted authentication to occur prior to allowing encrypted data to be sent over the wireless.

The following URL has a comprehensive description of WPA and other references to implementations of WPA: Wikipedia's Wi-Fi Protected Access.

Who has access?

As with OSU_Access, anyone with valid ONID credentials may access OSU_Secure. For those who have forgotten their ONID login information, it can be reset using that individuals OSU ID? number and GAP? from the ONID homepage or by clicking here.

How can I use it?

You can either connect automatically or manually to the OSU_Secure. Connecting automatically should prompt for your onid username and password. If it doesn't, use the general settings for the OSU_Secure network to set it up manually:

  • SSID: OSU_Secure
  • Security: WPA2 Enterprise
  • EAP Method: PEAP (PEAPv0/EAP-MSCHAPv2)
  • Key Type: AES (or automatic)
  • Phase2 Type: MSCHAPv2
  • Username: ONID Username
  • Password: ONID Password

More detailed instructions with pictures are available for both Microsoft and Apple operating systems as well as select mobile devices. Click on any of the links below to view the instructions:

Windows 8

Windows 7/Vista

Windows XP

Mac OS 10.6 / 10.7

Mac OS 10.5

Linux (Unix)

Mobile

What does the "Secure" part of OSU secure mean?

The secure part means that any data you send over the wireless connection is encrypted. Browsers and websites can encrypt the data that they send anyway which happens on most or all sites that transfer any sensitive information. The encryption done by the wireless network is another layer of security that helps protect your sensitive information. The following is more technical information which is unnecessary for the use of the wireless networks.

Examples:

Un-Secured Wireless (OSU_Access):

Sending this data through an HTTP connection will be transmitted over the wireless network completely unencrypted. If you are submitting a comment to an unsecured forum the data would be transmitted in clear text which could be read by anybody with the correct software. For poorly designed websites they may also be able to see the username, password, and what website you were trying to log in to.

Sending this through a https (s stands for secure) connection will be encrypted on your computer and sent through the network. Anybody with the correct software would be able to see where you were sending the information to but not the actual information being sent. (more technically the header information will not be encrypted but the data will be).

Secured Wireless (OSU_Secure):

Sending this data through a HTTP connection will still result in everything being encrypted. Anybody with the correct software will be able to see that you are sending and receiving data but they will not be able to tell where you are sending it or what information you are sending (including usernames and passwords).

Sending this through a https (s stands for secure) connection will be encrypted on your computer and sent through the network where it will be encrypted again (more technically the data will be encrypted twice and the headers will be encrypted once). Anybody with the correct software would be able to see that you are sending and receiving data but they will not be able to see where you are sending it or what information you are sending (including usernames and passwords).

Contact Info

Copyright ©  2014 Oregon State University
Disclaimer