how-to block ads
If you use the standard interface for WPA key entry and provide a text passphrase that uses words found in dictionaries of fewer than 20 characters, a cracker passively intercepting initial key exchange messages can employ an offline dictionary attack and extract the encryption key, gaining access to the network. Key exchange messages occur at the beginning of a connection between an adapter (station) and an access point; that exchange can be forced to repeat by a cracker sending a disassociate message which forces a new exchange within about 30 seconds. So a cracker can be on and off the network in a couple of minutes with the information they need. This is actually much worse than WEP, but easily solved.
The solution is also quite simple: choose a key of at least 96 bits or a passphrase that includes gibberish thats more than 20 characters long. So far, of all the WPA interfaces that Ive seen, only Apples allows you to enter raw hexadecimal and they require 64 hex characters (32 bytes or a full 256 bits).
Robert suggests generating a small random value, turning it into its hex equivalent, and then entering those hex digits as a text passphrase to have sufficient randomness. For more information on passphrase weaknesses and strategies for choosing them, Robert refers you to this FAQ.