By Todd Ogasawara on December 9, 2009 1:30 AM

WPA CRACK Will Try to Crack Your Wireless Access Point Password for $17 – How to Secure Against It

You gotta love sensationalistic subject lines like this one from PC World…

New Cloud-based Service Steals Wi-Fi Passwords

Hey, it got me to read the article, so the author did his job very well! The article does a reasonable job of explaining what the service is all about. But, I think it could use a bit more clarification. So, let me try to clear things up here.

1. No one is trying to steal anything! The WPA CRACKER service seems like a legitimate single purpose pentetration testing service.

2. There is no magic involved and you need to do some work too. Specifically, you need to provide a 10 megabyte PCAP (Packet CAPture) of a WPA handshake.

3. This is a brute force dictionary attack that takes about 20 minutes to crack a WPA password using the service’s full cluster or 40 minutes if you decide to use just half of the 400-node server cluster for the attack. As the PC World article mentions, using the full cluster costs $34 while using half of it costs $17. I’d really like to know why the service charges such an unusual amount (vs. say $30 and $15 or $34.95).

4. The service does not promise 100% success.

5. Don’t feel smug if you use WPA2 and note that this a WPA attack. WPA CRACKER notes that: while WPA2 introduced CCMP mode as a replacement for the problematic TKIP, when run with authentication based on Pre-Shared Keys (PSK), it is still vulnerable to dictionary attacks. Our service works against both WPA and WPA2 when PSK is being used.

6. If you want to secure your wireless access point(s) from a brute force dictionary attack, consider using a cryptographically strong password like the ones generated (for free) on the GRC (Gibson Research Corp.) Perfect Passwords web page:

Perfect Passwords