Heres Why You Should Disable It. WPA2 with a strong password is secure as long as you disable WPS. Youll find this advice in guides to securing your Wi Fi all over the web. Wi Fi Protected Setup was a nice idea, but using it is a mistake. Your router probably supports WPS and its likely enabled by default. Like UPn. P, this is an insecure feature that makes your wireless network more vulnerable to attack. What is Wi Fi Protected Setup Most home users should be using WPA2 Personal, also known as WPA2 PSK. The PSK stands for pre shared key. You set up a wireless passphrase on your router and then provide that same passphrase on each device you connect to your WI Fi network. This essentially gives you a password that protects your Wi FI network from unauthorized access. The router derives an encryption key from your passphrase, which it uses to encrypt your wireless network traffic to ensure people without the key cant eavesdrop on it. This can be a bit inconvenient, as you have to enter your passphrase on each new device you connect. Wi FI Protected Setup WPS, was created to solve this problem. When you connect to a router with WPS enabled, youll see a message saying you can use an easier way to connect rather than entering your Wi Fi passphrase. Why Wi Fi Protected Setup Is Insecure. There are several different ways to implement Wi Fi protected setup PIN The router has a eight digit PIN that you need to enter on your devices to connect. Rather than check the entire eight digit PIN at once, the router checks the first four digits separately from the last four digits. This makes WPS PINs very easy to brute force by guessing different combinations. There are only 1. Many consumer routers dont time out after a wrong WPS PIN is provided, allowing attackers to guess over and over again. A WPS PIN can be brute forced in about a day. Source Anyone can use software named Reaver to crack a WPS PIN. Push Button Connect Instead of entering a PIN or passphrase, you can simply push a physical button on the router after trying to connect. The button may also be a software button on a setup screen. This is more secure, as devices can only connect with this method for a few minutes after the button is pressed or after a single devices connects. It wont be active and available to exploit all the time, as a WPS PIN is. Push button connect seems largely secure, with the only vulnerability being that anyone with physical access to the router could push the button and connect, even if they didnt know the Wi Fi passphrase. PIN is Mandatory. While push button connect is arguably secure, the PIN authentication method is the mandatory, baseline method that all certified WPS devices must support. Thats right the WPS specification mandates that devices must implement the most insecure method of authentication. Router manufacturers cant fix this security problem because the WPS specification calls for the insecure method of checking PINs. Any device implementing Wi FI Protected Setup in compliance with the specification will be vulnerable. The specification itself is no good. Can You Disable WPS There are several different types of routers out there. Some routers dont allow you to disable WPS, providing no option in their configuration interfaces to do so. Some routers provide an option to disable WPS, but this option does nothing and WPS is still enabled without your knowledge. In 2. 01. 2, this flaw was found on every Linksys and Cisco Valet wireless access point tested. SourceSome routers will allow you to either disable or enable WPS, offering no choice of authentication methods. Some routers will allow you to disable PIN based WPS authentication while still using push button authentication. Some routers dont support WPS at all. These are probably the most secure. How to Disable WPSIf your router allows you to disable WPS, youll likely find this option under Wi FI Protected Setup or WPS in its web based configuration interface. Advanced-Wifi-Wireless-Password-Cracker-Hacker1.png' alt='How To Crack Wi Fi' title='How To Crack Wi Fi' />You should at least disable the PIN based authentication option. On many devices, youll only be able to choose whether to enable or disable WPS. Drive Increaser Software'>Drive Increaser Software. Choose to disable WPS if thats the only choice you can make. Wed be a bit worried about leaving WPS enabled, even if the PIN option appears to be disabled. WiFi Protected Access WPA and WiFi Protected Access II WPA2 are two security protocols and security certification programs developed by the WiFi Alliance to. WPA2 with a strong password is secure as long as you disable WPS. Youll find this advice in guides to securing your WiFi all over the web. WiFi Protected Setup. How do one exAir Force official and one former airplane hobby shop owner, both of whom happen to have decades of experience as network security. You already know that if you want to lock down your WiFi network, you should opt for WPA encryption because WEP is easy to crack. But did you know how easy Take a look. Two types of tethering are available cabled and wireless. The first typically uses a USB sync cable, whereas the other requires your mobile phone to have WiFi. Given the terrible record of router manufacturers when it comes to WPS and other insecure features like UPn. P, isnt it possible that some WPS implementations would continue to make PIN based authentication available even when it appeared to be disabled Sure, you could theoretically be secure with WPS enabled as long as PIN based authentication was disabled, but why take the risk All WPS really does is allow you to connect to Wi Fi more easily. Sketchup 5 Crack Windows. If you create a passphrase you can easily remember, you should be able to connect just as fast. And this is only an issue the first time once youve connected a device once, you shouldnt have to do it again. WPS is awfully risky for a feature that offers such a small benefit. Image Credit Jeff Keyzer on Flickr.