Comments on: Russian researchers achieve 100-fold increase in WPA2 cracking speed

By: Math Help

Sat, 05 Jun 2010 08:04:47 +0000

Wow, unbelievable, I guess that no one with a wifi connection is safe ]]>

By: Technology for Mortals » Debunking the latest fear mongering news on WPA security

Mon, 20 Jul 2009 02:34:37 +0000

[…] wireless LANs. Today I’m going to wear my myth busters hat again and alert you to the latest bunk news on the latest WPA cracking method and the irrelevant fear mongering “experts” that are […] ]]>

By: We’re Going West » Password Cracking

Wed, 13 May 2009 18:19:28 +0000

[…] http://securityandthe.net/2008/10/12/russian-researchers-achieve-100-fold-increase-in-wpa2-cracking-… […] ]]>

By: Cracking Wifi In 3 Minute

Mon, 29 Dec 2008 03:26:22 +0000

hi,what software can i use for cracking wpa?
how long time to cracking wpa if i use standard machine?
thanks. ]]>

By: WWWednesday - Hektik Forums

Wed, 12 Nov 2008 09:42:06 +0000

[…] unveiled. For now… Guy Builds F-35 Fighter Jet On His Own. The 10 richest tech companies. Russian researchers achieve 100-fold increase in WPA2 cracking speed. Make your own icons. Scientists Create Beer That Could Extend Life. The Internet For Plants. […] ]]>

By: Using Nmap to detect rogue Wireless Access Points « InfoSec Philippines

Thu, 06 Nov 2008 03:00:54 +0000

[…] articles regarding cracking of Wireless Access Points using Nvidia cards can be found in SCmagazineUK and Heise […] ]]>

By: WPA2 cracked with NVidia Graphics Cards | Blogspots

Wed, 29 Oct 2008 04:22:59 +0000

[…] you don’t stutter your way through Crysis. Luckily the clever folks at Elcomsoft are finding other uses for those […] ]]>

By: WAP and WAP2 unsecure? WAP et WAP2 insésures? « Alexis Laliberte’s Blog

Tue, 28 Oct 2008 18:23:48 +0000

[…] http://securityandthe.net/2008/10/12/russian-researchers-achieve-100-fold-increase-in-wpa2-cracking-… […] ]]>

By: Is my WiFi safe…? « Technical Discussions

Sat, 25 Oct 2008 19:19:28 +0000

[…] http://securityandthe.net/2008/10/12/russian-researchers-achieve-100-fold-increase-in-wpa2-cracking-… […] ]]>

By: fresh wordpress installation » Russen kraken WPA2-sleutel op turbosnelheid

Sat, 18 Oct 2008 12:28:19 +0000

[…] ontwikkelde een nieuwe methode om WPA en WPA2-sleutels in slechts enkele dagen in plaats van jaren te kraken. Het bedrijf noemt de methode heel onschuldig Elcomsoft Distributed Password Recovery, maar zo […] ]]>

By: Russian researchers achieve 100-fold increase in WPA2 cracking speed - Attuworld.com

Thu, 16 Oct 2008 04:05:16 +0000

[…] you can build a network of 20 workstations dedicated to “recovering” your “lost” WPA keys. This means that a WPA or WPA2 key could be cracked in days or weeks instead of years. Tags: password recovery, tech, wpa, wpa2 You can follow any responses to this entry through […] ]]>

By: Intermezzo (9) « Blue Archive

Wed, 15 Oct 2008 16:34:17 +0000

[…] Wochen statt Jahre […] ]]>

By: Richard

Wed, 15 Oct 2008 14:15:17 +0000

I know many organizations require to use 802.11x and even hardware token to authenticate users. In addition, PCI-DSS has similar requirements of WPA. This might help mitigate the risks. ]]>

By: Byte Into It - 15 Oct 08 « Byte Into It - Computing and new technology

Tue, 14 Oct 2008 23:07:05 +0000

[…] Into It – 15 Oct 08 Russian researchers achieve 100-fold increase in WPA2 cracking speed – Security and the Net Russian security company Elcomsoft just posted a press release (original PDF) detailing a new […] ]]>

By: Micheal

Tue, 14 Oct 2008 18:23:18 +0000

Hiding your SSID is completely useless as Kevin has said it is in every packet. It’s easy to find hidden networks. ]]>

By: gonz0’s Blog » Blog Archive » Wireless security, once again defied

Tue, 14 Oct 2008 02:37:28 +0000

[…] The article at Security and the Net […] ]]>

By: Kevin

Mon, 13 Oct 2008 20:12:42 +0000

How does keeping your SSID hidden help since the SSID is placed as clear text in the header of every packet flying around. ]]>

By: Shoal Creek

Mon, 13 Oct 2008 17:53:14 +0000

WPA2-PSK keys can contain spaces and all sorts of things that complicate brute force attacks on passwords. I suggest you use a short (4-10 words), easy to remember pass-phrase with standard punctuation and capitalization. It also helps if you keep your SSID hidden. One other thing, use at least one archaic word or the brand name of some commonplace, unrelated item in your home for one or more words in your pass-phrase. That drastically increases the complexity of a successful brute force attack. ]]>

By: Your WPA-PSK Wireless Network Is At Risk… If You Are An Idiot | securosis.com

Mon, 13 Oct 2008 16:22:39 +0000

[…] was some great hype in the wireless security world this weekend thanks to an article that made it on to Slashdot, and some FUD pumping so-called security consultants. Elcomsoft issued a press release that they […] ]]>

By: ToddH

Mon, 13 Oct 2008 13:55:52 +0000

I blogged on this over the weekend at http://www.napera.com/blog/?p=96.

What makes this the perfect storm for WPA-PSK is two factors.

1. The increased speed of brute force attacks against WPA, whether via this GPU accelerated method or rainbow tables.

2. The typical simplicity of shared WPA-PSK passwords. Because they are shared by design, these passwords tend to be shorter, within a restricted character set and easily guessable.

The solution is not deploying VPN’s however. The solution is to deploy WPA Enterprise, which any WAP made since March 2006 supports.

Of course, WPA Enterprise is another can of worms because many people are not comfortable with RADIUS, rolling your own certs and 802.1X.

]]>