WAP is not a good thing to turn on. I creates overhead on the wireless network and can slow it down. Anybody that wants to break that can and anybody that can't well can't. Even if somebody can break it all they can do is see your traffic. It would be easier to break into your house and steal your computer. The way I lock them down is change the SSID to some random alpha numeric ID. Then turn off the beacon so that the SSID is not broadcasted. Most wireless access points have the ability to lock down access by MAC address. That is more than enough to keep 99.9% of people off. If somebody can break that and wants to you got bigger problems. If you are just really paranoid you can use an all CISCO solution they are one of the few companies that can defeat the whole access point spoof thing. Also you can get 3rd party solutions that encrypt all network traffic. That is expensive.