Passwords & Encryption
If you’ve just installed your new router and connected it to the network through an Ethernet connection, the first things you need to do is to change the password required to access the network and a password encryption standard. The password itself should be complex and not contain any identifying information such as your name, or the name of a family member or pet.
There are currently three wireless password encryption standards. These standards are Wired Equivalent Protection (WEP), WiFi Protected Access (WPA) and WiFi Protected Access 2 (WPA2).
Wired Equivalent Protection
Wired Equivalent Protection (WEP) was introduced as part of the original 802.11 standard, and is primarily used in 64-bit or 128-bit format, although a 256-bit format is available from a small number of manufacturers. In 2003 the Wi-Fi Alliance announced that WEP had been superseded by WPA, and while WEP is still widely used today, it is the most vulnerable standard of the three available options.
Many easy-to-use applications can crack into WEP-protected wireless networks in as little as two minutes. They do this by using a range of methods, including WEP-protected key recovery, dictionary attacks and packet sniffing.
Please do not use WEP. If, for some reason, it is the only option available to you then you should think about investing in a new router.
Wi-Fi Protected Access
Wi-Fi Protected Access (WPA) became available in 1999 and was only ever intended to be used until WPA2 was released, which it was in 2004. All certified Wi-Fi devices produced since 2006 have had WPA and WPA2 protection methods included within them.
While WPA is a step up from WEP there are still several security vulnerabilities that leave WPA protected networks open to attacks. The most notable of these vulnerabilities is within the Wi-Fi Protected Setup (WPS) option now packaged with most new model routers. The WPS vulnerability allows a hacker to recover one’s password within an average of two to three hours.
If you are using WPA or WPA2 to protect your wireless network, please ensure that you have switched WPS off where your router allows you to do so.
Wi-Fi Protected Access 2
Wi-Fi Protected Access 2 (WPA2) was made available in 2004 and is the strongest of the three encryption standards. WPA2 is stronger than both WEP and WPA because of its advanced encryption methods and the extensive testing it was subjected to by the Wi-Fi Alliance.
While WPA2 is the strongest of these methods the WPS vulnerability, outlined in my review of WPA above, still exists. For this reason users have been encouraged to switch WPS off.
MAC Address Filtering
A Media Access Control address (MAC address) is a 48-bit unique identifier assigned to network interfaces. Due to their uniqueness MAC addresses can be used by most wireless routers to help filter out unwanted connections. This is made possible through the implementation of MAC address filtering.
MAC address filtering (sometimes referred to as hardware filtering) is the process of checking the MAC address of the user’s network card against a list which is stored inside the router. Devices on the list will authenticate as normal and will be given access to the wireless network; clients not on the list will be denied access to the network.