Access Point

What makes that a strong passphrase? Do you _know_ it is, or is that a guess?

I hear that using static IP(s) is a tremendous Admin burden and it is better to use DHCP IP(s). I don't agree with it myself. But how is that working out for you on the Admin part? Is the Admin part of assigning IP(s) a tremendous burden for you? It never was for me in my little set-up.

Have you looked at the price difference between a G router that can be converted into a AP, which I have taken the 11S4W router and converted it into a switch and connected it to my WatchGuard as opposed to the cost of a stand alone WAP device.

I have never used a standalone WAP device, but I would think it would have some better features in the area of security than a router converted to a switch. I myself would choose a standalone WAP in a business situation myself if I had to choose between the two.

And WPA is suppose to be a better wireless encryption technology than WEP.

Duane :)

Correct. Wep gets broken in a matter of minutes. Choose a strong passphrase for WPA such as

xY%5u*2$h!d$f"h#K@=]H7F8%*n

Taking a moment's reflection, Derek Broughton mused: | | What makes that a strong passphrase? Do you _know_ it is, or is that | a guess?

It could be a bit longer ... but it's stronger than "pencil" ;-)

Stronger = longer. Stronger = more random (less guessable).

In this case, one that isn't likely to be found in a dictionary or one that will take computationally too long to brute force crack. If you want get into statistical analysis of chosen characters then that's another matter altogether.

David.

I got bored! :)

Trouble with strong passphrases is that they're incompatible with humans.

David.

I keep an old church hymn book in my office and use it to compose my passphrase. I choose an old familiar song, then use the page number, the hymn number and the first letter from each word in the first two lines of the song. This is easy to remember, but should be nearly impossible for anyone to break.

I know that, but the question was really meant to ask if it was stronger because David "felt" it was stronger, or if there was some provable reason that it was stronger. Essentially, other than trying to use things that can't be found in a dictionary or well-know book, I haven't ever seen a discussion of _how_ to make a strong passphrase. In particular, I somehow doubt that the average human is really capable of making a string "more random" (though we're all pretty good at longer :-) )

LOL, after all this time, we're still having a hard time making a cipher Julius Caesar wouldn't have understood (because, as David said, strong passphrases are incompatible with humans).

Well, I'm no mathematician; but it seems to me that randomness essentially equates to patternlessness for a finite string of characters. You can prove that a string has a pattern by finding the formula for the pattern, but I don't know if there's a formal way to prove that a given string *doesn't* have an undiscovered pattern.

In any case, you're playing the odds when you use passwords and other combination locks. There's at least some chance that an attacker will guess even a very long and patternless password on the first try. All you can do is make it less likely by avoiding known strings, including known nonsense like "supercalifragilisticexpealidocious".

There's a lot of software that generates passwords. The products are the result of a mechanical process, of course, so they're not truly "random"; but they're more patternless than the strings humans tend to generate.

Well, makes some sense, maybe: