- Location
- Rainy side of Washington
there is a lot of really crummy or inaccurate info in this thread.
If you want to win this (and it isn't hard unless they decide to make an example of you) follow Jeff and Talyn's advice. They are correct here.
XJensen's got a good point too. Always use WPA or better encryption with a strong passphrase. I usually use WPA2-PSK but that's personal preference.
WPA and better can be broken but generally people don't bother, there are enough unencrypted and WEP encrypted networks out there to wardrive on that 99% of people using someone else's wifi will just not bother. The only ones who will bother to crack a WPA access point are either doing it for the challenge or are actually out to get you, whether by swiping info off your LAN, by snooping your web traffic, or by framing you in some sort of digital crime (like this one.) No one wastes hours cracking WPA just to use your connection to hide behind.
Some tips on making your WPA harder to crack -
* use a non-default SSID (most are set to something like "netgear", "default", "linksys", etc) - the SSID is used to somewhat randomize the way the encryption keys are generated, so using one you came up with yourself is a great way to make bruteforcing the keys much much harder. Use your imagination. I've seen "A Series of Tubes", home addresses, "FBI Monitoring Van #<randomnumber>", "3 dudes and a crazy girl", and a few others that I don't really remember.
* use a secure passphrase/key. Don't use "sex", "god", "penis", your name, common words, etc... anything memorable, long (harhar), and reasonably complex is fine. For the longest time I had mine set to "43 bowls of soup and a bicycle" because one of my roommates came up with it while drunk and it was pretty easy to remember.
* enable MAC address access control - more of a pain, you will have to log into the router's web control panel to add each new device to the access list, but it adds one more (fairly weak I'll admit) level of protection.
* disable SSID broadcast so people will have to either sniff your traffic or know the SSID in advance to even try to connect.
All that should take less than an hour even if you are terrible with computers, if you are decent with them it should take around 20 minutes if you have a few devices to update with the new SSID and passkey.
If you want to win this (and it isn't hard unless they decide to make an example of you) follow Jeff and Talyn's advice. They are correct here.
XJensen's got a good point too. Always use WPA or better encryption with a strong passphrase. I usually use WPA2-PSK but that's personal preference.
WPA and better can be broken but generally people don't bother, there are enough unencrypted and WEP encrypted networks out there to wardrive on that 99% of people using someone else's wifi will just not bother. The only ones who will bother to crack a WPA access point are either doing it for the challenge or are actually out to get you, whether by swiping info off your LAN, by snooping your web traffic, or by framing you in some sort of digital crime (like this one.) No one wastes hours cracking WPA just to use your connection to hide behind.
Some tips on making your WPA harder to crack -
* use a non-default SSID (most are set to something like "netgear", "default", "linksys", etc) - the SSID is used to somewhat randomize the way the encryption keys are generated, so using one you came up with yourself is a great way to make bruteforcing the keys much much harder. Use your imagination. I've seen "A Series of Tubes", home addresses, "FBI Monitoring Van #<randomnumber>", "3 dudes and a crazy girl", and a few others that I don't really remember.
* use a secure passphrase/key. Don't use "sex", "god", "penis", your name, common words, etc... anything memorable, long (harhar), and reasonably complex is fine. For the longest time I had mine set to "43 bowls of soup and a bicycle" because one of my roommates came up with it while drunk and it was pretty easy to remember.
* enable MAC address access control - more of a pain, you will have to log into the router's web control panel to add each new device to the access list, but it adds one more (fairly weak I'll admit) level of protection.
* disable SSID broadcast so people will have to either sniff your traffic or know the SSID in advance to even try to connect.
All that should take less than an hour even if you are terrible with computers, if you are decent with them it should take around 20 minutes if you have a few devices to update with the new SSID and passkey.