With the latest version of Elcomsoft Distributed Password Recovery (costing about $1,000) it is now possible for someone to ‘sniff’ a wireless network, intercept just a few packets, then crack your WPA or WPA2 keys in just days or weeks. This works against static keys – anyone using more complicated authentication schemes will not be at risk … for now.
So, I recommend not using any non-encrypted traffic (other than casual web browsing) when using a wireless network. That means HTTPS, VPN, and other encrypted protocols only. And keep changing those wireless encryption keys – and mitigate the risk as much as you can by using STRONG encryption keys.
The Elcomsoft press release is here: http://www.prweb.com/releases/wi-fi/cracking/prweb1405954.htm
Clareity Consulting’s security assessment clients received two additional important security alerts today.
Share this post: