We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Tips on securing Wifi Laptop to stop hackers using my connection
Comments
-
There are numerous ways to breach the security provided by WPA, and as I say the majority are relatively straightforward requiring little more than being able to follow a simple set of instructions. If you're sceptical, go try it for yourself on your own kit..
I've read through the original paper a couple of times now. The WPA key is not recovered by the technique described in it, so nobody can gain access to your network or your data. Traffic can be monitored in certain circumstances but TKIP is not cracked. Interesting but not too bothersome.
If the other ways you have in mind involve brute forcing a key I'll pass on trying them. Life is short.
TKIP is flawed but not sufficiently to be alarmist or sensationalist about it.In both of those cases anything less than WPA2 in conjunction with AES encryption is not sufficient to provide your set up the level of security it requires.
Length is good. mydoghasnonosehowdoeshesmell? is memorable and very, very secure.Being memorable is nowhere near as important as being secure.0 -
A "memorable phrase" is pants (pardon my French) as it is susceptible to a dictionary attack. Using a randomly generated phrase using a mixture of character types is far safer.
If the passphrase "A"memorablephrase"ispants(pardonmyFrench)" ever appeared in a dictionary attack it would be amazing. The whole phrase at once must be given for the attack to succeed.0 -
-
JustPassingBy wrote: »I've read through the original paper a couple of times now. The WPA key is not recovered by the technique described in it, so nobody can gain access to your network or your data. Traffic can be monitored in certain circumstances but TKIP is not cracked. Interesting but not too bothersome.
If the other ways you have in mind involve brute forcing a key I'll pass on trying them. Life is short.
TKIP is flawed but not sufficiently to be alarmist or sensationalist about it.
It's not being sensationalist, it's bringing the facts to the table and the facts are that WPA is inherently insecure and can be broken with little effort via a number of methods. It is no longer can provide comprehensive enough protection, which is why WPA2 was integrated into the standards.
Hiding the SSID will do little to deter all but the chancers and MAC filtering provides little more than inconvenience at a later date, therefore knowing which security mode to use is more important than any other.Length is good. mydoghasnonosehowdoeshesmell? is memorable and very, very secure.
The general guidance when choosing a good password is something that is long, doesn't involve dictionary words and is a mix of alphanumeric characters. Here's to examples of what are considered very strong passwords:
9122DD186E6560E5EBF5093DEFE3F4EE16B398630307665415720AEF304BADE3
&
V0Q2MpyptinnLXdaPvCz31D7rlSHwdlP8jSNT2w2kYdY2XqIFb1nUpbYMGJrI7M0 -
We also have the ability to 'not broadcast' our SSID. This means that others cannot even see our network.
Again, it's pretty easy to find the network name (even when hidden) and like mac filtering doesn't really make it much more secure.
Using good security (WPA/WPA2) with a long passphase (like above) is more than enough to stop people connecting to the router0 -
It's not being sensationalist, it's bringing the facts to the table and the facts are that WPA is inherently insecure and can be broken with little effort via a number of methods. It is no longer can provide comprehensive enough protection, which is why WPA2 was integrated into the standards.
My issue is not with the defects of TKIP (which are documented) or the superiority of AES (the present gold standard) but the claim that TKIP is easily broken or is no better than WEP. The published material does not support this so it is alarmist and inaccurate to say otherwise.
If TKIP is all you have it is perfectly good enough. This is not to say AES isn't better but I'd not lose any sleep over having to use TKIP.
Agreed. Neither of these methods provide any security.Hiding the SSID will do little to deter all but the chancers and MAC filtering provides little more than inconvenience at a later date, therefore knowing which security mode to use is more important than any other.
Your examples are good. Security for 10 million years. "thisisthebestpasswordsincethelastoneidevised" may only be good for a million years. Who cares?The general guidance when choosing a good password is something that is long, doesn't involve dictionary words and is a mix of alphanumeric characters.0 -
Better security, ditch wireless and plug in a network cable.[greenhighlight]but it matters when the most senior politician in the land is happy to use language and examples that are simply not true.
[/greenhighlight][redtitle]
The impact of this is to stigmatise people on benefits,
and we should be deeply worried about that[/redtitle](house of lords debate, talking about Cameron)0 -
I should have been far more precise! The average length of passwords is 8 characters. These are often susceptible to dictionary attacks and (if someone is determined enough) to brute force. My point was that a long, randomised passphrase incorporating upper and lower case letters, digits and other characters (if allowed) is therefore preferable.JustPassingBy wrote: »If the passphrase "A"memorablephrase"ispants(pardonmyFrench)" ever appeared in a dictionary attack it would be amazing. The whole phrase at once must be given for the attack to succeed.
I accept that "Amemorablephraseispants" is not bad for openers!My very sincere apologies for those hoping to request off-board assistance but I am now so inundated with requests that in order to do justice to those "already in the system" I am no longer accepting PM's and am unlikely to do so for the foreseeable future (August 2016).
For those seeking more detailed advice and guidance regarding small claims cases arising from private parking issues I recommend that you visit the Private Parking forum on PePiPoo.com0 -
Broken link. Anyone any idea what it should be?Hi, we’ve had to remove your signature. If you’re not sure why please read the forum rules or email the forum team if you’re still unsure - MSE ForumTeam0 -
Depends which router you have, if you have one
http://192.168.1.1
It's a router admin screen, not a website.
--
All this wpa is hackable or not is academic, I would guess the answer to the OP's issue is far simpler than someone across the street has tried and succeeded to crack WPA encryption.!!
> . !!!! ----> .0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352.1K Banking & Borrowing
- 253.6K Reduce Debt & Boost Income
- 454.2K Spending & Discounts
- 245.1K Work, Benefits & Business
- 600.8K Mortgages, Homes & Bills
- 177.5K Life & Family
- 258.9K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards