Wireless Security – Choosing the Best Wi-Fi Password

Wednesday, April 06, 2011

Dan Dieterle

B64e021126c832bb29ec9fa988155eaf

Running through some tests for an upcoming wireless security book and it really brings home the importance of choosing a good password for your Wi-Fi network.

Currently, the best security setting for your home or office Wi-Fi is WPA2.

WPA2 Enterprise is the best if your organization supports it, but WPA2 Personal is great for home and small offices.

Do not use WEP. It has been cracked a long time ago, and an attacker does not even have to crack it, the WEP key can be passed just like NTLM passwords.

The most common technique used for WPA/WPA2 hacking is a dictionary attack.

The attacker captures a WPA password handshake and passes this through a program that will try numerous passwords from a word list.

Here is the key, if the password is not in the word list, they hacker does not get into your system.

Using a lengthy complex password goes a long way in keeping your WPA2 network secure.

A combination of upper/lower case letters, numbers and special characters is the best bet.

Some prefer using a short sentence that means something to them, while replacing some of the letters with numbers and adding in a few extra characters.

I just ran one common word list attack against my WPA2 password. It tried over 1 million word combinations from the list with no dice. My network is still secure!

The more un-dictionary looking your password is, the better!

Cross-posted from Cyber Arms

Possibly Related Articles:
17378
General
Information Security
Passwords Wireless NTLM WiFi Security WPA2 WEP
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.