Pin Me

Easy Hack - Why WEP Is a Bad Idea for Your Network

written by: Regina Woodard•edited by: M.S. Smith•updated: 6/28/2011

If you've been on the Internet for a while, you have heard about the differences between WEP and WPA and why the latter is better for network security. But why? What's the big deal?Just how easy is it to hack a wired equivalent privacy password?

  • slide 1 of 5

    Network Secured

    In this day and age, everyone knows (or should know) that protecting your information is important, especially now that so much of it is online and easily accessible. Users know to chose hard-to-crack passwords and to use different ones for each site that they are on; but while this is an important aspect of computer security, not everyone does it. It can be hard to remember several different passwords for the many websites that we're signed up for.

    This can easily carry over to that of your computer network too. Many users might not secure their home or even business networks or will chose the less secured method of protecting that network. WEP encruption has been pretty much dismissed as being the weakest of network security standards, but why? Why should computer users avoid this for their networks? And what was that about hackers?

  • slide 2 of 5

    A Little Bit About WEP

    What is WEP exactly? WEP stands for wired equivalent privacy and it is a security protocol for wireless internet networks. WEP cameEasy Hack - Why WEP Is a Bad Idea for Your Network  about due to the fact that wireless networks aren't as secure as that of local networks (those that are connected directly to the modem, hub, or switch) because they use radio waves.

    Because of this flaw, WEP came about in order to address this and thus, try to keep user information between that of the user and whatever site they are transmitting to. There are two ways that WEP authorizes users - the open system and that of the shared key. The open system is exactly as it sounds - a client can easily connect to the access point with this set up, where the WEP key is actually used to protect data frames.

    The one that people are most familiar with is that of the shared key. This is where the network administrator sets up a password and then gives it to the appropriate people to use. When a client's computer finds the Wi-Fi connection, they enter in this password in order to get connected. This helps the authorization process and allows a user on the network as they have entered the correct password.

  • slide 3 of 5

    Why WEP Is Hackerific

    So if the shared key is just kept between people who need be on the network, why is WEP so bad? As long as you don't share the password, your network should be fine, right? Not exactly. Frankly, with patience and dilligence, it's very easy to hack wired equivalent privacy protocols.

    When first introduced, WEP was the standard in terms of wireless protocols, but there was a slight problem. The problem was the initialization vectors, or IVs. These are three byte numbers that are generated from the computer at random. IVs are based on a 24 key algorithm, which isn't long enough to ensure that the numbers generated won't be repeated, which allows for some of these strings to show up again and again.

    If a person gathers enough of these IVs, they would able to decipher the shared key, meaning they would be able to get on the computer network.

    And the availability of different types of programs that can help users crack the WEP allows for those who aren't hackers or thieves onto the networks of their neighbors or passerbys.

  • slide 4 of 5

    What Should I Use Then?

    While the above isn't exactly the best news for your networks, there are ways to make sure that you password isn't cracked and your network isn't hacked.

    If you haven't already, switch to the WPA or WPA2 encryption for your network. WPA stands for WiFi Protected Access and considered a lot more secure than that of WEP due to the way that the elements use new keys for each data packet sent, as well as checking the integrity of packets; if they don't look right to WPA, they get dropped.

    • Always chose a password that is easy to remember, but hard to crack. Never use your birthday, your address, your name or the names of your family, etc. While it may seem like a hassle to remember something that just adds to knowing more paswords, try to utilize the capitol/number combination. For instance, if your favorite movie is Star Wars, a good password would be $t@rWaRz or d@rk$1D3.
    • Never share your password with anyone you don't want on your network.
    • Always be careful about what you share online, as well as what you do when in public locations. It's always a good idea to not check your bank account or fill out anything that would require your SSN while sitting in a coffee shop or library