I am setting up a new access point in church. I have a good but not totally random password with character replacement by special characters.
Should I bite the bullet and make the password longer and totally random?
leave the password as is and turn off SSID broadcast?
Do both?
Thank you
I'm going to go against the received wisdom a bit here.
This is a church WiFi. What are the risks you wish to mitigate?
Do you have sensitive documents on the network?
Or is it just an Internet Access Point?
Is the WiFi signal even detectable outside the building?
Are you expecting hackers to park up in the church hall car park with pringle-tube antennas?
I think that's most unlikely.
I expect your user base is highly disinclined to deal with nuclear missile access codes, and I suspect it's not necessary.
I'd be inclined to use a simple plain english passphrase, perhaps two words, easy to remember and enter. Something like 'Alpha Omega', for example. No character substitution.
Leave the SSID on.
Yes, it's not super-secure.
But it doesn't need to be; it needs to be fit-for-purpose.
You need to balance the need for security against your risk profile, and the needs and usability for your users.