[usadiscuss0759]

I'm visiting a family member that has a wireless router in their home but I'm unable to log into their network. Each time I try via Airport it asks for a WEP password. I was told by the network provider the WEP password is the same as the security ID that a PC uses to log in. That ID has 5 "sections/alpha or numeric codes" each separated by a dash. The network provider said the dashes could be different symbols on a MAC - perhaps "$" or collons or periods. I've tried everything. I tried calling Mac. Can someone help? I don't really want to turn off the security feature. Thanks!

[ghporter]

This is purely a networking question, so this thread is being moved to the Networking forum.

Now, the network provider probably did not give you all the right details. The "security ID" the PC uses-is it 5 parts or 6? The "Media Access Control address" of all ethernet cards (and the equivalent for wireless cards) is made up of 6, two character groups. These groups include the digits 0-9 and the letters a-f; in other words, they're hexadecimal. That would work for some things, but NOT for a WEP password.

WEP passwords are either 40 bits or 104 bits long (corresponding to either 64 bit or 128 bit keys), which works out to either 10 hex characters or 26 hex characters. Now if the 5 groups you mentioned are two characters long, that MIGHT be a WEP key/password. To get your Mac to use it, you have a few options, the simplest of which is to start the entry with a '$' (without the quotes), which tells the AirPort software to interpret the input as hex.

Was that helpful?

[Tomchu]

First you have to find out whether they're using a WEP password, or a WEP key. If it's a straight-up WEP key, then you can prepend it with $ when typing it in to the Airport password box like ghporter said.

However, if it's a WEP password, and it definitely sounds like it is, then you're out of luck, unless you can talk the network provider into giving you the actual WEP key. The reason for this is because there is no such thing as a "WEP password" -- different manufacturers simply use a proprietary algorithm for turning your passphrase into a 64-bit/128-bit WEP key. D-Link uses a different algorithm, Apple uses a different algorithm, Linksys uses a different algorithm, etc.

The reasoning behind this is that it's easier to remember a passphrase like "mycatisdumb" rather than a 26-character hexadecimal code. If you type the WEP password as it's set up on your family member's router, OS X will attempt to encode it using Apple's algorithm, and that algorithm will spit out a WEP key which does not match the true WEP key on the router.

If it's possible, just switch the network over to WPA. :-P WEP is a mess.

[ghporter]

Good point: if the "password" includes characters that go farther through the alphabet than 'f,' as I mentioned above, it really is a password, which your AirPort card should be able to convert. Some people with mixed Apple and non-Apple networks feel this is a problem, because only Apple uses this particular "password" scheme. But it's no problem at all.

It's really simple to convert a WEP "password" to a key. You simply look up the plain text characters on an ASCII chart, find their hex equivalents, and string them together (remembering that all characters have two hex-digits, so for some you have to add a leading zero). It is more of a mental challenge than simply typing in the password, but only about as much as looking up a phone number in a printed phone book.

Finally, Tomchu is 100% right; if your friends can dump WEP and move to WPA, they should right away. WEP is very bad security; it's nearly trivial to break its encryption. WPA on the other hand is solid, so as long as you use a long, complicated passphrase (and remember that you'll only have to enter this when initially setting up a network), you are about as secure as you can get.

[Tomchu]

Originally Posted by ghporter

It's really simple to convert a WEP "password" to a key. You simply look up the plain text characters on an ASCII chart, find their hex equivalents, and string them together (remembering that all characters have two hex-digits, so for some you have to add a leading zero). It is more of a mental challenge than simply typing in the password, but only about as much as looking up a phone number in a printed phone book.

Not quite. Like I said, manufacturers use different algorithms to do this -- think MD5. It's not a case of simply matching up characters to their ASCII equivalents in hex, because that would limit you to WEP "passwords" of only 64 bits or 128 bits each. WEP "passwords" can be any number of characters.

That's where the problem lies -- Apple might simply use MD5 to do their thing, D-Link might use their own algorithm, Linksys might just convert the password to hex, and then pad/truncate, etc. One password will get you different WEP keys depending on who's hardware you're using. If it's not Apple + Apple, or D-Link + D-Link, then you're screwed, and you need to use the actual WEP key.

[TheIceMan]

I'm still confused. So if a network ask for a WEP password (which is what my Mac says), and I am given a Hex password, what do I do with it?

[ghporter]

Originally Posted by TheIceMan

I'm still confused. So if a network ask for a WEP password (which is what my Mac says), and I am given a Hex password, what do I do with it?

If you're given a hex key (not password), you simply enter it with a leading '$' (without the quotes), or by first selecting the "Hex" radio button if your version of the AirPort Admin Utility offers it. The '$' tells the utility to interpret the entry literally, as hex characters. Note that the rest of the WiFi industry uses hex by default, though many manufacturers provide some sort of "password" utility that uses undocumented algorithms to produce the key. This is one of the areas in which WPA is vastly superior: convertinga passphrase to a key is part of the standard.