Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

WiFi flaw of the most human kind

Our close associate Robert Moskowitz has just released a paper describing a substantial weakness in the new WiFi Protected Access (WPA) interface. As it turns out WPA can fall prey to prying eyes as easily as the now greatly dismissed WEP standard. But this time around, it's not a problem with the algorithm or the key exchange methodology. It all comes down to the password chosen. If you pick a short or predictable passphrase, an attacker could easily conduct a dictionary attack after sniffing key exchanges. Bob's short paper is a heady read but it points out clearly the need to consider the human as well as the machine in constructing a security mechanism.