If you have an easy, guessable password that contain words found in dictionaries, you might want to alter your approach, because you are subjecting your password to be cracked easily. Having a weak password compromises all systems, from mainframes, servers, desktops, phones and network systems. With network devices, wireless networks particularly access point routers have been using encrypted passwords or passphrases to secure wi-fi networks.
128 bit WEP was widely used initially, but have given way to a more secure WPA (Wi-Fi Protected Access). WPA was created by the Wi-Fi Alliance to replace WEP. TKIP or Temporal Key Integrity Protocol was brought in as the protocol of choice, but it had its shortcomings. WPA was eventually replaced by WPA2, and in turn, the Wi-Fi Alliance introduced the AES protocol.
Of all protocols available, experts recommended WPA2 AES because of its strong encryption. Having a weak password or passphrase jeopardizes the security of a network. It’s recommended that administrators choose strong passwords. Such passwords can be obtained from free password generator programs that can generate a random combination of alphanumeric, case-sensitive characters sprinkled with a few special characters in between.
Yesterday, a WPA cracker service was announced. The $34 service says it can crack a password in less than 20 minutes.
The service leverages a known vulnerability in Pre-shared Key (PSK) networks usually used by home and small-business users.
To use it, the tester first submits a small file that contains an initial communication between the WPA router and a computer. Based on that information, WPA Cracker can then figure out whether the network is vulnerable to a type of attack.
While this job would take over five days on a contemporary dual-core PC, on our cluster it takes an average of 20 minutes, for only $17.
The $34 price tag is for the whole cluster. Using half the cluster costs $17, but the job could take 40 minutes.
All the more reason for users to start using difficult Wi-Fi passwords.