1 Reply Latest reply: Dec 28, 2007 4:46 AM by jagreenwood
jagreenwood Level 1 (100 points)
I'm not sure if I'm missing something, but here it goes...

In Airport Admin Utility running under OSX 10.4.X, the WPA/WPA2 key could be either an 8-63 character ASCII password or a password of exactly 64 hexadecimal characters. You had to explicitly switch between ASCII (password) and Hexadecimal (passphase).
In the new Airport Utility running under Leopard, it seems like you can only enter 8-63 ASCII password. When I open my AEBS with Airport Utility, the "Wireless Password" field is empty and I can only enter in up to 63 characters. Help also says to use an 8-63 ASCII password.

What am I missing? Did they change it so you have to use a max of 63 characters?


 20" FP iMac ,12" iBook 1.2Ghz, 2Ghz MacBook, Mac OS X (10.5.1)
  • jagreenwood Level 1 (100 points)
    After much research, I think I have an answer. Airport Utility in Leopard only lets you enter an 8-63 ASCII password. You must then use the "Equivalent Network Password..." option to view the 64 character hex password for legacy devices.

    More details:
    *WPA = hex password*
    On my existing network config (generated with Airport Admin Utility in Tiger) I had a 64/hex password. Using my macbook, I can only connect to the network using the WPA encryption option and my 64/hex password. If I use WPA2 encryption option and my 64/hex password, connection is failed.

    *WPA2 = ASCII password*
    First, I set my AX to only allow WPA2 connections. I tested this on my AX by setting the WPA2 password to "appleapple". I connected to the network from my laptop using WPA2 and my ASCII password "appleapple" and everything worked fine. Then, I got the equivalent 64/hex password by using the "Equivalent Network Password..." option in Airport Utility and attempted to connect, it failed.
    If I setting the AX to allow both WPA and WPA2 connections, I could use either "appleapple" or its 64/hex equivalent.

    What I think Apple did was they attempted to make things easier by making you use the ASCII password model, which also pushes people in to using WPA2. They allow you to select "WPA and WPA2 Personal" purely for backwards compatibility.
    So I think Airport Utility is range checking for 63 characters. When it reads my config with 64 characters, it throws it out and won't read it. I'll bet that if I read my config and the write it back, it will go back without a password (hopefully throwing an error).
    The net result is that, as is, my network works totally fine, however if I want to change anything else (like enable NAT port mapping for BTMM) I'll need to rekey all of my devices.