WPA-PSK is vulnerable to offline attack. WPA-TKIP has been cracked.
TO AVOID THESE PROBLEMS:
- USE WPA-AES or WPA2 instead of WPA-TKIP (or WEP)
- USE A PASSPHRASE WITH MORE THAN 20 CHARACTERS. Examples: BAD: "vintage wine" GOOD: "floor hiking dirt ocean" (pick your own words, even longer is better) FOR HIGH SECURITY, USE MORE THAN 32 CHARACTERS.
Weakness in Passphrase Choice in WPA Interface
Practical attacks against WEP and WPA
A Practical Message Falsication Attack on WPA
New attack cracks common Wi-Fi encryption in a minute
Passphrase Flaw Exposed in WPA Wireless Security
Cracking Wi-Fi Protected Access (WPA)
Cracking WEP and WPA Wireless Networks