"Wardrivers Can Still Easily Crack 70% of Wi-Fi Passwords"

Ido Hoorvitch, a security researcher at the identity and access management provider CyberArk discovered that he could recover network passwords for over 70 percent of the networks he scanned just by using information gathered as he biked, walked, or drove along the streets of Tel Aviv, Israel. He used a wireless scanner made up of a $50 network card connected to a laptop running Ubuntu, in addition to the Hcxdumptool tool available on GitHub, to collect Wi-Fi Protected Access (WPA) packets from nearby networks. Of the 5,000 networks from which the researcher collected information, 44 percent had a cellphone number as a password. Another 18 percent were discovered to be on the common password list called "RockYou.txt." The rest of the passwords were other simple combinations of numbers and letters. In total, the study found passwords for 3,633 of the 5,000 targeted networks. Using a strong, complex password for a wireless network is said to protect against the attack. Although 18 percent of the passwords were found through the use of the popular password list RockYou.txt, nearly 50 percent of the passwords used only numbers, most of which are users' cellphone numbers, thus providing little security. While multi-factor authentication (MFA) is often cited as a solution to password security issues and would bolster wireless network security, it is difficult to implement on consumer Wi-Fi networks. This article continues to discuss the cracking of 70 percent of neighborhood Wi-Fi passwords in a study conducted by CyberArk and why wireless networks continue to be a weak point for many consumers and enterprises.

Dark Reading reports "Wardrivers Can Still Easily Crack 70% of Wi-Fi Passwords"