Changes will soon be coming to MIT’s open wireless networks, part of MIT’s ongoing commitment to strengthening the overall cybersecurity of the Institute’s infrastructure, as it works to align with the evolving cybersecurity requirements for U.S. government contractors as outlined in National Security Presidential Memorandum 33 (NSPM-33).
Starting on January 13, 2023, access to the “MIT” and “MIT GUEST” WiFi networks will change to move us into compliance with the upcoming NSPM-33 requirements and to better protect MIT’s digital landscape.
The “MIT SECURE” wireless network will remain unchanged and continue to be the recommended network to use for all devices which can authenticate to the wireless network using a Kerberos account.
The “MIT” wireless SSID (service set identifier) is intended for use only by devices that do not support 802.1X authentication. The “MIT GUEST” SSID is intended for short-term use by devices belonging to visitors and guests of MIT.
The “MIT” network will move from an open access network to one that requires pre-shared key (PSK) authentication. Beginning January 13 at 10 a.m. EST, users wishing to connect a device to the MIT SSID must first visit the Institute’s new WiFi network portal to retrieve their PSK authentication key – a personal WiFi password – to be used when connecting their device(s) to MIT’s networks. The portal is available today, so you may fetch your key in advance of this change.
MIT GUEST SSID
Beginning January 13 at 10 a.m. EST, the “MIT GUEST” network will use a captive portal registration system (similar to a splash page). Visitors connecting to “MIT GUEST” will be required to provide an email address or mobile phone number to access the network.
What you need to do
When this change is implemented, all devices connected at that time to the “MIT” and “MIT GUEST” networks will be disconnected and will need to reconnect using the new requirements. Note that this includes gaming systems and Internet of Things (IoT) devices such as voice-activated assistants, TVs, lightbulbs, etc., that previously "just connected."
If you have devices that connect to the “MIT” SSID that are capable of connecting to “MIT SECURE”, please transition them to use “MIT SECURE”. If you have devices that can only connect via the “MIT” SSID, please visit the WiFi network portal before January 13 to retrieve your PSK authentication key so that you are ready for this upcoming change.
Devices connected via the “MIT” SSID will use the same network and IP range as MIT SECURE. If you maintain firewalls and IP-based access control lists, you may need to make adjustments.
If you have a large number of devices that are unable to use “MIT SECURE”, or have questions about this change, contact the IS&T Service Desk.
Update (2/27/23): MIT community members who need to request a generic pre-shared key (PSK) to allow devices not associated with an individual user to connect to the "MIT" SSID may request a key using this form (Touchstone login required). Examples include shared devices such as kiosks, signage, clocks, smart appliances, etc.