I have a dumb question to ask. When you transmit on a wireless connection is the data encrypted ? I know the access to the router or the wireless network is controlled by the wireless secutiry (WEP, WAP, etc) that is setup, but is the other transmission over the network secured by encription ? I was logging into my router from a Mac Book Pro and received a warning that the data will be sent unencrypted. is this router dependent ?
Solved! Solved! Go to Solution.
To my knowledge, when you setup security on a router its uses wireless encryption and authentication therefore the data should be encrypted over the network only devices with the correct key should be able to read the data. If you’re running an open network than that message is understandable, but if you have security setup on your router not sure why you got that message.
Wireless Encryption and Authentication
Wireless encryption and authentication is at the heart of wireless router security. This feature will scramble your data and only allow laptops with the correct key specified. Better the wireless encryption and authentication technology, the more difficult a hacker will find authenticating and unscrambling the encrypted data. When you assign your wireless router with a key and assign an encryption method, it will scramble the data and only a laptop with the same key can unscramble that data..
Check this link for more information on router security options,its a bit old but the information is good. http://www.internet-computer-security.com/Security%20Guides/WirelessGuide/A%20Guide%20to%20Wireless%...
Whenever anyone sets up a wireless router these days, there are two security issues that need to be taken care of. The first is the password for the router itself, which will prevent anyone from changing any of the settings without your knowledge. The second is the security for the wireless transmissions.
These days, without going to an enterprise type of security, the most secure for wireless transmission is WPA2 AES. In this case, both sides of the network, ie, the transmitter and receiver need both the network name and passphrase. The encryption for the transmission is a hashed result of both the name and passphrase, which results in encrypted transmissions in both directions. When you setup the individual 2.4 or 5 Ghz network, you should be using WPA2 AES and use random character network names and passphrases. Once the network is enabled for transmission and the same passphrase is entered into the mobile device, anything that is transmitted between the router and mobile device is encrypted.
One of the big problems in router security is the use of simple network names and passphrases. Something simple such as a passphrase like “Katie4ever” can take minutes to break, giving the hacker access to your router and the ability to use your bandwidth, for which you end up paying. While methods such as WPA2 AES are good, they are not infallible. The longer you make your network name and passphrase, with random characters, numbers and symbols, the harder it is to crack, hopefully to the point where the hacker will move onto a simpler target. The network name length is 32 characters while the passphrase length is 63 random ascii characters or 64 random hex characters. If you are in a position where all you have to do is enter the passphrase into a laptop for example, or you don’t mind keying in long passphrases on a device, use as many characters as possible. You can use the following site to generate random character strings for both the network name and passphrase and simply copy and paste and character strings. Refreshing the page will generate new character strings:
So, if you can accept the use of a network name such as:
And a passphrase such as
Your encrypted transmissions will be extremely difficult if not impossible to crack.
Just to note, whenever you are logging into any router to change settings, especially wireless settings, you should do that via wired connection. The last thing you want is to change a wireless setting and find yourself locked out of the wireless side of the router if something goes wrong. Of course that always happens at the most inauspicious moments. Fwiw.....
Thanks for the detailed replies. I do understand the rationale behind a strong password for both the router access and the access to the wireless connection. I think the warning that I received from my Mac relates to the lack of an encryption when you enter either the password to access the router or the passphrase to access the wireless connection.
To resolve the first issue, I agree with Datalink to use only a wired connection to access the router for making changes to the settings.
Once you identify an ecryption method (WAP, etc), the passphrase is encrypted before it is sent on the wireless network. Thanks for the link by RogersAsif on "Authentication and Encryption for wireless routers".
Your password has two factors which make it secure - the length of the password, and the number of different characters you use.
The length of password is under your control (there is probably a minimum-length password required, which is easy to satisfy). Longer passwords are much, much better. As shown before, you need to make your passwords long. You don't need to make them super-human complex.
The number of characters to use is set by whoever requires the password, and they get warm fuzzies by demanding mixtures of upper-case, lower-case, numbers, and special characters. Opening up the eligible character set is an excellent idea. Demanding really cryptic passwords is a really bad idea - people just write them down because they are not usable, and security is defeated.
In a perfect world:
While it feels really good to create a long password like
they are totally human-unfriendly. And that's why humans don't do it. And neither should you.
What is an example of an easy, strong, solid password?
That's 42 characters long, is unpredictable, cannot be broken by a dictionary attack. A brute force attack would need to make 70^42 attempts to break it. That's 3.1197348e+77, or bigger than 3 followed by 77 zeroes. If a hacker could do 1,000,000 password attempts per second, for the 13 billion years since the universe was formed, they still need 7.6097033e+53 (7 followed by 53 zeroes) as much more time. You'll be safe.
And use WPA2, with AES.