Running through some tests for an upcoming wireless security book and it really brings home the importance of choosing a good password for your Wi-Fi network.
Currently, the best security setting for your home or office Wi-Fi is WPA2.
WPA2 Enterprise is the best if your organization supports it, but WPA2 Personal is great for home and small offices.
Do not use WEP. It has been cracked a long time ago, and an attacker does not even have to crack it, the WEP key can be passed just like NTLM passwords.
The most common technique used for WPA/WPA2 hacking is a dictionary attack.
The attacker captures a WPA password handshake and passes this through a program that will try numerous passwords from a word list.
Here is the key, if the password is not in the word list, they hacker does not get into your system.
Using a lengthy complex password goes a long way in keeping your WPA2 network secure.
A combination of upper/lower case letters, numbers and special characters is the best bet.
Some prefer using a short sentence that means something to them, while replacing some of the letters with numbers and adding in a few extra characters.
I just ran one common word list attack against my WPA2 password. It tried over 1 million word combinations from the list with no dice. My network is still secure!
The more un-dictionary looking your password is, the better!
Cross-posted from Cyber Arms