The Truth About WPA Security
Wireless networking ranks up there with the internet as one of the most popular inventions over the last decade or so. At the same time, wireless data is vulnerable and can be easily exposed to intruders. This is true even when implementing encryption protocols intended to prevent such security breaches as none offer 100% protection.
By gaining access to your wireless network, a hacker could intercept personal information such as sensitive files or even private email messages. In most cases, a hacker is not after your computer's data but actually looking to abuse network access. They may want to use your internet connection to perform criminal activities such as sharing illegal content or distributing spam and malware.
WEP vs. WPA
WEP (Wired Equivalent Protection) is the protocol originally designed to protect wireless networks. Unfortunately, WEP did not remain secure for long at all. The design consisted of numerous flaws that allowed outsiders to extract keys required to decrypt data from airborne packet streams. In 2005, it's estimated that nearly 200 million credit card numbers were thieved from TJX, the parent company of the popular retail store Marshalls. This exploit was carried out using Wi-Fi sniffing packets from directly outside of a store location to compromise the company's WEP-encrypted wireless network. These cracking tools have evolved to a point where even a novice attacker can easily comprise WEP networks with a few simple clicks in a matter of minutes.
Wi-Fi Protected Access, or WPA, is the recommended protocol that has essentially replaced WEP. Conventional thinking would leave one to believe that unlike WEP, WPA is not vulnerable to network attacks. However, this not exactly true. The fact is that both WPA and WPA 2-encrypted networks can be compromised by skilled intruders. Merely choosing WPA over WPE and assuming it is adequate protection is something that could lead to a false sense of confidence and wireless security. By arming yourself with knowledge of the protocol, you can however, learn to defend your network against WPA exploits.
The Vulnerability of WPA
Most people using WPA authenticate their network password with PSK (Pre-Shared Key) protocol. Unlike WEP, WPA is advanced enough where an intruder cannot easily extract the PSK from packets they have intercepted. With the right combination of software and hardware, they can however, apply it against a large dictionary of phrases using a known algorithm until the password is unlocked. This practice more commonly known as brute force, could take from hours to days depending on the thoroughness of the attackers dictionary and strength of the WPA password.
In a nutshell, WPA network security all boils down to the complexity of your password. In order for an attacker to unlock it, the phrase must be contained in the dictionary they are using. While it may be tempting to use a phrase that is easily remembered such as the name of your child or pet, those terms are more likely to be listed in the attacker's dictionary. The best defense against an WPA exploit is a combination of length and randomness. Your password can be maximize size of 63 characters, a factor that makes it much more secure. Even when using a known WPA attack, an intruder may have to run their cracking utility for hundreds of years to reveal the PSK. By this time they will probably be too frustrated or too old to carry out the exploit, giving them a reason to move along to something easier.
Whether or not you choose to periodically change the password largely depends on how many clients have access to the information. If it's associated with several mobile devices, the chances of it falling into the wrong hands are increased, making more sense to change it on a frequent basis. In a fixed environment that doesn't have as many clients, your best bet would be to choose one password that is long, complex and ultimately more secure.