Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
sreddi
Staff
Staff

Created on ‎10-09-2020 08:37 AM

Article Id 193513

Technical Tip: How to set minimum 8 characters for configuring pre-shared key for WPA/WPA2-Personal SSID

Description
Starting from 6.2.1 the minimum length constraints for WPA/WPA2 SSID is set to 12.
This article describes the way to set it to 8 characters.

Solution
With wfa-compatibility command for compatibility with previous WiFi specifications, the command only controls the minimum length of PSK in WPA/WPA2-Personal SSID.

When disabled, the Pre-shared Key (PSK) has to contain 12 or more characters.
By default it is disabled for security enforcement.

Users will get the below error if they try to give any password less than 12 characters.

Current passphrase is invalid.
Has to be 12 to 63 characters long or 64 hex digits

To overcome this, enable the 'wfa-compatibility' so that minimum length is set to 8 characters.
# config wireless-controller setting
    set wfa-compatibility enable
end

4265
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.