How Easy Is It To Crack A Wifi Network? [MakeUseOf Explains]

wifithumb2   How Easy Is It To Crack A Wifi Network? [MakeUseOf Explains]Whether you’re a computer novice or a pro-level geek, you probably have some idea about Wifi security. You know that you need to have some kind of password – preferably a long password, maybe even with some punctuation; and you also know that there’s a setting on your router to hide the network name so other people can’t see it. You’ve done all that, and now your sitting there safe and sound in the knowledge that your network is on lockdown. Really? You might want to keep reading, as we dispel a few common beliefs about Wifi security.

Hiding your Network SSID

Security through obfuscation is the worst kind; anyone with access to the most basic of wifi hacking tools will see your “hidden” network listed alongside everyone else’s. The only people it is genuinely hidden from are legitimate users; family, friends, or customers trying to connect to an invisible network that they can’t see when they click on the little wifi icon in the corner. The hacker meanwhile, has identified your hidden network and is launching the next app he’ll use to crack your passkey. The clock is ticking.

macwifiscanner   How Easy Is It To Crack A Wifi Network? [MakeUseOf Explains]

Advice: Don’t bother hiding your SSID – the only person it’ll cause problems for is yourself.

WEP Passwords

WEP passwords are the old way of securing a network; I showed you a long time ago how they are incredibly easy to crack by simply sniffing out network traffic that’s broadcast around. You can even buy special routers from China that automatically crack any local WEP-secured networks, then re-broadcast the signal as a properly secured Wifi for your own purposes.

key found   How Easy Is It To Crack A Wifi Network? [MakeUseOf Explains]

Sadly, a lot of older devices are incompatible with WPA. Some game cartridges for the latest Nintendo 3DS won’t work with WPA, even though the console itself is compatible. I know my old iPhone had issues with WPA sometimes, too.

Advice: Never drop down your wifi security to the level of WEP password only – you are asking to have your internet used for all manner of nefarious purposes. If you have a device that’s incompatible, throw it in the trash and buy a real game console or new phone instead. There is absolutely no excuse for using WEP security in this day and age. If you’re out and about, don’t ever connect to one of these either; people can very easily listen in to your web traffic, resulting in stolen passwords, redirected bank logins and all things nasty.

WPA Security

I’m not at risk - you’re thinking - I have a 25 character long password and I use WPA2-PSK – the best security available. Well yes, that may be true; but you’re still not safe. Most routers contain something called WPS technology. WPS was an attempt to simplify connecting devices to the network; you could either use a simple, one-touch button on devices like games consoles and Wifi printers, or you type in an 8-digit number that’s printed on the side of your Wifi router. That 8-digit (numerical) password completely bypasses the need for a lengthy alphanumeric password. But don’t worry, manufacturers realised how silly this sounds and built-in safeguards to prevent brute force hacking of this number – after 3 failed attempts, there is a 60 second cooldown time. To randomly attack an 8-digit password would therefore take 6.3 years; you’d probably notice if someone was parked outside for that long. So we’re cool, right?

No. You see, they made a very slight oversight – they split the passkey number in 2 sets of 4 digits. After guessing the first 4, the router sends a helpful “you got the first half correct” notification, so you can save those for reference. You only need to break 4 numbers, twice. That limits your list of possible combinations to just 10,000 for each set. The 6.3 years required is now cut to less than a day. But it gets worse, as some manufacturers don’t even bother to implement a cool-down period between failed attempts. Yes, this is a momumental failure; with the correct tool (here’s my helpful tutorial), even your WPA2 protected network can be hacked in just a few hours.

wps cracked   How Easy Is It To Crack A Wifi Network? [MakeUseOf Explains]

Since WPS technology has been a requirement of certification for all wifi routers and enabled by default, it’s almost certain your router is susceptible. What can you do to protect yourself?

  • Disable WPS completely – this will vary by router. Be sure to test again after – although my router had this option, there was another internal WPS PIN that was separate from the user displayed one on the side of the router, and disabling just the user one offered no protection at all – the internal PIN could not be deactivated, yet could still be cracked.
  • Disable Wifi; this is probably the best option if you’re using something provided by your cable company or ISP; if you absolutely need Wifi, buy another router and put your ISP supplied one into “modem mode”.
  • Update the firmware of your router; assuing there is an update available.
  • Replace the firmware completely, with Tomato or DD-WRT.

wps pin side router   How Easy Is It To Crack A Wifi Network? [MakeUseOf Explains]

In summary, the chances of your Wifi connection being 100% secure are exceedingly low, regardless of how long your password is, whether or not you obscure the network name – it’s all crackable, and I’ve demonstrated it. If you want to be truly safe, you need to disable any wireless functionality completely, or make absolutely sure that WPS functionality is disabled fully on your router. You can and should run the tools linked above against your own networks to see if you’re vulnerable. So – do you still think you’re secure?

The comments were closed because the article is more than 180 days old.

If you have any questions related to what's mentioned in the article or need help with any computer issue, ask it on MakeUseOf Answers—We and our community will be more than happy to help.

61 Comments -

0 votes

vk

What if the router has WPS but you haven’t used it to setup your WPA2-PSK security and given your own lengthy key? Is it still going to be vulnerable?

0 votes

Muo TechGuy

Yes, still vulnerable. It is activated by default, and even then some cannot be deactivated; of those that can be decactivated, some include another internal one anyway, which cannot be deactivated. Best way to tell is to try and hack your own router….

0 votes

Achraf Almouloudi

Although you’ve never used it, if it exists and enabled then the hacker would be able to hack using it .

0 votes

becky

Some routers from cable companies don’t allow you to replace the firmware

0 votes

Achraf Almouloudi

I have seen some but they seem to allow, can you please tell me one that cannot update it’s firmware .

0 votes

Anonymous

Realy, your chances of being hacked (if you’re using WPS-PSK) are exceedingly low. First of all you would have to worth the effort involved – and OK let’s say you live next door to a geek like the rest of us that read this who has the tools and the time, then what? USE DD-WRT and if your router isn’t supported but DD-WRT then BUY ONE THAT IS and secure that sucker.

0 votes

James Bruce

Firstly – yep, great advice; custom firmware is far more secure and can be made invulnerable to the reaver.

However, the reaver hack is very simple; I wrote an easy tutorial on how to test yourself. You’re right in saying “chances are low”, but that’s not really the point.

0 votes

Mihovil Pletikos

don’t forget about openwrt…. it works also works great with many cheap routers and you can disable any wps and similar stuff :)
btw. people should at least “configure” their wps, because if not their network is totally open and allows other people to “configure” it for them

0 votes

James Bruce

Good advice; custom firmware is the only secure way to go.

0 votes

Anthony Monori

Thanks for the tip about WPS! I’ll definitely disable it.

0 votes

Chuck

How secure is the WiFi if one uses an permitted mac id list in addition to WPA-PSK?

0 votes

Craig

I also implement MAC address filtering so as only allow MAC addresses registered on my router to be accepted.
I know some smart @ss will say ‘ yeah but you can spoof MAC addresses’, but, really, is it worth it just to get some free wifi?

0 votes

James Bruce

Is the worth one line command to spoof MAC address? Sure, depends on what you’re trying to achieve. Free internet is not really the concern here – you can get that in Starbucks – what is a big deal is downloading something illegal, like torrents, or worse.

0 votes

craig

James,
In reality I think the chances of someone cracking my network password, spoofing one of my MAC addresses, living next door, just in order to possibly do something possibly illegal is about 0. I’ll take my chances and not listen to the FUD, (Fear, Uncertainty and Doubt) as practiced by yourself.

0 votes

James Bruce

Well, you know your neighbours better than I do.

0 votes

craig

and, in any case any evidence of their ‘illegal’ activity would not be found on any of my computers.

0 votes

James Bruce

If they managed to join your network, they could easily place files into the shared directories. It wouldnt matter though. You’d already have your machines confiscated for 6 months while the authorities search them.

I’m not arguing; the chances of all this happening are very close to zero. The point of this article was to show how insecure wifi is; not how likely it is that someone would hack you.

0 votes

Knut H. Flottorp

First it is far from illegal to itch a ride, your neighbor has the same right as you to the WLAN radio frequencies. There are just a limited number of channels available for everyone, so sharing an access point should be more the norm.
Windows SMB – or “Samba” has a notion of “user” and allows you to implement protection. The printer and DLNA storage on your router is open to everyone. Regardless, everyone should limit access to files and network resources. Consider that all is open once it is accessible outside your wall.

0 votes

dragonmouth

Craig,
using “security by obscurity”, like you are doing, is like using the Rythm Method for family planning. Sooner or later, you become a parent. In both cases, the question is WHEN, not IF.

0 votes

craig

Dragonmouth,
Security is all about taking measures that are appropriate for the perceived level of risk.

0 votes

Knut H. Flottorp

There is nothing you can do – he has the same right to those radio frequencies as you have, which many forgets.
You should impose a MAC address mapping scheme, so he does not pinch your internet connection. or better sign a peace treaty and ask him to chip in on your connection fee.

The SSID should always be readable and identify who allocates the shared resource, so that you can approach a nasty neighbor that blocks your frequency to shut up. Then your neighbour can also approach you and propose to chip in.

0 votes

Kaashif Haja

Nice Article!
Changing my router’s & modem’s username and password, will it be of any help?

0 votes

Doc

No, that’s just for logging in and changing your router’s setup; this is about the encryption keys you use to connect to the WiFi in the first place (“This wireless connection requires a security key to connect.”) Apparently, the newest standard, WPA2, is still quite vulnerable in a lot of the router firmware, no matter how new or up-to-date the vendors’ firmware (the operating system running inside the router) is…

0 votes

Knut H. Flottorp

YES – that is the most important security issue.
My router has been hacked, and caused a Denial of Service where the only way out was to reload the binary image of the router, and re-instate all PC and rights. Most routers have a utility to back up this – do it.

The next is to change username of Admin to something else, and place a password – and change the password regularly. Most routers run Linux, so block the telnet and ftp port on this, and use e.g. port 8080 for http access to manage it, and limit the interface to the LAN IP only.

0 votes

Jon Smith

nice its really annoying for my neighbors “borrowing” my wifi, I’m going to change some things now…

0 votes

Yudono R.A.

wow.. luckily my internet connection don’t use wi-fi (i use cable modem)
i’ll share it to my friends that use wi-fi fabout this info, thanks for the information

0 votes

Doc

The article isn’t about getting your Internet by wifi; it’s about the wireless router that’s inside the cable modem, or the router you’ve attached to the cable modem, being insecure – if you have WiFi turned on at all (to connect a PC, a laptop, a Wifi-connected TV or DVD player, or a game console), you’re probably vulnerable.

0 votes

Zhong Jiang

If your wireless access point have been hacked, there’s a log of intrusion recorded in the router and it’ll signal to the user that their internet connection is compromised. It’s also safe to add that people should use ethernet cord to access the web since not only is it more reliable and faster, it won’t have the vulnerabilities that of a wireless access point.

0 votes

Doc

Most consumers won’t know there’s an access log in the router, or know how to read it or what any of it means. After all, if a notification box doesn’t pop up on your screen, are you going to think to look at it? (Most users won’t even know how to log into their router’s Admin page!)

0 votes

Zhong Jiang

That’s exactly the reason why they are reading this article; changing their perspective on who they share their internet connection with. The common user don’t usually care for these precautions because they tend to think everything will be fine until problems arises.

0 votes

Knut H. Flottorp

Read the DHCP allocation lease-log and see if you know everyone that has been awarded a lease. But with all phones being Android-82356554654 – its not easy.

So, use permanent allocation of IP addresses. For every new computer or phone or printer or television/stereo that access it, connect one at a time, and insert the address pair MAC/IP address as permanent. Work your way, one by one. and then tick off “Permanent IP address ONLY”.

They will then still be able to listen in and even duplicate one of your MAC addresses – but this is another fence that is difficult to cross.

0 votes

Ali

“do you still think you’re secure?”
YES, I’m secure!
I have MAC address filter, any device not listed on the white list can’t access my network, it can’t even get to authentication phase! the router refuses the connection immediately, sorry, but I think turning wifi is just stupid, make a MAC address white list + disable WPS + use WPA2 secret key + hide router’s SSID and WHOA! you have the most secure wireless network ever.

0 votes

James Bruce

It’s fairly solid, but your router likely still has an internal WPS pin unless you’re running custom firmware; also, spoofing MAC address is one line command, and detecting an existing device on your network is childs play. So, not impossible, but difficult enough that I would have moved onto another neighbour instead.

0 votes

Ali

how you can spoof any MAC address without even knowing what are the white listed MAC addresses on my router?

0 votes

James Bruce

By simply listening to your network traffic; you don’t need to be authenticated on a network in order to listen in promiscous mode. Of course, if none of your devices ever connect to the network it would be impossible to find their MAC addresses, but then what would be the point of having a network in the first place?

0 votes

Jay Maynard

Bet me.

Various tools in the Aircrack-ng suite will let me see if anything is “associated” with the router(AP or Access Point). If I really need your bssid, a deauthentication command can be sent that disconnects everything from the router, they will automatically reconnect, and during the reconnect handshake your bssid will now show up in Airodump-ng. Macchanger will allow me to change the MAC address of my wireless card to match that of the associated device, and now I’m a device on the white list. Defeating your hidden bssid and MAC filtering took about 20 seconds. Maybe. Changing my MAC to match a different device (not one of yours, just someone else’s, to cover my tracks), I start Reaver, and go to my place of employment, letting it run while I’m gone. Chances are, by the time I get home, I’ll have your PIN. That is, if your router has the timeout feature. If not, a computer with enough CPU speed and enough RAM, will have your PIN in minutes, probable quicker than defeating WEP.

What this all boils down to is, if you can’t completely disable WPS, you are vulnerable.

0 votes

Knut H. Flottorp

Well said – I have the same on my mobile (N900), so people can move around and crack it. It is important to let the folks know that their networks can be hacked, and in particular that the banks are told that the PIN you have to submit on the Internet bank is visible to anyone that bother.
If you can listen-in, our message must be encrypted. Now how can you do that? Is there any routers in the market that allows for own/ proprietary encryption? How can you configure a network for this?

Let me start by asking: Is there any access points that support bluetooth?

0 votes

Jay Maynard

0 votes

Jay Maynard

Actually the WPS PIN is:
4 digit PIN + 3 digit PIN + 1 digit check sum = only about 11,000 number combinations.

0 votes

James Bruce

Thanks Jay. That’s even worse!

0 votes

Jay Maynard

Actually the WPS PIN is:
4 digit PIN + 3 digit PIN + 1 digit check sum = only about 11,000 number combinations.

0 votes

Mitesh Budhabhatti

Now WiFi is everywhere. Even here in India WiFi is getting popular so fast. do you think there will ever be a convincingly secure method against this hacking?

0 votes

James Bruce

Yes, run your own custom firmware and you can completely disable WPS. Just stock routers are affected really.

0 votes

vineed gangadharan

thanks for the article :)

0 votes

Lisa Santika Onggrid

Do you have any personal recommendation to secure a personal WiFi network?

0 votes

Michael Jan Moratalla

thanks for this

0 votes

Adrian Rea

Thank you, This has opened a new avenue of security tidying up that I have to do!

0 votes

Ihtisham ul haq haq

thanks for nice tips

0 votes

Adu Joseph Lartey

This site really acquaints me with a lot useful information. Keep it up,you guys are doing a wonderful job.

0 votes

Boni Oloff

Looks like the wired modem more secure than the WiFi..

0 votes

Douglas Mutay

Thanks for the article. My WPS was activated. I have just changed it. ;-)

0 votes

Knut H. Flottorp

On the Nokia N900 – that runs Linux (Maemo) you can install “Cleven” which will crack most networks. The 2.4GHz frequency used by WLAN is unprotected, and in general available for anyone Your channel is in the public domain and your usage of your frequency is on behalf of someone else.
So, like CB radio, do not tell anything you do not want others to know. Be schizo and use wired connection only for your banking, but the rest of us, please grow up. We just have to stick with this silly technology. The Americans likes it this way and exhibited great effort to stop safer systems. Thank goes to the FCC.

0 votes

Timothy Clark

The amount of “security risks” on the internet are completely ridiculous any more, not too mention all the useless stuff. ha

0 votes

Christopher Webb

What is the most secure Wifi encryption that can be used for Airports?

0 votes

Sean A

I use subterfuge to get into networks when I have to

0 votes

Jim Spencer

Good Article James! It should remind every one of us to be vigilant in protecting our back door!

0 votes

Prasanth Mathialagan

Excellent article on Wireless security!!!

0 votes

Howart Smith

I am using Hotspot Shield Free VPN while using wifi hotspots. Hotspot Shield free Wi-Fi security software encrypts sensitive data and provides total protection from

hackers at such vulnerable places.

Check it out here: http://www.hotspotshield.com/wifi-security

0 votes

Ali Ehsan

thanks for sharing this information with us :)

0 votes

Parigyan

Very Informative post James ! I have learnt much from this article !

0 votes

Darrell Thomas

ill give this ago later tonight see if mines hackable hopefully not as thats the first thing i do is disable WPS but yeah thanks for the write up