Security flaw exposes WiFi networks

Read time 1min 10sec

Security flaw exposes WiFi networks

Design flaws in the WiFi Protected Setup (WPS) wireless standard can make it easier for attackers to obtain access codes for secured wireless networks by brute force, PCWorld reports.

The vulnerabilities identified by security researcher Stefan Viehbock affect a large number of WPS-enabled routers and wireless access points.

According to ZDNet, the WPS protocol is designed to allow unskilled home users to set up secure networks using WPA encryption without much hassle. Users are then able to type in a shortened PIN instead of a long pass-phrase when adding a new device to the secure network.

That method, however, also makes it much easier for hackers to break into a secure WiFi network, US Computer Emergency Readiness Team (US-CERT) says. The security threat could affect millions of consumers, since the WPS protocol is enabled on most WiFi routers sold today.

US-CERT said it was "currently unaware of a practical solution to this problem”, eWeek writes.

Instead, the advisory recommended disabling WPS and instead using WPA2 encryption with a strong password to secure the network. Wireless networks can also be set up to use MAC Address filtering to verify and allow only recognised devices onto the network.

See also