Pinterest Stumbleupon Whatsapp

How Easy Is It to Crack a Wi-Fi Network? wifithumb2Whether you’re a computer novice or a pro-level geek, you probably have some idea about Wifi security. You know that you need to have some kind of password – preferably a long password, maybe even with some punctuation; and you also know that there’s a setting on your router to hide the network name so other people can’t see it. You’ve done all that, and now your sitting there safe and sound in the knowledge that your network is on lockdown. Really? You might want to keep reading, as we dispel a few common beliefs about Wifi security.

Hiding your Network SSID

Security through obfuscation is the worst kind; anyone with access to the most basic of wifi hacking tools Two Awesome Free WiFi Scanners For The Mac Two Awesome Free WiFi Scanners For The Mac Read More will see your “hidden” network listed alongside everyone else’s. The only people it is genuinely hidden from are legitimate users; family, friends, or customers trying to connect to an invisible network that they can’t see when they click on the little wifi icon in the corner. The hacker meanwhile, has identified your hidden network and is launching the next app he’ll use to crack your passkey. The clock is ticking.

How Easy Is It to Crack a Wi-Fi Network? macwifiscanner

Advice: Don’t bother hiding your SSID – the only person it’ll cause problems for is yourself.

WEP Passwords

WEP passwords are the old way of securing a network; I showed you a long time ago how they are incredibly easy to crack How to Crack Your Own WEP Network to Find Out Just How Insecure It Really Is How to Crack Your Own WEP Network to Find Out Just How Insecure It Really Is We’re constantly telling you that using WEP to 'secure' your wireless network is really a fools game, yet people still do it. Today I’d like to show you exactly how insecure WEP really is, by... Read More by simply sniffing out network traffic that’s broadcast around. You can even buy special routers from China that automatically crack any local WEP-secured networks, then re-broadcast the signal as a properly secured Wifi for your own purposes.

How Easy Is It to Crack a Wi-Fi Network? key found

Sadly, a lot of older devices are incompatible with WPA. Some game cartridges for the latest Nintendo 3DS won’t work with WPA, even though the console itself is compatible. I know my old iPhone had issues with WPA sometimes, too.

Advice: Never drop down your wifi security to the level of WEP password only – you are asking to have your internet used for all manner of nefarious purposes. If you have a device that’s incompatible, throw it in the trash and buy a real game console or new phone instead. There is absolutely no excuse for using WEP security in this day and age. If you’re out and about, don’t ever connect to one of these either; people can very easily listen in to your web traffic, resulting in stolen passwords, redirected bank logins and all things nasty.

WPA Security

I’m not at risk – you’re thinking – I have a 25 character long password and I use WPA2-PSK – the best security available. Well yes, that may be true; but you’re still not safe. Most routers contain something called WPS technology. WPS was an attempt to simplify connecting devices to the network; you could either use a simple, one-touch button on devices like games consoles and Wifi printers, or you type in an 8-digit number that’s printed on the side of your Wifi router. That 8-digit (numerical) password completely bypasses the need for a lengthy alphanumeric password. But don’t worry, manufacturers realised how silly this sounds and built-in safeguards to prevent brute force hacking of this number – after 3 failed attempts, there is a 60 second cooldown time. To randomly attack an 8-digit password would therefore take 6.3 years; you’d probably notice if someone was parked outside for that long. So we’re cool, right?

No. You see, they made a very slight oversight – they split the passkey number in 2 sets of 4 digits. After guessing the first 4, the router sends a helpful “you got the first half correct” notification, so you can save those for reference. You only need to break 4 numbers, twice. That limits your list of possible combinations to just 10,000 for each set. The 6.3 years required is now cut to less than a day. But it gets worse, as some manufacturers don’t even bother to implement a cool-down period between failed attempts. Yes, this is a momumental failure; with the correct tool (here’s my helpful tutorial) Think Your WPA-Protected Wifi Is Secure? Think Again - Here Comes The Reaver Think Your WPA-Protected Wifi Is Secure? Think Again - Here Comes The Reaver By now, we should all be aware of the dangers of securing networks with WEP, which I demonstrated before how you could hack in 5 minutes. The advice has always been to use WPA or... Read More , even your WPA2 protected network can be hacked in just a few hours.

How Easy Is It to Crack a Wi-Fi Network? wps cracked

Since WPS technology has been a requirement of certification for all wifi routers and enabled by default, it’s almost certain your router is susceptible. What can you do to protect yourself?

  • Disable WPS completely – this will vary by router. Be sure to test again after – although my router had this option, there was another internal WPS PIN that was separate from the user displayed one on the side of the router, and disabling just the user one offered no protection at all – the internal PIN could not be deactivated, yet could still be cracked.
  • Disable Wifi; this is probably the best option if you’re using something provided by your cable company or ISP; if you absolutely need Wifi, buy another router and put your ISP supplied one into “modem mode”.
  • Update the firmware of your router; assuing there is an update available.
  • Replace the firmware completely, with Tomato or DD-WRT What Is DD-WRT And How It Can Make Your Router Into A Super-Router What Is DD-WRT And How It Can Make Your Router Into A Super-Router In this article, I'm going to show you some of the coolest features of DD-WRT which, if you decide to make use of, will allow you to transform your own router into the super-router of... Read More .

How Easy Is It to Crack a Wi-Fi Network? wps pin side router

In summary, the chances of your Wifi connection being 100% secure are exceedingly low, regardless of how long your password is, whether or not you obscure the network name – it’s all crackable, and I’ve demonstrated it. If you want to be truly safe, you need to disable any wireless functionality completely, or make absolutely sure that WPS functionality is disabled fully on your router. You can and should run the tools linked above against your own networks to see if you’re vulnerable. So – do you still think you’re secure?

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. rahul dagundi
    May 4, 2016 at 11:43 pm

    Thanks for the article, guys! It worked for me. I have been searching for this for a long time but the internet is full of fakes like

    You article was one of the exceptions.
    We should promote stuff like your article to make internet more efficient

  2. Darrell Thomas
    December 18, 2012 at 9:13 pm

    ill give this ago later tonight see if mines hackable hopefully not as thats the first thing i do is disable WPS but yeah thanks for the write up

  3. Parigyan
    November 30, 2012 at 1:30 pm

    Very Informative post James ! I have learnt much from this article !

  4. Ali Ehsan
    November 29, 2012 at 1:20 pm

    thanks for sharing this information with us :)

  5. Howart Smith
    November 21, 2012 at 6:17 am

    I am using Hotspot Shield Free VPN while using wifi hotspots. Hotspot Shield free Wi-Fi security software encrypts sensitive data and provides total protection from

    hackers at such vulnerable places.

    Check it out here:

  6. Prasanth Mathialagan
    November 18, 2012 at 5:11 pm

    Excellent article on Wireless security!!!

  7. Jim Spencer
    November 15, 2012 at 9:43 am

    Good Article James! It should remind every one of us to be vigilant in protecting our back door!

  8. Sean A
    November 15, 2012 at 3:28 am

    I use subterfuge to get into networks when I have to

  9. Christopher Webb
    November 14, 2012 at 9:28 pm

    What is the most secure Wifi encryption that can be used for Airports?

  10. Timothy Clark
    November 14, 2012 at 6:42 pm

    The amount of "security risks" on the internet are completely ridiculous any more, not too mention all the useless stuff. ha

  11. Knut H. Flottorp
    November 13, 2012 at 5:53 pm

    On the Nokia N900 - that runs Linux (Maemo) you can install "Cleven" which will crack most networks. The 2.4GHz frequency used by WLAN is unprotected, and in general available for anyone Your channel is in the public domain and your usage of your frequency is on behalf of someone else.
    So, like CB radio, do not tell anything you do not want others to know. Be schizo and use wired connection only for your banking, but the rest of us, please grow up. We just have to stick with this silly technology. The Americans likes it this way and exhibited great effort to stop safer systems. Thank goes to the FCC.

  12. Douglas Mutay
    November 13, 2012 at 8:31 am

    Thanks for the article. My WPS was activated. I have just changed it. ;-)

  13. Boni Oloff
    November 12, 2012 at 12:34 am

    Looks like the wired modem more secure than the WiFi..

  14. Adu Joseph Lartey
    November 11, 2012 at 8:07 pm

    This site really acquaints me with a lot useful information. Keep it up,you guys are doing a wonderful job.

  15. Ihtisham ul haq haq
    November 11, 2012 at 6:09 pm

    thanks for nice tips

  16. Adrian Rea
    November 11, 2012 at 8:43 am

    Thank you, This has opened a new avenue of security tidying up that I have to do!

  17. Michael Jan Moratalla
    November 10, 2012 at 3:41 pm

    thanks for this

    • shanthi
      April 8, 2015 at 4:18 pm

      wi fi

  18. Lisa Santika Onggrid
    November 10, 2012 at 3:03 pm

    Do you have any personal recommendation to secure a personal WiFi network?

  19. vineed gangadharan
    November 10, 2012 at 1:53 pm

    thanks for the article :)

  20. Mitesh Budhabhatti
    November 10, 2012 at 8:29 am

    Now WiFi is everywhere. Even here in India WiFi is getting popular so fast. do you think there will ever be a convincingly secure method against this hacking?

    • James Bruce
      November 10, 2012 at 9:31 am

      Yes, run your own custom firmware and you can completely disable WPS. Just stock routers are affected really.

  21. Ali
    November 10, 2012 at 7:57 am

    "do you still think you’re secure?"
    YES, I'm secure!
    I have MAC address filter, any device not listed on the white list can't access my network, it can't even get to authentication phase! the router refuses the connection immediately, sorry, but I think turning wifi is just stupid, make a MAC address white list + disable WPS + use WPA2 secret key + hide router's SSID and WHOA! you have the most secure wireless network ever.

    • James Bruce
      November 10, 2012 at 9:30 am

      It's fairly solid, but your router likely still has an internal WPS pin unless you're running custom firmware; also, spoofing MAC address is one line command, and detecting an existing device on your network is childs play. So, not impossible, but difficult enough that I would have moved onto another neighbour instead.

      • Ali
        November 10, 2012 at 7:01 pm

        how you can spoof any MAC address without even knowing what are the white listed MAC addresses on my router?

        • James Bruce
          November 10, 2012 at 7:32 pm

          By simply listening to your network traffic; you don't need to be authenticated on a network in order to listen in promiscous mode. Of course, if none of your devices ever connect to the network it would be impossible to find their MAC addresses, but then what would be the point of having a network in the first place?

    • Jay Maynard
      November 10, 2012 at 9:35 am

      Bet me.

      Various tools in the Aircrack-ng suite will let me see if anything is "associated" with the router(AP or Access Point). If I really need your bssid, a deauthentication command can be sent that disconnects everything from the router, they will automatically reconnect, and during the reconnect handshake your bssid will now show up in Airodump-ng. Macchanger will allow me to change the MAC address of my wireless card to match that of the associated device, and now I'm a device on the white list. Defeating your hidden bssid and MAC filtering took about 20 seconds. Maybe. Changing my MAC to match a different device (not one of yours, just someone else's, to cover my tracks), I start Reaver, and go to my place of employment, letting it run while I'm gone. Chances are, by the time I get home, I'll have your PIN. That is, if your router has the timeout feature. If not, a computer with enough CPU speed and enough RAM, will have your PIN in minutes, probable quicker than defeating WEP.

      What this all boils down to is, if you can't completely disable WPS, you are vulnerable.

      • Knut H. Flottorp
        November 13, 2012 at 8:35 pm

        Well said - I have the same on my mobile (N900), so people can move around and crack it. It is important to let the folks know that their networks can be hacked, and in particular that the banks are told that the PIN you have to submit on the Internet bank is visible to anyone that bother.
        If you can listen-in, our message must be encrypted. Now how can you do that? Is there any routers in the market that allows for own/ proprietary encryption? How can you configure a network for this?

        Let me start by asking: Is there any access points that support bluetooth?

    • Jay Maynard
      November 10, 2012 at 9:35 am
    • Jay Maynard
      November 10, 2012 at 9:39 am

      Actually the WPS PIN is:
      4 digit PIN + 3 digit PIN + 1 digit check sum = only about 11,000 number combinations.

      • James Bruce
        November 10, 2012 at 9:43 am

        Thanks Jay. That's even worse!

    • Jay Maynard
      November 10, 2012 at 9:39 am

      Actually the WPS PIN is:
      4 digit PIN + 3 digit PIN + 1 digit check sum = only about 11,000 number combinations.

  22. Zhong Jiang
    November 10, 2012 at 4:14 am

    If your wireless access point have been hacked, there's a log of intrusion recorded in the router and it'll signal to the user that their internet connection is compromised. It's also safe to add that people should use ethernet cord to access the web since not only is it more reliable and faster, it won't have the vulnerabilities that of a wireless access point.

    • Doc
      November 10, 2012 at 5:06 am

      Most consumers won't know there's an access log in the router, or know how to read it or what any of it means. After all, if a notification box doesn't pop up on your screen, are you going to think to look at it? (Most users won't even know how to log into their router's Admin page!)

      • Zhong Jiang
        November 11, 2012 at 5:19 am

        That's exactly the reason why they are reading this article; changing their perspective on who they share their internet connection with. The common user don't usually care for these precautions because they tend to think everything will be fine until problems arises.

      • Knut H. Flottorp
        November 13, 2012 at 8:09 pm

        Read the DHCP allocation lease-log and see if you know everyone that has been awarded a lease. But with all phones being Android-82356554654 - its not easy.

        So, use permanent allocation of IP addresses. For every new computer or phone or printer or television/stereo that access it, connect one at a time, and insert the address pair MAC/IP address as permanent. Work your way, one by one. and then tick off "Permanent IP address ONLY".

        They will then still be able to listen in and even duplicate one of your MAC addresses - but this is another fence that is difficult to cross.

  23. Yudono R.A.
    November 10, 2012 at 2:17 am

    wow.. luckily my internet connection don't use wi-fi (i use cable modem)
    i'll share it to my friends that use wi-fi fabout this info, thanks for the information

    • Doc
      November 10, 2012 at 5:02 am

      The article isn't about getting your Internet by wifi; it's about the wireless router that's inside the cable modem, or the router you've attached to the cable modem, being insecure - if you have WiFi turned on at all (to connect a PC, a laptop, a Wifi-connected TV or DVD player, or a game console), you're probably vulnerable.

  24. Jon Smith
    November 10, 2012 at 12:52 am

    nice its really annoying for my neighbors "borrowing" my wifi, I'm going to change some things now...

  25. Kaashif Haja
    November 10, 2012 at 12:49 am

    Nice Article!
    Changing my router's & modem's username and password, will it be of any help?

    • Doc
      November 10, 2012 at 5:05 am

      No, that's just for logging in and changing your router's setup; this is about the encryption keys you use to connect to the WiFi in the first place ("This wireless connection requires a security key to connect.") Apparently, the newest standard, WPA2, is still quite vulnerable in a lot of the router firmware, no matter how new or up-to-date the vendors' firmware (the operating system running inside the router) is...

    • Knut H. Flottorp
      November 13, 2012 at 7:59 pm

      YES - that is the most important security issue.
      My router has been hacked, and caused a Denial of Service where the only way out was to reload the binary image of the router, and re-instate all PC and rights. Most routers have a utility to back up this - do it.

      The next is to change username of Admin to something else, and place a password - and change the password regularly. Most routers run Linux, so block the telnet and ftp port on this, and use e.g. port 8080 for http access to manage it, and limit the interface to the LAN IP only.

  26. Craig
    November 9, 2012 at 8:28 pm

    I also implement MAC address filtering so as only allow MAC addresses registered on my router to be accepted.
    I know some smart @ss will say ' yeah but you can spoof MAC addresses', but, really, is it worth it just to get some free wifi?

    • James Bruce
      November 10, 2012 at 9:32 am

      Is the worth one line command to spoof MAC address? Sure, depends on what you're trying to achieve. Free internet is not really the concern here - you can get that in Starbucks - what is a big deal is downloading something illegal, like torrents, or worse.

      • craig
        November 10, 2012 at 3:54 pm

        In reality I think the chances of someone cracking my network password, spoofing one of my MAC addresses, living next door, just in order to possibly do something possibly illegal is about 0. I'll take my chances and not listen to the FUD, (Fear, Uncertainty and Doubt) as practiced by yourself.

        • James Bruce
          November 10, 2012 at 4:56 pm

          Well, you know your neighbours better than I do.

        • craig
          November 10, 2012 at 5:02 pm

          and, in any case any evidence of their 'illegal' activity would not be found on any of my computers.

        • James Bruce
          November 10, 2012 at 5:10 pm

          If they managed to join your network, they could easily place files into the shared directories. It wouldnt matter though. You'd already have your machines confiscated for 6 months while the authorities search them.

          I'm not arguing; the chances of all this happening are very close to zero. The point of this article was to show how insecure wifi is; not how likely it is that someone would hack you.

        • Knut H. Flottorp
          November 13, 2012 at 6:08 pm

          First it is far from illegal to itch a ride, your neighbor has the same right as you to the WLAN radio frequencies. There are just a limited number of channels available for everyone, so sharing an access point should be more the norm.
          Windows SMB - or "Samba" has a notion of "user" and allows you to implement protection. The printer and DLNA storage on your router is open to everyone. Regardless, everyone should limit access to files and network resources. Consider that all is open once it is accessible outside your wall.

        • dragonmouth
          November 13, 2012 at 1:18 pm

          using "security by obscurity", like you are doing, is like using the Rythm Method for family planning. Sooner or later, you become a parent. In both cases, the question is WHEN, not IF.

        • craig
          November 13, 2012 at 4:18 pm

          Security is all about taking measures that are appropriate for the perceived level of risk.

        • Knut H. Flottorp
          November 13, 2012 at 5:59 pm

          There is nothing you can do - he has the same right to those radio frequencies as you have, which many forgets.
          You should impose a MAC address mapping scheme, so he does not pinch your internet connection. or better sign a peace treaty and ask him to chip in on your connection fee.

          The SSID should always be readable and identify who allocates the shared resource, so that you can approach a nasty neighbor that blocks your frequency to shut up. Then your neighbour can also approach you and propose to chip in.

  27. Chuck
    November 9, 2012 at 8:24 pm

    How secure is the WiFi if one uses an permitted mac id list in addition to WPA-PSK?

  28. Anthony Monori
    November 9, 2012 at 7:59 pm

    Thanks for the tip about WPS! I'll definitely disable it.

  29. Mihovil Pletikos
    November 9, 2012 at 7:59 pm

    don't forget about openwrt.... it works also works great with many cheap routers and you can disable any wps and similar stuff :)
    btw. people should at least "configure" their wps, because if not their network is totally open and allows other people to "configure" it for them

    • James Bruce
      November 10, 2012 at 9:32 am

      Good advice; custom firmware is the only secure way to go.

  30. Anonymous
    November 9, 2012 at 7:45 pm

    Realy, your chances of being hacked (if you're using WPS-PSK) are exceedingly low. First of all you would have to worth the effort involved - and OK let's say you live next door to a geek like the rest of us that read this who has the tools and the time, then what? USE DD-WRT and if your router isn't supported but DD-WRT then BUY ONE THAT IS and secure that sucker.

    • James Bruce
      November 10, 2012 at 9:34 am

      Firstly - yep, great advice; custom firmware is far more secure and can be made invulnerable to the reaver.

      However, the reaver hack is very simple; I wrote an easy tutorial on how to test yourself. You're right in saying "chances are low", but that's not really the point.

  31. becky
    November 9, 2012 at 7:38 pm

    Some routers from cable companies don't allow you to replace the firmware

    • Achraf Almouloudi
      November 12, 2012 at 3:45 am

      I have seen some but they seem to allow, can you please tell me one that cannot update it's firmware .

  32. vk
    November 9, 2012 at 6:12 pm

    What if the router has WPS but you haven't used it to setup your WPA2-PSK security and given your own lengthy key? Is it still going to be vulnerable?

    • Muo TechGuy
      November 9, 2012 at 6:15 pm

      Yes, still vulnerable. It is activated by default, and even then some cannot be deactivated; of those that can be decactivated, some include another internal one anyway, which cannot be deactivated. Best way to tell is to try and hack your own router....

    • Achraf Almouloudi
      November 12, 2012 at 3:44 am

      Although you've never used it, if it exists and enabled then the hacker would be able to hack using it .