Wireless networks play an important role in our everyday lives, at the workplace and at home. However, they are also relatively vulnerable: physically located off site, attackers can circumvent wireless security protocols such as WEP, WPA, and even to some extent WPA2, presenting a security risk to the entire network. To address this problem, we propose SecureAngle, a system designed to operate alongside existing wireless security protocols, adding defense in depth. SecureAngle leverages multi-antenna APs to profile the directions at which a client's signal arrives, using this angle-of-arrival (AoA) information to construct signatures that uniquely identify each client. We identify SecureAngle's role of providing a fine-grained location service in a multi-path indoor environment. With this location information, we investigate how an AP might create a "virtual fence" that drops frames received from clients physically located outside a building or office. With SecureAngle signatures, we also identify how an AP can prevent malicious parties from spoofing the link-layer address of legitimate clients. We discuss how SecureAngle might aid whitespace radios in yielding to incumbent transmitters, as well as its role in directional downlink transmissions with uplink AoA information.