wi-fi security?

[Brian]

On Thu 06 Aug 2009 at 11:38:02 -0400, jason wrote:

> WPA, on the other hand, only requires a few seconds of data collection 
> to force, then grab the authentication handshake.  Then it's just a 
> matter of horsepower and how strong your passphrase is.  Keep in mind, 
> this is a brute force against the passphrase, _not_ AES.
> 
> Summary, use WPA, but make sure you choose a strong passphrase.  Or, if 
> you're motivated, roll your own enterprise scheme with openradius, etc.

I hadn't realised how easy it could be to capture the handshake but, because it
is the strength of the passphrase that matters, it seems to be only a minor
downside to WPA. You also imply there is no particular advantage in TKIP vs AES
or WPA vs WPA2 in this regard.

Some day I may try to crack the 63 character passphrase on my own WAP for fun,
but suspect I may not be around when it completes successfully.