In your home, chances are that you have a wireless WiFi router for your network. This router lets you connect things like your laptop and your iPad/iPhone/iPod to the network through WiFi.

Many people leave their WiFi routers completely open with no security. This is a problem for two reasons:

1. Anyone who wants to can connect to your network and use your bandwidth. If they download something illegal (music files, child porn, etc.), it gets traced back to you rather than them.
2. Given the right equipment, they can snoop on your network traffic and see all the data moving on your network.

Because of these two problems, people turn on encryption to secure their routers. WEP was the first encryption standard, but it has problems that make it not so secure. WPA is the second encryption standard and solved most of the problems with WEP. Therefore, people who are conscious of security and use it on their routers almost exclusively use WPA.

The only problem is that the WPA flavor used in home routers has a weakness. WPA uses a password. When a device connects to the WPA-secured router, an encrypted form of this password is transmitted and can be snagged put of the air by someone who is listening in.

Snagging the encrypted password isn’t the problem, because the encryption protects the password. The weakness comes in the password you choose. If you choose a simple password, a person who snags the password can run what’s called a dictionary attack on the encrypted password to discover the unencrypted password.

In simple terms, a dictionary attack takes a list of words (the dictionary), encrypts all of them, and then compares the encrypted versions to the snagged encrypted password. If there is a match, then the attacker knows the password. It is time consuming, but easy to do.

This kind of cracking is common enough that there are services that will do the dictionary comparisons for you at high speed. Here is a typical service:

WPA Cracker

WPA Cracker is a cloud cracking service for penetration testers and network auditors who need to check the security of WPA-PSK protected wireless networks.

WPA-PSK networks are vulnerable to dictionary attacks, but running a respectable-sized dictionary over a WPA network handshake can take days or weeks. WPA Cracker gives you access to a 400CPU cluster that will run your network capture against a 135 million word dictionary created specifically for WPA passwords. While this job would take over 5 days on a contemporary dual-core PC, on our cluster it takes an average of 20 minutes, for only $17.

What kind of stuff is in the dictionary? Typically the dictionary will include every word in the English language, all common first names and last names, all business names and acronyms, etc., and then many permutations of upper case and lower case letters, words with numbers prepended and postpended, words using LEET characters, etc.

In other words, if you use any “common password”, your password is crackable. To make it uncrackable, you need to use a long password that contains random letters, digits and (if allowed) punctuation. This has two benefits:
1) Your password will not be in any dictionary, and
2) If someone tries a brute force approach (using every possible combination of characters), you have maximized the amount of time it takes for the brute force approach to find your password, to the point where your password is practically uncrackable. By using upper and lower case characters, digits and punctuation, every character position has something like 76 different possibilities. If your password is 30 characters long, you have 76^30 possibilities = 2.56E56. That’s a lot of combination to try.

The only problem with random strings of characters is that they are impossible to remember. This article offers an alternative:

Help users create complex passwords that are easy to remember

So how can you make sure users’ passwords are complicated enough to deter hackers and easier enough to remember? One of my colleagues offers the following trick for creating complex passwords that meet complexity requirements while still being possible to remember.

Using that some kind of approach like that with two or three words concatenated together would create a long enough password to avoid cracking. See also:

If you care, here are details on snagging an encrypted password:

PS – this also tells you that any traffic that you send over a WiFi network at Starbucks or McDonald’s is visible to anyone who wants to see it. Therefore you should not look at sensitive stuff in these locations.