dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
24

TheTechGuru
join:2004-03-25
TEXAS

TheTechGuru to StuartMW

Member

to StuartMW

Re: How often do you change your Wi-Fi SSID/Passphrase?

I actually have not changed mine in years.

But I'm using a HEX key generated at: »www.grc.com/passwords.htm

Using WPA2 AES and a key like 3FAE6F72EF109FB59F15F264A613E618B80F795C2EF0B734F7AE2A38F081886F I really don't think even Kevin Mitnik could get in.

Not to mention I'm using channel 13 and "n" only mode.

norwegian
Premium Member
join:2005-02-15
Outback

norwegian

Premium Member


True, but now anyone who might want to hack your airwaves knows the key does not use the letters "G - Z" or "g - f" now.

TheTechGuru
join:2004-03-25
TEXAS

1 edit

TheTechGuru

Member

said by norwegian:

True, but now anyone who might want to hack your airwaves knows the key does not use the letters "G - Z" or "g - f" now.

The key would not contain them either way. ASCII keys are converted to HEX before they get transmitted over the air anyway.

ashrc4
Premium Member
join:2009-02-06
australia

1 edit

ashrc4 to TheTechGuru

Premium Member

to TheTechGuru
said by TheTechGuru:

I actually have not changed mine in years.

Does that mean you have not done any firmware upgrades?
said by TheTechGuru:

Not to mention I'm using channel 13 and "n" only mode.

Not sure the exact reason why but channel 13 is not an allowed frequency in the U.S.

from wiki;

Spectrum assignments and operational limitations are not consistent worldwide: most of Europe allows for an additional two channels beyond those permitted in the US for the 2.4 GHz band (1–13 vs. 1–11),

EDIT;
Giving the parameters of your choice for a pass phrase seriously increases the chance of the pass phrase being resolved.

TheTechGuru
join:2004-03-25
TEXAS

1 edit

TheTechGuru

Member

said by ashrc4:

said by TheTechGuru:

I actually have not changed mine in years.

said by ashrc4:

Does that mean you have not done any firmware upgrades?

No it does not, I keep my firmware upgraded. My router model does not require reprogramming when upgrading the firmware.
said by TheTechGuru:

Not to mention I'm using channel 13 and "n" only mode.

said by ashrc4:

Not sure the exact reason why but channel 13 is not an allowed frequency in the U.S.

from wiki;

Spectrum assignments and operational limitations are not consistent worldwide: most of Europe allows for an additional two channels beyond those permitted in the US for the 2.4 GHz band (1–13 vs. 1–11),

That is incomplete information. The truth is: "In the USA, 802.11 operation in the channels 12 and 13 is actually allowed under low powered conditions. The 2.4 GHz Part 15 band in the US allows spread-spectrum operation as long as the 50-dB bandwidth of the signal is within the range of 2,400–2,483.5 MHz which wholly encompasses both channels 12 and 13. A Federal Communications Commission (FCC) document clarifies that only channel 14 is forbidden and furthermore low-power transmitters with low-gain antennas may legally operate in channels 12 and 13."
said by ashrc4:

EDIT;
Giving the parameters of your choice for a pass phrase seriously increases the chance of the pass phrase being resolved.

That is incorrect because ASCII pass phrases are converted into HEX keys by the device. All keys are HEX.

»jorisvr.nl/wpapsk.html

TWObEzglZZTH53Z1nxYyoWQL2TWfdfVw2QR7Qxsa1oQ7NANEXm0Z2oyj1k9RKSA is no more secure than 5908F30733441D98E18E31DD690762B3E4493C807A1A9C30D4270D0652639930

TWObEzglZZTH53Z1nxYyoWQL2TWfdfVw2QR7Qxsa1oQ7NANEXm0Z2oyj1k9RKSA with a SSID of NETGEAR would actually have a key of 99E3EFB15AC60ECD94F178FC3BD26E9EBAB30FFD303CFF6B7E1AE890123FFEAF

ashrc4
Premium Member
join:2009-02-06
australia

ashrc4

Premium Member

Thanks for clarifying your points.
When exactly did the FCC change it's rules?
Not something easily found.

I agree that you do update your firmware and that the rules governing the extra channels have been revised but why/how do you think that the last point is wrong.
Hex Smexs, this can be calculated as fast as key's generated.
why do you think any different there?

TheTechGuru
join:2004-03-25
TEXAS

TheTechGuru

Member

said by ashrc4:

Hex Smexs, this can be calculated as fast as key's generated.
why do you think any different there?

Simply put. Passphrases are converted into 64 HEX characters behind the scenes when entered, so using a 64 HEX key is no less secure. and that pass generator I use is the most random you can get without using a Lotto ping pong ball machine.

ashrc4
Premium Member
join:2009-02-06
australia

ashrc4

Premium Member

The more obscure the method of generation (not more random) the HEX value is greater increases the size of the pool. Not the other way around.
If you imagine 3 circles intersecting only the overlap of the 3 circles is the size of the pool with random generators from the total pool.
it's ruffly only 10-14 %.
If you gave me the no. of bits that would make a huge difference as well. Say 64. But you then did give an example of 63. That makes a huge difference also to the pool.

By providing any parameters the pool can be reduced.
once the final pool is decided other factors such as generating GRC's formular billions of times then ordering on it on most likely decreases further.
I think bob and anyone else that has an interest in this has already vastly considered an already engaged in this practice.

The first example you used was perhaps the best as the no's "8188" came up. A slightly more complex conundrum that was less probable.
Yet far from the whole pool of no's, word/letters, special charactors and any combination there of.