Time to change that default WiFi password

Chat area for all to enjoy a bit of friendly banter, share gossip or other chit-chat.

Re: Time to change that default WiFi password

Postby Fogdude » Sun Oct 02, 2016 10:52 am

Yes, the Evil Twin is a tough one. I wouldn't fall for the password phish, but if the Evil Twin gets in...

That's why I use hard wired access at home. I even have guests who bring their computers use a hard wire, rather than wireless. Phones & tablets are the only exceptions, which do leave the opening.
Image
User avatar
Fogdude
Yosemite Sam
Posts: 1751
Topics: 23
Resources: 57
Joined: January 12, 2016
Occupation: Retired IT guy. I was the guy under the desk, looking up...
Location: Texas
Thanks: 436
Thanked: 89 times in 28 posts

Re: Time to change that default WiFi password

Postby Pip » Wed Oct 05, 2016 12:25 pm

Hard wired with wireless turned off is the obvious safest route Foggy but, in the real world there's more and more wireless devices that people are using. Mobile phones, apps on mobile phone to connect to devices in home while you are away etc.

Wireless connectivity is what people expect now most aren't aware of how vulnerable that "ease of use" can leave them - until something happens. :Unpleased Then they blame anyone but themselves. Hey-Ho that's the world today, it's always someone else's fault. "Where there's blame there's a claim". So sad a reflection on society.

Anyhow, I couldn't get back to this thread earlier as promised as the old congestion issues kicked in over the weekend and when I could I was limited due to other commitments I have.

I've to nip out for about 4 hrs then I have a little project to do for our Little Owlet and then I will finally post what I promised. Althogh with you it's like teaching your grandmother to suck eggs! :LOL
Sad Lexa Doig Fan and PROUD of it!

If you like my covers, please leave a comment.

Awards Showing Recent Awards for PipView Showcase


User avatar
Pip
Administrator
Awards: 2
Posts: 4316
Topics: 583
CoverArt: 561
Resources: 681
Joined: March 17, 2015
Location: Cadoxton, Vale of Glamorgan, South Wales, UK.
Thanks: 78
Thanked: 2938 times in 1075 posts

Re: Time to change that default WiFi password

Postby Fogdude » Wed Oct 05, 2016 12:52 pm

Hey, I'm always up for a refresher course.! ;)
Image
User avatar
Fogdude
Yosemite Sam
Posts: 1751
Topics: 23
Resources: 57
Joined: January 12, 2016
Occupation: Retired IT guy. I was the guy under the desk, looking up...
Location: Texas
Thanks: 436
Thanked: 89 times in 28 posts

Re: Time to change that default WiFi password

Postby Pip » Thu Oct 27, 2016 4:47 pm

Being busy with other things ATT I never got around to finishing this thread but here we go.

First I'll show you this standard crack time with default passwords from a site that offers to do it for you (at a small cost) as long as you supply the handshake .cap file. For obvious reasons thae screenshot doesn't show which site.


Crack Time.png
Crack Time.png (17.93 KiB) Viewed 9023 times


As you can see the list is not exhaustive but should certainly open your eyes. The reason it is so quick not is not just new generation CPU's and GPU's but Hashcat (I mentioned earlier in the thread) has now been unified. At one time you either used Hashcat and your CPU or OCLHashcat and your GPU, with the new Hashcat you now can use use both at the same time and syncronised!

I won't go into any further detail on that as it's unnecessary, you already get the idea. So now how to secure your WiFi password.

Let's look at the standard for router passwords. By default most (not all) router producer ships with their standard format of either 8 lower case/uppercase/numeric or a combination of them. This is merely for ease of production.

The router though can have it's password changed with anything from 8-64 of the above plus special characters (punctuation,space,@ etc).

So, how do we make it harder for the cracker to get the password? Simple we just increase the time it would take. So, how do we do that?

First what you have to understand is that a hacker won't spend as much time trying to hack a residential connection as they would a business one, it's just not worth it. They would spend more time on the business/corporate one for different reasons.

A lot of so called "experts" say use a passphrase. I agree to an extent but even that can be cracked quicky using a mask dictionary attack in Hashcat (I'm not going into detail on that) but the cure is on the same lines. What you have to do is fool the dictionary attack which uses spaces as well as words.

Consider this passphrase, I love strawberries that's a password of 15 including spaces. Won't take long with a dictionary attack with a mask . So how can we change it to make it harder. How about 1 l0v3 5tr@wB3rr135 all of a sudden the dictionary attack won't work without rules to be applied to substitute numbers and special case for letters.

Now imagine a passphrase of 30+ using the above format (or any you choose which you can remember). Unless you succumb to social engineering they won't have the time nor inclination to target you any more. It's as simple as that.
Sad Lexa Doig Fan and PROUD of it!

If you like my covers, please leave a comment.

Awards Showing Recent Awards for PipView Showcase


User avatar
Pip
Administrator
Awards: 2
Posts: 4316
Topics: 583
CoverArt: 561
Resources: 681
Joined: March 17, 2015
Location: Cadoxton, Vale of Glamorgan, South Wales, UK.
Thanks: 78
Thanked: 2938 times in 1075 posts

Re: Time to change that default WiFi password

Postby chouette » Thu Oct 27, 2016 7:00 pm

That's a frigging long password to remember with all these combinations, lol
Image
User avatar
chouette
Buccaneer
Posts: 1818
Topics: 166
CoverArt: 11
Resources: 5
Joined: April 26, 2016
Location: Ontario, Canada
Thanks: 890
Thanked: 472 times in 167 posts

Re: Time to change that default WiFi password

Postby Pip » Thu Oct 27, 2016 7:20 pm

You don't need to use all those combinations. Just use a phrase and change whichever characters you wish as long as it is at least 2.
Sad Lexa Doig Fan and PROUD of it!

If you like my covers, please leave a comment.

Awards Showing Recent Awards for PipView Showcase


User avatar
Pip
Administrator
Awards: 2
Posts: 4316
Topics: 583
CoverArt: 561
Resources: 681
Joined: March 17, 2015
Location: Cadoxton, Vale of Glamorgan, South Wales, UK.
Thanks: 78
Thanked: 2938 times in 1075 posts

Re: Time to change that default WiFi password

Postby Pip » Sat Nov 26, 2016 8:11 am

UPDATE

As I said earlier I'm involved on the ethical side of things in a small way.

We are are presently testing a platform that currently (not at full speed) can make 1.700.000 guesses at any password per second!

That would mean that a standard 8 letter (same case) ISP router password would only take a maximum of
36 hrs to find.

Just saying. ;)


A ray of hope for you though, a passwrord made up of 10 letters including 1 capital letter and 1 number would at a rate of 10.000.000 guesses per second take 256 days to crack. Who's going to bother with poor old you at that rate?
Sad Lexa Doig Fan and PROUD of it!

If you like my covers, please leave a comment.

Awards Showing Recent Awards for PipView Showcase


User avatar
Pip
Administrator
Awards: 2
Posts: 4316
Topics: 583
CoverArt: 561
Resources: 681
Joined: March 17, 2015
Location: Cadoxton, Vale of Glamorgan, South Wales, UK.
Thanks: 78
Thanked: 2938 times in 1075 posts

Re: Time to change that default WiFi password

Postby chouette » Mon Nov 28, 2016 7:55 am

I'm thinking not many would bother, lol
Image
User avatar
chouette
Buccaneer
Posts: 1818
Topics: 166
CoverArt: 11
Resources: 5
Joined: April 26, 2016
Location: Ontario, Canada
Thanks: 890
Thanked: 472 times in 167 posts

Re: Time to change that default WiFi password

Postby Pip » Mon Jan 09, 2017 8:32 pm

Further to my last post, still not at full speed but with a few tweaks here's where we are so far.

This is taken after 5mins runtime.


CCAgent.png
CCAgent.png (5.72 KiB) Viewed 8884 times


That's just over 13 hours for an 8 letter same case password. =O =O =O

EDIT As it happens we got lucky with this one as it turned out to be within 25% of the total keyspace and was cracked in 3hrs 45mins.
Sad Lexa Doig Fan and PROUD of it!

If you like my covers, please leave a comment.

Awards Showing Recent Awards for PipView Showcase


User avatar
Pip
Administrator
Awards: 2
Posts: 4316
Topics: 583
CoverArt: 561
Resources: 681
Joined: March 17, 2015
Location: Cadoxton, Vale of Glamorgan, South Wales, UK.
Thanks: 78
Thanked: 2938 times in 1075 posts

Re: Time to change that default WiFi password

Postby Fogdude » Thu Jan 26, 2017 11:07 pm

Just rename your WiFi router to "FBI Surveillance". Nobody will be trying to get into it again. :LOL :LOL :LOL
Image
User avatar
Fogdude
Yosemite Sam
Posts: 1751
Topics: 23
Resources: 57
Joined: January 12, 2016
Occupation: Retired IT guy. I was the guy under the desk, looking up...
Location: Texas
Thanks: 436
Thanked: 89 times in 28 posts

Re: Time to change that default WiFi password

Postby Pip » Fri Jan 27, 2017 12:56 am

Fogdude wrote:Just rename your WiFi router to "FBI Surveillance". Nobody will be trying to get into it again. :LOL :LOL :LOL


Funnily enough I was working in an area of Norwich (UK) where there was an SSID of "Survailance Van". It didn't bother me though I was just working there. =O :LOL
Sad Lexa Doig Fan and PROUD of it!

If you like my covers, please leave a comment.

Awards Showing Recent Awards for PipView Showcase


User avatar
Pip
Administrator
Awards: 2
Posts: 4316
Topics: 583
CoverArt: 561
Resources: 681
Joined: March 17, 2015
Location: Cadoxton, Vale of Glamorgan, South Wales, UK.
Thanks: 78
Thanked: 2938 times in 1075 posts

Previous

Return to The Lounge







Similar topics

   Topic Title

   Views

   Replies

   Topic Author

   Forum Section

   Time Bandits (Scan of Criterion Collection cover, BD or 4K)    203    0    1165mac    Requests Covers/Labels
   Hey, first time here    1716    6    Kuma77    Introductions
   Been a long time    1470    6    Case    Introductions
   Cuture time ...Angelic voice, 12 year old    1481    3    changijail    Side Show Detour
   Smile time    1428    3    changijail    Side Show Detour

Who is online

Users browsing this forum: No registered users and 23 guests

cron