Wi-Fi Password And Intercepting Data

Does knowing a Wi-Fi password allow one to intercept data? I always thought passwords were only to prevent people from using your bandwidth and all data was encrypted.

Does this also mean not setting up security allows others to see all the data you transmit/receive?

How about secure forms, like payment and bank sites? Aren’t those encrypted, so even if you don’t set a password, others can’t see them?

In theory, when you log into your bank the session is encrypted. Regardless if your WiFi is or isn’t.

And, yes, if you have the WiFi password, they could do packet capture and store everything that is sent. So, everything in the “clear” would be seen, like me typing this. But, bank stuff, no. Nothing that uses HTTPS, like GMail login, but the mail you read might be. Dunno if GMail encrypts the session.

It depends on the encryption type used by the wifi router.

With WEP, an attacker who knows the wifi password can easily decrypt all traffic.

With WPA- and WPA2-PSK, an attacker who knows the wifi password and who manages to listen in on your initial connection to the router may be able to decrypt your traffic.

WPA- and WPA2-Enterprise, properly implemented, prevent this. But they’re complex to set up.

For peace of mind, yes, they do.

HTTPS, and other end to end encryption is indeed intended to address this. It isn’t sniffing your WiFi packets that matters. If you go to any hot spot, it isn’t just people lurking nearby sniffing, you need to assume you can’t trust the owner of the hot-spot - after all the WiFi encryption ends at the base station, and what goes from the base station upstream is not encrypted anymore.

Indeed there can be taps on the data transfer anywhere along the path. Neat tricks exist to divert traffic where to can be sniffed as well. Your Internet traffic is not in any useful sense intrinsically secure. If you need security you must use an end to end encryption protocol (which usually means SSL.) WiFi passwords are only intended to control access to the base station, and are usually only a way of preventing unwanted people stealing Internet bandwidth. They are not, and should never be mistaken for, an Internet security mechanism. Where you get an overlap of issues is when a WiFi station is connected to a network with other devices on it - such as a home or business network. Then access to the WiFi gives an intruder inside access in a way that can significantly facilitate their ability to do harm. At this point careful securing of the base station is a must.

Oh so:
[li]The really important stuff like banks and properly done forms will always be secure, regardless of connection (excluding keyloggers and stuff)[/li][li]Public networks are always insecure[/li][li]WPA(2) is intended to protect data as well as Internet access[/li][/ul]