I've never enjoyed securing my wireless network; it's just one more thing to get wrong when configuring, and means that you have to remember the key if a friend visits with their machine ...
Instead, I've been leaving the network open, and using various VPN stuff from the client machines to a server/router/proxy (perhaps IPCop?) on the far side of the AP. ssh tunnels are quick and easy, and OpenVPN is easy to set up, once you decide what network numbers you are going to use. Or just make sure you're using SSL protocols, for web and email in/out (not always offered by ISPs, I note)
The downside is that 'visitors' to the network can directly address the client machines; you have to trust in a well set-up firewall on the PCs, especially if you are running Windows; less so for Mac, Linux or Unix.
What I haven't done, but intend to sometime, is to allow some rate-limited traffic through for non-VPN users ... perhaps 1Kb/s for standard ports, in case welcome visitors want to download email, etc. Has anyone set up something like this successfully?