Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Blogs

War on Error

John E Dunn

How to crack Wi-Fi encryption - just guess the right password

Article comments

Turn on a Wi-Fi enabled laptop in just about any neighbourhood these days, and you’ll see just how far and fast wireless networking is spreading. Access points are everywhere and some of them are even secured properly. Just don’t bet on that last part.

My latest sport is to see which of my neighbours have been buying which access points (APs). It’s not difficult to tell because most of them come up saying things like “Netgear”, “Linksys” or “Belkin”. Occasionally, they’ll even helpfully tell you their model number – HP APs are good for that out of the box.

It’s ancient wisdom that not many people turn on encryption, probably because: (1) they don’t know how to (2) Even if they did, they might not have the length of Ethernet cable that is often useful for setting up encryption between PC and AP (3) They don’t think anyone will really hack into their connection anyway.

Interestingly, I’ve spotted that most of the handful of APs local to me do now have encryption of some sort turned on, and one even appears to use WPA. But guess what? Someone has figured out the encryption but forgotten to secure the AP. I’m near certain that all but one of the APs advertising themselves with their brand name were also using default user names and passwords for that brand of hardware.

There is a lesson for vendors in all this. When every new access point is hauled form its box and turned on it should immediately ask the owner to choose a new password and user name with which to access it. It took immense effort and cleverness for the industry to agree on such things as encryption standards, only for them to be blown away by something as simple as being able to access an AP by typing http://192.168.0.1 and then entering the word “admin” twice.

How about using authentication? It works and we’ve recently reviewed one cheap service from Witopia that does it well. The Wi-Fi Alliance’s take on WEP vs WPA can be found here.


Share:

More from Techworld

More relevant IT news

Comments

Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *