Wi-Fi Protected Setup

Wi-Fi Protected Setup (WPS) is a method common on home access points  for users to connect without having to type in a long encryption key.   Instead a PIN is printed on the access point and anyone with physical access can add themselves to the wireless.   This has always seemed kind of hinky to me so I disable WPS after all my devices are setup.

Research posted earlier this week by Stefan Viehbock reports WPS design flaws and implementation flaws that can result in an attacker accessing your network.  

Flaw #1 – WPS is vulnerable to brute force attacks

Flaw #2 – The access point sends a authfail if the first half of the PIN is incorrect.   Uh huh. 

A brute force tool has been written but has not been released at the time of this posting.
Where possible, users should disable WPS on their home access point when they are not actively adding new wireless clients.

3 Comments

  1. Although you have suggested that users should disable their WPS where possible, the brute force tool is very powerful and take control after just a few hours. Vulnerable users would need to gain additional security to ensure their wifi is secure.

  2. One of the less-known dangers of Wi-Fi Protected Setup (and routers secured out of the box) is physical security, since the biggest giveaway with any wireless network was the security information (including the Wi-Fi Protected Setup PIN number – once someone gets this PIN number which cannot be disabled and/or changed, there’s no going back) printed on the unit, along with the same PIN number in the setup menus.
    How a wireless passphrase can be extracted: http://www.youtube.com/watch?v=kRhyvRAUG6k

Comments are closed.