Yes, you read that correctly. It’s been recently discovered that a hacker with free tools can get your WPA2 within a few hours. Millions of wireless routers may be vulnerable, including those from Belkin, Buffalo, D-Link, Cisco’s Linksys and Netgear.
How it works: Many routers come with a feature called WPS – Wifi Protected Setup – which is enabled by default. Most people simply ignore the feature. It uses a pin number to make it easy for devices to join a network. Instead of typing in a WPA key, you type in 8 numbers that are on the back of the router.
A flaw in the design of some routers is that after a number of attempts, the router starts transmitting a message indicating whether the first four digits are correct. Also, unlike some devices, the router doesn’t “lock down” after a number of attempts.
For example, say your WPA2 password is “1likemym@c” and your encryption is WPA2 Enterprise. The strength of your password doesn’t matter. When the pin is guessed correctly though brute force, the router GIVES YOU THE WPA PASSWORD.
Here’s a video of the attack (only 1 minute long): wpscrack vs. TP-Link TL-WR1043ND – Demo
What we’d do about it: The truth is, most people don’t have to worry. The odds that someone will spend hours trying to crack your WPA2 code so they can watch you surf the web is pretty small. If you have a router with WPA2 and are concerned, you can disable the WPS feature through your router’s administrator interface.
