undefined | Better HN

0 pointsstinos12y ago0 comments

wondered this as well. I've heard numerous time that there are super simple programs out there that give you the password within minutes. No idea if there is any truth in it though.

0 comments

2 comments · 2 top-level

Yoshi-12y ago

For WEP this is true, for WPA/WPA2 without WPS it is much harder. WPA2 uses PBKDF2 with 4096 iterations of HMAC-SHA1, this is a rather slow algorithm.

On (http://hashcat.net/oclhashcat-plus/) you can find some values on how slow it is. The same computer can crack 7 billion md5 hash per seconds, but it can barely do 181 thousand WPA2 password per second.

At this speed you would need more than 200 days just to crack a 7 letter password only using a-zA-Z0-9. And more than 38 years to crack an 8 letter password. If your password is a word or derivation of a word, you can obviously get it much faster with a dictionary attack.

ladzoppelin12y ago

The WPS flaw has been patched in a bunch of routers however the program Reaver was able to exploit it rather quickly.

j / k navigate · click thread line to collapse