I recently changed the wireless configuration around the house. One of the primary tasks that I wanted to accomplish was changing the security to WPA2 (Wi-Fi Protected Access 2). For those of you wondering how you might go about doing this, here is a slide show that provides a nice screenshot overview.
Windows Vista machines support WPA2 out of the box, but I was confused and concerned when two XP machines in the house could not connect to the network. One machine was able to see the network, but unable to connect, while the other could not even see the network.
As it turns out, XP machines need to have the following patch applied:
Once your machine is updated with that patch, you should be able to enable WPA2 along with AES. Most people are often unaware that WEP (the default security many people use) can be crack in minutes. With WPA2 and AES, you are afforded a much more secure network experience.Jul 6, 2007 at 09:00 AM in Security
As I posted here and here, security is more than using a simple password. More than anything though, having a simple short password is like going out of town for a week with your front door unlocked. You may end up not being robbed but it is simply luck and sheer statistical odds your house was not broken into. Of course the opposite is also true, even if you have the best lock in the world, someone could decide to drive a bulldozer through your wall. In other words, while any account you have is likely to be cracked by a determined hacker, why make it a 5 second job?
To that end, check out this article I found via the splendid Lifehacker: How I'd Crack Your Weak Passwords. Within it, you will find a great explanation regarding the cracking process and tips about password security. Among the gems you will see the following stats:Mar 27, 2007 at 11:29 PM in Security
I previously posted about the dangers of thinking portable applications and difficult passwords provide security when on vacation or using a machine that you do not completely control/ trust. The SnoopStick provides a $60 example of why you should not access anything from an uncontrolled machine and not expect that your keystrokes, screens and network traffic is being recorded. This is just one of many items that can record everything you do for as little as free.
Again, unless you are loading up your own operating system, using your own laptop, with a connection that is either encrypted or sufficiently secured, then you are not safe. All those portable applications and long passwords do is leave a longer string of information to record and pass on to the bad guys.
Password strength is definitely important. Obviously, if you use a dictionary based password like MyPassword, you are not going to get much protection. However, more and more people are starting to use strong passwords and take other measures such as running applications from a thumb drive. All of these seem to provide people with a sense of protection and in many cases they do. But how many times have you seen people on vacation in Internet cafe's or business centers, typing away to friends at home, checking accounts and whatever else? I have seen this often and it is reasonable to expect that there are times when you have to (or just want to) check in. But who owns the computer? Can they be trusted? Can others who have access to the computer be trusted?