Router Passwords encryption (1 Viewer)

[ShiftZZ]

I am about to reset my router...

whci one of the following is the best settings?

WEP - Wired Equivalent Privacy, use WEP 64- or 128-bit data encryption
WPA-PSK [TKIP] - Wi-Fi Protected Access with Pre-Shared Key, use WPA-PSK standard encryption with TKIP encryption type
WPA2-PSK [AES] - Wi-Fi Protected Access version 2 with Pre-Shared Key, use WPA2-PSK standard encryption with the AES encryption type
WPA-PSK [TKIP] + WPA2-PSK [AES] - Allow clients using either WPA-PSK [TKIP] or WPA2-PSK [AES]


Or should I just go for WEP?

 

[pablomc]

I am no expert and this is info I have picked up over the years.

It depends on the devices you are connecting and whether they support WPA2-PSK. If they do that's what I would use as it offers the higher protection. If they don't then use WPA-PSK [TKIP] + WPA2-PSK [AES] to cover both. Personally I would avoid WEP unless you are prepared to change it on a very regular basis as it is easily cracked.

I would also set up an access list for devices that use your wi-fi connection, as an extra bit of security.

 

[callumwa]

I think WPA2-PSK is the best, (but i'm also no expert).

Then it depends if all your devices, some older ones may not be compatible with so you need need to use the older (less secure?) protocol...

^{_{Subscribers  do not see these advertisements}}

 

[JeanLuc]

I use WPA2-PSK. It is a more recent version of WPA and offers improved security. The fourth option in your list is a composite of both earlier and recent forms of WPA so that users of older systems can still access the router. Provided all your devices can use WPA2, go for that - your third option. Don't use WEP, it's old and can be cracked more easily.

Philip

 

[GJH]

I agree with Philip - he beat me to it.

 

[400ixl]

In order of which you should go for:

1. WPA2-PSK [AES]
2. WPA-PSK [TKIP] + WPA2-PSK [AES]
3. WPA-PSK [TKIP]

And if you absolutely have to (but can be hacked remotely in under 2 minutes)
WEP

MAC filtering (Access List) is not worth bothering with as MAC addresses can be spoofed very easily. Only bother if you are forced to use WEP.

^{_{Subscribers  do not see these advertisements}}

 

[Douglas]

As I understand it WEP is now superseded by WPA. WEP is an unencrypted password in which only part of the password is used with each packet transmitted. Given time if you have a simple data reading program you can watch the data slide up the screen and collect all of the password from the data.

Doug...

 

[G4GMO]

Agree wpa2 and if your router has it wireless access list, this limits access to permitted mac addresses. Although someone could clone a mac address it still adds another level of security.

You can also hide your ssid but i had troubles with that so I pretend it's hidden but i'm not about to explain how on a forum for obvious reasons.

 

[wivvy's dad]

Thanks guys - this nudged me into checking my setup - WPA2

:thumb:

^{_{Subscribers  do not see these advertisements}}

 

[G4GMO]

If you're really paranoid, get the router to log everything and send an email if something suspicious occurs. I'm paranoid. :Blush:

 

[400ixl]

And if you want a password as strong as they can get then look here.

https://www.grc.com/passwords.htm

Just don't try to remember it. Keep it somewhere safe like in an encrypted file on a USB key so that you can cut and paste it into any client PC's.

 

[pappajohn]

WPA2-PSK

some older wifi cards dont support this encryption though.

very secure method as the encryption code changes as data is sent and received.

^{_{Subscribers  do not see these advertisements}}