The Windows Club

TheWindowsClub covers authentic Windows 11, Windows 10 tips, tutorials, how-to's, features, freeware. Created by Anand Khanse, MVP.

How to set up or change the EAP method for WiFi in Windows 11?

Download Windows Speedup Tool to fix errors and make PC run faster

Wi-Fi networks are convenient means of connecting to the Internet. However, security plays a role in ensuring privacy and data protection. EAP, or Extensible Authentication Protocol, can help enhance the security of our Wi-Fi network. This article shares how you can set up and modify EAP Methods while setting up a Wi-Fi connection in Windows 11/10.

set up or change the EAP method for WiFi in Windows

What is Extensible Authentication Protocol (EAP)?

Extensible Authentication Protocol (EAP) is a set of rules or authentication frameworks that allows devices to verify their identity securely while connecting to a network. In addition to the inbuilt authentication methods already set up under EAP, network service providers can develop and install new methods. The authentication methods already present are generally referred to as inner methods, while the new ones created by the providers are named outer methods.

How to set up or change the EAP method for WiFi in Windows 11

Setting up or modifying the EAP method can be done while configuring a Wi-Fi network from the Network and Sharing Center in Windows 11/10, as detailed below:

Setup of a WiFi EAP profile

  • Open the Settings app and navigate to Network and Internet -> Network and Sharing Center.
  • Under Network and Sharing Center, click on Set up a new connection or network.

Win11 Setup New Wifi Connection Option

  • In the Choose a connection option window, select Manually connect to a wireless network.

Wifi Setup Manually Connect Network Option

  • Enter the Network name and choose the Security Type as WPA2 – Enterprise.

Wifi Setup Enter Network Details

  • Tick the checkbox beside Start this connection automatically, if needed, and then click on Next to add the newly configured network.
  • On the next screen, click on Change connection settings to edit the connection details.

Wifi Setup Change Connection Settings

Change or modify the WiFi EAP profile

Once the network is added, it is impossible to edit the EAP settings through the User Interface. Hence, we can click on the Change connection settings option and follow the below-mentioned steps to edit the settings of a network:

  • Click on the Security Tab and then click on Settings.

Wifi Connections Edit Security Tab Settings

  • Click on the drop-down menu to change the Network Authentication Method ( if needed) from the drop-down menu, and click on Settings to configure it.

Wifi Setup Change Network Authentication Settings

  • On the next screen, Select Authentication Method, select Secured Password (EAP-MSCHAP v2) and click Configure.

Wifi Setup Configure Authentication Settings

  • If the username and password for the Windows domain need to be used as the credentials to connect to the network, tick on the check box beside it, Automatically use my Windows log-on name and password (and domain if any), and then click OK.

Wifi Setup Automatic Authentication Option

  • If you need to verify the server’s identity, select Verify the Server’s Identity by validating the certificate. Also, select the option Connect to these servers and enter the name of the server/s below. If multiple server names are entered, they can be separated by a comma. Then, click OK to get back to the Connection Properties window.

Wifi Setup Verify Server Identity

  • In the next window, click on Advanced Settings, select Specify Authentication Mode, select User Authentication in the drop-down menu, and then click OK.

Wifi Setup Specify Authentication Mode

  • If we need the system to remember the login credentials, we can select the option, Remember my credentials for this connection each time I’m logged on and then click OK.
  • Click on Close to save the newly configured settings.
  • Close the Settings app, too, to return to the Desktop.

Once we are within range of this newly configured Wi-Fi network, click the Network Connection icon on the system tray to display it. Click to select the network, and then enter the Username and password to log in to the network successfully.

Related: Make Windows remember PEAP Wi-Fi Network Authentication

What do Inner Authentication methods include?

  • EAP-TLS: EAP-Transport Layer Security uses digital certificates, such as Smart Cards or any other certificate, to verify the identity of users or devices in a network. It is widely preferred due to its strong encryption and mutual authentication methods to prevent unauthorized access.
  • EAP –MACHAP v2: Microsoft defined EAP-Microsoft Challenge Handshake Authentication Protocol v2 uses a combination of usernames and passwords and some extra security measures to login into a network. It is more like a unique key that can be used to authenticate and enter into a secured network.
  • Protected EAP: It acts like a guard at the entrance, ensuring that only authorized users can enter the network. It uses a special key to add an extra layer of protection to an already secured network.
  • EAP –SIM, EAP AKA/Prime AKA: The EAP SIM (Subscriber Identity Module) authenticates using SIM cards, while the AKA/Prime AKA (Authentication and Key Agreement) uses advanced cryptographic methods for authentication to ensure secure access.
  • TEAP: Tunnel EAP, as the name suggests, is more like a secure tunnel that the device can use to communicate secretly over a network, where the data travels in an encrypted form.

Related: Wi-Fi network Not secure in Windows.

AshishMohta@TWC

Ashish holds a Bachelor's in Computer Engineering and is a veteran Windows. He has been a Microsoft MVP (2008-2010) and excels in writing tutorials to improve the day-to-day experience with your devices.