Wireless for your small to large business – What you should know about WPA2

wifi, hacking Cracking, WPA, WPA2, Radius, NPS

There are several methods to crack even the most audacious WPA/WPA2 wireless passwords. So what do we do now? Well it is time for you and your IT team to look at 2 method authentication. What does that mean? You integrate with Active Directory/LDAP/NPS (depending on your server operating system) to authenticate only machines wifi, hacking Cracking, WPA, WPA2, Radius, NPSin your domain (you could choose to authenticate users in the domain, but then password sharing/stealing defeats the security). What this does for you is it keeps you from having to tell the people the key code and allows you to embed it into a group policy on the domain. Secondly, only computers that you’ve added to your domain intentionally will be able to authenticate to the wireless, helping to prevent mac spoofing and other malicious attempts to access your network. Sure, you can create a separate guest wireless for those BYOD folks (Bring Your Own Device) but it keeps your base network segregated and protected.

Let’s take a look at a quick YouTube video that shows in about 8 and a half minutes how to capture a WPA/WPA2 password using software freely available on the Internet. Use the scroll bars below to see the entire page

I’d also like to take the time to point you over to a couple of other methods that have had success in cracking WPA/WPA2 passwords in very short time. Check out this tutorial. Use the scroll bars below to see the entire page.

Another tutorial using yet a third method can be found here, using nothing more than a windows computer and free software. Use the scroll bars below to see the entire page.

So now let’s take a look at what is needed to implement 2 part authentication (also known as Radius authentication and NPS security in Windows 2008 server and newer). Below are two documents, the first written by a third party that includes screenshots and walks you through what would work for most small and medium environments, the second is directly from Micrsoft themselves. Use the scroll bars below to see the entire page.

One last point to make about this topic. Information technology is constantly evolving and your company may spend 10’s of thousands of dollars this year on IT related work. Then next year, or the year after, you might be spending the money on re-engineering your current solution to stay current with the threat level to protect your environment and data. If you don’t look at IT in this manner, you are setting yourself, and your data, up for a disaster down the road.

Skip to toolbar