Wi-Fi Protected Access (WPA) Cracked

Just when I thought that WiFi (802.11b/g) networks were getting safer, I get an email from a friend indicating that Wi-Fi Protected Access (WPA) has been cracked. InformIt.com has posted the details:

In this two-part series, Seth Fogie examines the internals of WPA and demonstrates how this wireless protection method can be cracked with only four packets of data. Part 1 outlines the details of WPA as compared to WEP and builds the foundation for Part 2, in which he describes in detail how WPA-PSK can be cracked.

The crack uses an application called coWPAtty:

coWPAtty is a brute-force cracking tool, which means that it systematically attempts to crack the WPA-PSK by testing numerous passwords, in order, one at a time.

Luckily Apple supports WPA2 on all AirPort Extreme-enabled Macs, the AirPort Extreme Base Station and the AirPort Express. In order to use WPA2 you must install the Airport firmware update (AirPort 4.2) released July 14, 2005.

If you're using an Apple Airport access point use WPA2 encryption. WPA2 uses AES encryption (Advanced Encryption Standard). If you have an older access point use WPA and as last resort use WEP. Make sure you chose passwords that are mixed case, long and will hold up to a dictionary attack. You should also chose the highest available encryption option (232 ->104 -> 40). For more on securing your WiFi network read this article from the WiFi Alliance.

What's on your network?