Broadband Tech > Security > Wireless Security > WPA2 password advice - for my mom

WPA2 password advice - for my mom

When my folks had a computer and needed a password I used 3 things in combo that were easy for them to remember.

For instance:
1. Say they live in Colo. Springs, CO 80907.
2. Their dogs name is Lady.
3. Their favorite place to go is Cotopaxi.
So the password would be:$CSC907$Lady$Cotopaxi$

That gives you an 22 figure password with a combination of numbers, caps, lowercase, and symbols.
--
Gadgets

reply to Reno
You can use Windows Connect Now [WCN] to save off the wireless profile on a flash drive. Users can then simply plug in the flash drive into their Win 7/Vista/XP computer and automatically load the profile.

»theillustratednetwork.mvps.org/L···nect_Now

If the client can not use WCN, ie. like a MAC or Linux client for example, the wireless key is in plain text in the \Smrtntky\Wsetting.txt file on the flash drive. Simply copy-n-paste to the client.

That can, as you noted, be a bit problematic with smart phones/iPods/etc...
--
"When all else fails read the instructions..."
MS-MVP Windows Expert - Consumer

Thanks, think I'll do both tips.

I vote for simple so "helpful" guests don't reset the router to "FIX" it.

Simple random SSID
For WPA2 key Use mom's cell # no dashes, something she can remember and she doesn't mind telling guests.

Change router default pwd and write wpakey to old luggage tag and tie or screw to the router so she can't forget.

Someone hacking her easy wpa2 pwd is the lowest computer risk she has. Even here in NYC with people stacked like wood very close to zero wpa2 keys get hacked. Hell idiot cable companies use wep which just uses wan mac address plus 14 zeros. Your moms cell # and wpa2 better than that. Ne sure to show her how to power cycle it.

reply to Reno
Ask her what her favorite movie, actor, actress, song, etc. is. Then make the WPA2 password "My favorite movie is gone with the wind". The odds of that getting hacked are pretty slim.
--
Golf is a relatively simple game, played by reasonably intelligent people, stupidly.

reply to Reno
I've seen WPA2 Personal hacked in less than 3 minutes using a PSP and rainbow tables, so unless you plan on running a RADIUS server, I wouldn't worry about it too much - using a password with more than 8 characters including special characters will be enough to deter the average hacker - if you are worried about more than that, WPA2 personal shouldn't be your solution for security....

Random ASCII key example

quote:

---

Ass covering

The fact that we found a way to speed up WPA-PSK cracking does not mean that it is broken. Far from it. The exploit used by coWPAtty and other similar tools is one of dumb passphrases. The minimum number of characters for a WPA-PSK passphrase is 8. The maximum is 63. Very few users actually use more than about 20 characters. As well, they also choose known words and phrases, likely to be in a dictionary. This allows us to leverage a human element in obtaining the key.

To get decent protection from WPA-PSK, you should use a very long, very random, alphanumeric string longer than 20 characters. To protect yourself further, particularly against the WPA-PSK hashtables, you should use a SSID not on the top 1000 list. This will force the attacker to compute thier own list, rather than use one of the CoWF tables.

All that said, you should be using WPA2 with a radius server to get more reliable protection.

---

reply to Reno
Whatever you come up with, just write the thing down on an index card or something that they won't lose. Someone would have to break into the damned house to get it and probably couldn't care less about hacking into their freaking wireless network.

reply to Reno
I always tell people to use a phrase that they will remember: a line from a favorite book or poem, a scripture verse or famous quote. Then use the first letter of each word. Add a couple of capital letters and a number or two in strategic places.
--
Woe unto them that call evil good, and good evil; that put darkness for light, and light for darkness. . . Isa. 5:20

reply to Reno
I use a 63-ASCII random characters password. These can be generated here:

»www.grc.com/passwords.htm

...or you can create one yourself.

reply to twizzler66

reply to Reno
SoonerAl has it right ... both posts

Use a 30+ char WPA passphrase of random characters: alpha, upper case, lower case, numerics and specials. absolutely no dictionary words nor proper names.
WPA has been cracked ONLY when users have simple dictionary words.

And, put the passphrase onto a USB memstick device which guests can load onto their PC when they visit.

Security and "make it easy" are non-orthagonal concepts.

reply to Reno
Secure it correctly or don't do it at all. Keep a copy of the security settings so you can tell your mother or her guests when they call because they can't get connected and she has forgotten the code.

It's easy to pick a secure and memorable password. They are not mutually exclusive.

reply to Reno
Password padding is a simple way to extend the length of a password while making it only slightly more difficult to remember than a short password.

»www.grc.com/haystack.htm
--
db

reply to Reno
Remember step one of Security is physical access

if they can touch your router then consider it hacked (they could just push the reset button and wipe the wifi key), then leave it wide open and go stealing your internet access

personally I use a 63 character random ASCII key (ya its a pain but I've typed it into my ipod touch before)

then store it on a flashdrive as a textfile and hide the flashdrive

reply to Reno
hey reno dont use any security at all just use that thingy that only allows the macs you set up to be able to use the wifi and forget about security its just a waste of time anyways

but this is just my advice you dont have to do this do what you wanna do cuz to be honest i turn off the wifi at night

reply to Reno
I use keypass to generate strong passwords like 256bit or more for all kinds of things on the net, then I store them inside a encrypted keypass data file on a usb stick. Store serial keys in there too. Now you only need to remember one password. Firefox has a master password feature as well like this. Only problem is if your operating system crashed no recovery. If you use it along side keypass program you won't have to worry about that. Also you can load it independently from usb and everything if you are like a guest on another computer. It's Kind of like Truecrypt. Store passwords on usb stick encrypted then get another USB stick to backup that main USB you use all the time. If it ever gets damaged, lost, stolen, dies on ya you have a backup. Then you are set. Oh and you can also burn those keypass, truecrypt encrypted data container files on a CD.

As a pc tech I can tell you that Security comes first. As long as you apply the basic rules. Things like Update OS, Virus Software, Encrypt your data, backup your data, you will be ready if and when something happens. Live by these rules religiously.