Recently I had an opportunity to evaluate the latest incarnation of Actiontec’s MI424WR (GigE) router, a workhorse designed for use with FiOS service offered by Verizon and Frontier Communications. While navigating through the administration console of the router, I noticed that the security settings page now incorporates a long list of useful tips on crafting a strong Wi-Fi password. (WPA2 is also now the default security protocol, which is great, because WPA and WEP are flawed and easier to compromise). Here are the tips I found, which concur with the guidance I offer to clients:
User Guidance on Password Selection
Your wireless network security depends on having a good password. A good password contains Sixteen (16) or more letters or numbers, with each letter or digit chosen at random. This initial password shipped with your router is an example of a good password. The initial password is printed on the serial number sticker under the router. The Letters in the password are case sensitive and the initial password provided on your router is in Upper Case
If you wish to change your wireless password, try to pick a password similar to your router’s initial password. You must include at least one letter and at least one number in your password. It is recommended that the password should be at least sixteen letters and numbers, with no spaces or special symbols. However, you can shorten the password at your own risk. At a minimum there has to be 8 characters and a maximum of 63 can be used.Here are some suggestions to help you choose the safe password:
- The password should be 8 to 63 ASCII characters long, and it is highly recommended to use 16 or more.
- Characters that are upper case. ASCII is categorized as Alpha and Numeric characters.
- DO choose each letter or digit at random. Try one-finger typing with your eyes closed.
- DO use a longer password, and write it down somewhere safe. A short password is easier to remember, but also much easier for attackers to guess. It is OK to let your PC save your wireless password so you don’t have to remember it.
- DO NOT use anything directly related to you, such as your street address, phone number or car license plate.
- DO NOT use the name of any person or place in your password. The attackers know all the common names.
- DO NOT use any word from the dictionary. The attackers have dictionaries, too.
- DO NOT use a phrase or sentence. Once an attacker learns any portion of the phrase or sentence, the rest is easily guessed.
This is great advice. I often find when asking for the Wi-Fi password at a particular location that it is just a couple of words, the telephone number of the establishment, or the address (spelled out).
A secure password should not include any personally identifiable information. Birthdates, license plates, phone numbers, addresses, Social Security numbers, and other sensitive data should never be used in any password, ever. Length is good. Random characters are good. Mixed-case letters are good. Punctuation, if allowed, is great. Here is an example of a weak, bad Wi-Fi password:
555-567-8095
The following, courtesy of the Strong Password Generator, would be a strong Wi-Fi password:
Ay#{$.}n7 s$Q~sM*;.}73*CSIt’s easier to remember as ALPHA yankee # { $ . } november 7 [space] sierra $ QUEBEC ~ sierra MIKE * ; . } 7 3 * CHARLIE SIERRA
Do yourself, your family, and your business (if you have one) a favor and set a strong Wi-Fi password, using the WPA2 protocol. You’ll be glad you did.