That’s right - the WPS specification mandates that devices must implement the most insecure method of authentication. While push-button-connect is arguably secure, the PIN authentication method is the mandatory, baseline method that all certified WPS devices must support. Push-button-connect seems largely secure, with the only vulnerability being that anyone with physical access to the router could push the button and connect, even if they didn’t know the Wi-Fi passphrase. It won’t be active and available to exploit all the time, as a WPS PIN is. (The button may also be a software button on a setup screen.) This is more secure, as devices can only connect with this method for a few minutes after the button is pressed or after a single devices connects. Push-Button-Connect: Instead of entering a PIN or passphrase, you can simply push a physical button on the router after trying to connect. Anyone can use software named “Reaver” to crack a WPS PIN. A WPS PIN can be brute-forced in about a day. Many consumer routers don’t time out after a wrong WPS PIN is provided, allowing attackers to guess over and over again. There are only 11,000 possible four-digit codes, and once the brute force software gets the first four digits right, the attacker can move on to the rest of the digits. This makes WPS PINs very easy to “brute force” by guessing different combinations. Rather than check the entire eight-digit PIN at once, the router checks the first four digits separately from the last four digits. PIN: The router has a eight-digit PIN that you need to enter on your devices to connect. There are several different ways to implement Wi-Fi protected setup: When you connect to a router with WPS enabled, you’ll see a message saying you can use an easier way to connect rather than entering your Wi-Fi passphrase. Wi-FI Protected Setup (WPS), was created to solve this problem. This can be a bit inconvenient, as you have to enter your passphrase on each new device you connect. The router derives an encryption key from your passphrase, which it uses to encrypt your wireless network traffic to ensure people without the key can’t eavesdrop on it. This essentially gives you a password that protects your Wi-FI network from unauthorized access. The “PSK” stands for “pre-shared key.” You set up a wireless passphrase on your router and then provide that same passphrase on each device you connect to your WI-Fi network. Most home users should be using WPA2-Personal, also known as WPA2-PSK. RELATED: The Difference Between WEP, WPA, and WPA2 Wi-Fi Passwords
0 kommentar(er)
