By now, most people know that an open Wi-Fi network allows people to eavesdrop on your traffic. Standard WPA2-PSK encryption is supposed to prevent this from happening — but it’s not as foolproof as you might think.
To keep private Wi-Fi networks secure, encryption is a must-have—and using strong passwords or passphrases is necessary to prevent the encryption from being cracked. But don’t stop there!
Open wi-fi means for example, at a coffee shop, while passing through an airport, or in a hotel. Open Wi-Fi networks have no encryption, which means everything sent over the air is “in the clear.” People can monitor your browsing activity, and any web activity that isn’t secured with encryption itself can be snooped on. Yes, this is even true if you have to “log in” with a username and password on a web page after signing in to the open Wi-Fi network.
Encryption — like the WPA2-PSK encryption we recommend you use at home — fixes this somewhat. Someone nearby can’t just simply capture your traffic and snoop on you. They’ll get a bunch of encrypted traffic. This means that an encrypted Wi-Fi network protects your private traffic from being snooped on.
Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access II (WPA2) are two security protocols. And security certification programs developed by the Wi-Fi Alliance to secure wireless computer networks. The Alliance defined these in response to serious weaknesses researchers had found in the previous system, Wired Equivalent Privacy (WEP)
The problem with WPA2-PSK is that it uses a “Pre-Shared Key.” This key is the password, or passphrase, you have to enter to connect to the Wi-Fi network. Everyone that connects uses the same passphrase.
For instance, some wireless routers with a seemingly unique default SSID can be security risks, and even networks protected with WPA or WPA2 encryption have vulnerabilities if you’re using the pre-shared key (PSK) mode. Or perhaps your users are hopping on to neighbouring Wi-Fi networks, or snooping on each other’s traffic.
Pre-shared key WPA and WPA2 remain vulnerable to password cracking attacks if users rely on a weak password or passphrase. To protect against a brute force attack, a truly random passphrase of 20 characters (selected from the set of 95 permitted characters) is probably sufficient.
Brute forcing of simple passwords can be attempted using the Airbrick Suite starting from the four-way authentication handshake exchanged during association or periodic re-authentication.
If you like this post then please like and share this post.
Call us @ 98256 18292
Visit us @ tccicomputercoaching.com