Tuesday, November 4 2003

WPA needs strong passwords

Wi-Fi Networking News reports that Wi-Fi Protected Access (WPA) is vulnerable to dictionary attacks. This means you gain nothing by turning it on unless you choose a strong WPA key.

The best source I’ve found for creating strong keys is Arnold Reinhold’s Diceware page. There’s a wealth of information here, including a number of alternatives to the main Diceware system, such as creating a strong password using only coins and your keyboard.

A few additional tables are only listed on the original ASCII version of the Diceware article. I particularly like the random syllable table, since you can print it out and carry it in a small container with a set of dice.

 123456
1bcdfgh 1a
2jklmnp 2e
3qurstvw 3i
4xzchcrfrnd 4o
5ngnkntphprrd 5u
6shslspstthtr 6y

There are a lot of online stores that sell casino dice, but if you ever get to Las Vegas, many of the big hotels sell their used casino dice in the gift shop. The Luxor even sells theirs online for $2 a pair. You can get their playing cards, too.