How safe is my WPA2 protected wireless network?

Rock23 March 18, 2011

Can someone break through and use my WiFi network, even if I have it secured by WPA2? If yes, then how is it possible?

Are there some applications available which help to both secure a network or break into it? And how are WEP, WPA and WPA2 different?

  1. Anonymous
    March 19, 2011 at 2:32 pm


    WPA2 encryption is based on the Advanced Encruption Standard (AES) adopted, by most organizations and standards bodies including those of the US government and AES represents the current state of the art in commercially instantiated encryption algorithms. Thus breaking WPA2 encryption with a sniffing (known cipertext) attack is tantamount to breaking AES

    you could do to ensure it is 100% as secure as you can possibly get it is to use EAP encryption rather than TKIP

    There is software aircracking among others that can capture the 4 way handshake, but this is a little exercise and depends if the attackers would like so much about your infos?

  2. Rock23
    March 19, 2011 at 2:24 pm

    What is that software which check/breaks the network ?

    March 19, 2011 at 12:57 am

    Hello, here is a quick and basic definition of encryption for wireless. All Data sent over a wireless network can be encrypted by three methods; wep, wpa, wpa2. As you know wpa2 is the more secure of the three. That security can be increase a bit more using extra software and hardware but unless you have really valuable information on your network those extra security measures are used mostly on enterprise environments.

    WEP: this three letters stand for Wired Equivalent Privacy. Data is encrypted using a firmware program on the wireless device and this data is only encrypted when the data is wireless. This same data gets decrypted when it reaches the wired network. When using WEP, data is encrypted using keys on either 64 bit or 128 bit. WEP encryption is also known as 40 bit encryption because even if it is 64 bit, the user can only configure around 40 bit out of the 64. The reason why WEP can be decrypted really easy is because it uses a static key. So in other words, if there is somebody trying to get into your network, they only have to spend some time examining your data packets to find a pattern on the coding to decrypt the code.

    WPA: this encryption is stronger than wep and it was designed specifically to replace wep. It is also known as TKIP, which stands for Temporal Key Integrity Protocol. With this encryption, the encryption keys are changed at set intervals. What this does, is that it makes it harder to intercept the keys because they are dynamic. By the time somebody finds the key, chances are it already changed, making it useless.

    WPA2: this is the latest and best wireless encryption and it is also know as 802.11i standard. It is also known as AES, which stands for Advance Encryption Standard. WPA2 can be implemented in two versions, Personal and Enterprise. WPA2 Personal protects unauthorized network access by utilizing a set-up password. WPA2 Enterprise verifies network users through a server. WPA2 is backward compatible with WPA. A thing to consider is the fact that if you have several devices on your network, in order for you to use WPA2, all devices have to be compatible with WPA2. If there is a device on your network that only supports WPA, this device will not be able to join your network unless your router supports WPA/WPA2 mixed. If you have a fairly recent router this should not be a problem.

    I would say it is possible to break WPA2 but unlikely. For somebody to break into your network with WPA2 enabled, they would have to spend a long time sniffing your network and also they would need a long amount of time and computer cycles to break. There is software available to check/break your security and the most worrisome thing is that it is free. I personally have not used it, but it can be used successfully, specially on WEP.

  4. Mike
    March 18, 2011 at 8:50 pm

    In general, yes it is possible. There are programs which are able to calculate and crack all kind of Wireless Encryption and Security options (WEP, WPA, WPA2, also MAC Address Filtering)

    The most secure WiFi setup would be to run WPA2 with a RADIUS or 802.1x server for authentication. But that's a bit overkill and a lot of setup for private or small business use.

    In general WPA2 with a pre-shared Key (=password) is enough. Just make sure the password is:
    - 10 characters or longer
    - using random alphanumerics including capital letters (complex)
    - does not contain words from the dictionary or related to you (name, location, birthday, ...)

    Using special characters like ? ! $ & _ - will significantly improve the security too but keep in mind that not all devices support them. If you are having trouble connection to the network a password containing those might be the problem.