1. Home
  2. Wireless Networking
  3. ALERT: WPA-TKIP isn't secure - use WPA2 instead

ALERT: WPA-TKIP isn't secure - use WPA2 instead

SUMMARY:

WPA-PSK is vulnerable to offline attack. WPA-TKIP has been cracked.

TO AVOID THESE PROBLEMS:

  1. USE WPA-AES or WPA2 instead of WPA-TKIP (or WEP)

  1. USE A PASSPHRASE WITH MORE THAN 20 CHARACTERS. Examples: BAD: "vintage wine" GOOD: "floor hiking dirt ocean" (pick your own words, even longer is better) FOR HIGH SECURITY, USE MORE THAN 32 CHARACTERS.

BACKGROUND:

Weakness in Passphrase Choice in WPA Interface

Practical attacks against WEP and WPA

A Practical Message Falsi cation Attack on WPA

New attack cracks common Wi-Fi encryption in a minute

Passphrase Flaw Exposed in WPA Wireless Security

Cracking Wi-Fi Protected Access (WPA)

Cracking WEP and WPA Wireless Networks

Reply to
John Navas
Loading thread data ...

Hi John Navas,

I don't know you but you seem to be crontabbing alerts so you might want to consider making an alert for the WPS vulnerability which negates all other security on all wi-fi certified routers.

Details here:

formatting link

Reply to
Arklin K.

Ooops. Wrong Cert.

Details here:

formatting link

Reply to
Arklin K.

I pick my WPA2 passphrases the same way Unix commands were designed: I roll my coffee cup across the keyboard and user whatever characters appear on the screen; I just roll my coffee cup longer :-)

Bob

Reply to
Bob

formatting link

Reply to
cally

----------------- Request files by email ( copy this line in your BRowser ) and press ENTER, send the email without changing noting mailto: snipped-for-privacy@yahoo.ca?subject=!list

Reply to
d.s

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.