The former is, incidentally, also much easier for a computer to guess. People do this because they want to be able to easily connect new devices to their network, and typing in "steve1995!" is much easier than typing "ffRNooA23$dQcM!4fyU". The question in most cases is going to be: how resistent is your password to cracking? The fact of the matter is, most people choose crappy passwords to secure their shit, as is evident from the top 10 used password list, which consisted of mostly the same passwords for the past 20 years now (yes, people still use "123456789" as a password). Basically, anyone with an internet connection and basic understanding of computers can learn how to perform most of those attacks. You can capture handshakes (requires having clients on the network), passively capture PMKIDs (only requires the network to periodically advertise those, no clients required), or you can attack the protocol itself (for example: the KRACK vulnerability). There are tons of tutorials out there detailing multiple avenues of attack.
0 Comments
Leave a Reply. |