> The password alone can identify each client, and activate different configs for each one.
That's interesting, first time I hear this. How would that be represented in the hostapd config file? Would it be WPA enterprise using a radius server, or would it actually use WPA-PSK?
Check the wpa_psk_file option in the main config file [1] which lets you specify a file full of PSKs [2], each with its own options like vlanid=X and keyid=X:
Works with WPA2 or WPA3-Personal modes, but (if you didn't know) an attacker that sniffs a WPA2-Personal association can learn the password they're using.
