Wireless Security – Choosing the best Wi-Fi Password
Running through some tests for an upcoming wireless security book and it really brings home the importance of choosing a good password for your Wi-Fi network.
Currently, the best security setting for your home or office Wi-Fi is WPA2. WPA2 Enterprise is the best if your organization supports it, but WPA2 Personal is great for home and small offices. Do not use WEP. It has been cracked a long time ago, and an attacker does not even have to crack it, the WEP key can be passed just like NTLM passwords.
The most common technique used for WPA/WPA2 hacking is a dictionary attack. The attacker captures a WPA password handshake and passes this through a program that will try numerous passwords from a word list. Here is the key, if the password is not in the word list, they hacker does not get into your system.
Using a lengthy complex password goes a long way in keeping your WPA2 network secure. A combination of upper/lower case letters, numbers and special characters is the best bet. Some prefer using a short sentence that means something to them, while replacing some of the letters with numbers and adding in a few extra characters.
For example: M0untainD3wI$G00d4u!
The nice thing about passwords like this is that it actually means something to you, so it will be much easier to remember.
I just ran one common word list attack against my WPA2 password. It tried over 1 million word combinations from the list with no dice. My network is still secure!
The more un-dictionary looking your password is, the better!