Securing your home or office Wi-Fi

By , PC World |  Security, wifi

Small businesses (and security fanatics at home) that have wireless routers featuring WPS can also consider using enterprise-level Wi-Fi security, which even consumer-level routers support. This is a more secure mode of WPA/WPA2 security, and it doesn't use WPS, so you aren't exposed to the vulnerability. The enterprise mode is also called the 802.1X or EAP mode, whereas the personal mode (the one vulnerable to WPS weakness) is technically called the preshared key (PSK) mode.

The enterprise mode of WPA/WPA2 security uses 802.1X authentication, which requires some sort of external authentication (or RADIUS) server. But services are available that can host such a server for you.

Session Hijacking and Password Capturing

Another major Wi-Fi security threat that has surfaced in the past few years comes from tools that allow anyone eavesdrop on wireless traffic capture passwords or other information. Tools such as the Firefox add-on Firesheep and the Android app DroidSheep make it easy for anyone on your Wi-Fi network to hijack your online accounts. As a result, if eavesdroppers run the tool as you log on to a website that isn't secured with SSL/HTTPS encryption (for example, some social networking and email sites--look for "https" in the URL to determine whether the site is encrypted), they can then get onto your account.

People can perform only session hijacking and password capturing if they are on the same network as you or if the network isn't secured, such as by using WPA/WPA2. It's not something to worry about on your home network unless you don't secure your Wi-Fi properly or you don't trust other users. But it is something of concern for business networks. and it can be prevented with enterprise Wi-Fi security.

Weak Wi-Fi Passwords

Your WPA and WPA2 passwords are susceptible to brute-force dictionary-based cracking (basically, where hackers guess your password using software tools that repeatedly guess). If your router's password is a word listed in the dictionary--or something close to such a word--it's highly vulnerable to cracking. Use a long passphrase (one of at least 13 characters and as many as 63 characters) with mixed case and random letters, numbers, and other ASCII characters. A gibberish password like this one will hold up: q$3^cP&/S#z;2%D,7x)h. Or see "How to Build Better Passwords Without Losing Your Mind" for guidance on devising strong passwords that you'll be able to remember.

For more Wi-Fi security tips, read "How to Lock Down Your Wireless Network."

Originally published on PC World |  Click here to read the original story.
Join us:






Answers - Powered by ITworld

Ask a Question