03-17-2025, 10:17 PM
Yes it sounds insecure but isn’t. Even if someone took your sdcard out your pi so had physical access they could just take the hashed value (WPA2) and authenticate in the same way as taking a random plain text password unmasked (WPA3) Makes no different as both ends just need to authenticate regardless. You take your password and it gets hashed on the pi and stored. The access point does the same. It never goes across the wire so doesn’t really mater. In the past when your hashed key was used to derive the data protecting the key with a one way (hash) helped in offline decryption, but as that isn’t a factor it’s a non issue. And the same goes for permissions in general, if the intruder is that far in the system or on your network there are far easier targets to go for than you music files. Any also someone with physical access. More in flight protection is a winner. Hope this helps.
