Wireless authentication may cut network insecurity
1 min read
With wireless users now more aware of security but many networks still insecure, according to new research, SecurEnvoy is advising that easy-to-use authentication may be a low-cost solution to the problem.
Steve Watts, co-founder of the tokenless two-factor authentication specialist, believes that what is interesting about the Wi-Fi Alliance's new research is that 97% of respondents believe their data on wireless devices and networks is safe and secure.
"In fact, as recent developments in the field of password recovery software from the likes of Elcomsoft have shown, even a WPA2 password is crackable," he warns.
"Using the professional version of Elcomsoft's Wireless Security Auditor software, for example, allows `password recovery' to take place on a computer with up to 32 CPUs and eight GPUs to crack WiFi encryption, using a brute force attack," he explains.
"Review tests of Elcomsoft's WSA software have shown the application can brute force crack as many as 103,000 WPA2 passwords per second – that's more than six million a minute – on an HD5390 graphics card-equipped PC," continues Watts. "So you don't need to be a maths genius to work out the repercussions for a supposedly strong eight-character WPA2 wireless passphrase."
Watts insists that using longer WPA2 passwords on WiFi networks is now "an absolute must" for any company that takes its network security seriously. Other options, including two-factor authentication, should also be moved "from the nice-to-have into the must-have security category".
And he warns: "The irony of the fact that many wireless users will be using a smartphone to access the Internet and/or company resources across a WiFi connection is also something that should not go unnoticed – as users can also use their smartphone as an authentication device for the same session."
This, he explains, avoids the need to carry easily-mislaid hardware authentication devices, while simultaneously giving users a far higher degree of security than is available using wireless passwords and user IDs/passwords on their own.
"The Wi-Fi Alliance's research confirms a lot about wireless user behaviour that security experts have known for some time," insists Watts. "But the fact that wireless access point users are getting sloppy with their password length makes a clear case for easy-to-use authentication.
"And if that authentication is tokenless, that makes the logon process a lot easier for the user – meaning that, even if the underlying wireless connection is not entirely secure, the use of authentication and encrypted VPN technology can make the data transmissions far more secure."
