I'm responsible for configuring a small business network (50-60 devices) and we have some ancient devices that must connect wirelessly to the network. Our regular wireless accepts AES WPA and WPA2 only, but I've configured a Virtual AP with a hidden SSID pulling from the same DHCP pool as our endpoints for the older devices that don't support AES.
The password for the TKIP network is much longer and more complicated, but what I'm wondering is does this increase the security of a WPA TKIP Access Point? Or are the vulnerabilities of WPA-TKIP not substantially mitigated by increasing the length of the PSK? If not, what else can I do to reduce the risk of malicious connections or attacks to this Access Point?