NewsFleet
  • Finance
  • Reviews
  • Buying Guides
  • Finance
  • Tech
  • Sports
  • Games
  • Security
  • Reviews
  • About us
  • Our Writers
  • Contact Us
SUBSCRIBE
  • Finance
  • Tech
  • Sports
  • Games
  • Security
  • Reviews
  • About us
  • Our Writers
  • Contact Us
No Result
View All Result
NewsFleet
No Result
View All Result
Home Security

How safe is it to use Wifi Protected Setup?

by Jonathan Burton
December 22, 2019
in Security
0
wifi wps
Share on FacebookShare on Twitter

WPS. Three acronyms meaning Wifi Protected Setup. Three acronyms that we find next to a small button present in most routers available on the market.

But what exactly is WPS, how is it activated and what can we use it for? Is this an option that strengthens the security of the Wifi network, as its name seems to indicate? Not exactly. In fact, it is a standard that seeks to facilitate the creation of local area wireless networks, better known as WLANs. In other words, it consists of a series of mechanisms to create an internal network, at home or in the office, in a simple and secure way. At least, that’s how it was at first.

The origin of the standard wifi protected setup

The definition of the standard Wifi Proteced Setup goes back to the old age of the internet. I mean, more than 10 years ago. When broadband became commonplace in much of the connected homes. But the fiber optic thing with hundreds of Mbps sounded to us in the distant future. In 2007, the Wi-Fi Alliance, an organization of companies that promote this wireless technology and certify its products, put the WPS standard on the table.

“The Wifi Protected Setup standard allows the average user who has little understanding of the details of the Wifi settings and security settings to automatically set up new wireless networks, add new devices and activate security,” the organization said. The main target at the time was companies. It was intended that anyone in the office could add devices to the local network and could modify the security processes without always having to resort to the support of the technical staff.

Until then, users had to manually create the wireless network name (SSID) and manually enter the security key on each access point to prevent unwanted access. With WPS, SSID, encryption, and authentication protocols are automatically configured. In other words, the WPS standard is not a security system in itself, but defines the mechanisms by which different devices on a network obtain the necessary credentials.

What the WPS are for (and what its drawbacks are)

The main advantage of the WPS function of routers is the simplification of things. This standard gives us a secure way to connect to a local Wi-Fi network without having to type the typical wireless network password of up to 63 characters. Here are its other advantages:

  • Automatic configuration of the network name and security key.
  • Establishing random keys to strengthen security.
  • Network information and credentials are securely exchanged using The Extensible Authentication Protocol (EAP).

However, all these facilities and safety are accompanied by a great disadvantage. One that has been known since 2011 thanks to the work of Stefan Viehbsck. The WPS standard drags a type of vulnerability. That is, there is a way to bypass the protection barriers, guess the PIN and access the home network. To fix this, there are other ways to use this standard (which we’ll explain later) without compromising the security of our network.

And it is that Stefan Viehbsck’s vulnerability affects only the automatic WPS system. The one that activates pressing the WPS button on the router and using the WPS connection on the device to connect, using a PIN instead of the full password. The problem is given because the router, when the PIN is entered, indicates whether the first or second half of the key is correct. Thus, by means of a brute force attack, that is, by testing one PIN after another randomly, you can discover the key.

How to connect to wifi with wps

As we just saw, the vulnerability affects automatic systems that work by means of a PIN that must be entered manually on the device. But, actually, there are three other ways to use the WPS standard to connect to the local Wi-Fi network. The two main ones are PIN and PBC. In the first, as we’ve seen, there has to be a PIN assigned to each item that’s going to connect to the network. And it’s not safe. So you’d better not use it.

The second, Push button configuration or PBC, is the most recommended. To use it, if we are on a computer, when trying to access the network will tell us something like “You can also connect by pressing the button on the router”. At that point we press the WPS button on the router (it will have a logo similar to the one in the image below) for a couple of seconds; and the automatic credential exchange will begin.

If we’re on a smartphone, things change a little bit. THE WPS connection only works with Android 8.0 or lower mobile devices. In more modern models it no longer works (it was removed due to its vulnerability). Otherwise, the process works in a similar way to that of the computer. Press the router button and access, in the smartphone settings, Wifi > Settings > Advanced > WPS pushbutton.

In addition to the PIN and PBC methods there are two others, although they do not yet have certification. NFC (in which credentials are shared using RFID or radio frequency identification connectivity) and USB (credentials are transferred by memory).

ShareTweetShare
Jonathan Burton

Jonathan Burton

Jonathan is our security expert covering the latest events in security as well as the current events and guides to keep you up to date in cybersecurity. He has a proven journalistic experience with talent to create content that really matters. Bring to the table your knowledge about events that occur worldwide.

Email: [email protected]
551 Rodney Street, Pevely MO, 63070
836-485-4320

Related Posts

malware makes ATMs spit money out
Security

The ‘malware’ that makes ATMs spit money out

January 11, 2020
how to find Android is stolen or misplaced
Security

What to do if your Android is stolen or misplaced? Look at this solution

January 5, 2020
Android phone secure
Security

Is your Android phone secure?

March 29, 2019
About Anti Spyware
Security

The secrets about Anti Spyware that has never been revealed

December 28, 2018
Next Post
best huawei phones

The best Huawei phones of the moment: What is the best Huawei?

Recent Posts

  • How to find out if the Internet is working properly on your Xiaomi phone with the MIUI
  • How to detect fraudulent applications on Android
  • Greedfall’s parents announce Steelrising, a game about automatons and the French Revolution
  • How to move all your photos from Google Photos to Microsoft OneDrive or Flickr
  • Alternatives to Google applications that don’t need the Google Services

Recent Comments

    • About Us
    • Advertise
    • Privacy & Policy
    • Cookies Policy
    • Contact Us

    NEWSFLEET, 1692 Grant View Drive, OSCEOLA Missouri, 64776
    © 2011 NewsFleet – All Rights Reserved.

    No Result
    View All Result
    • Home
    • Finance
    • Tech
    • Sports
    • Games
    • Security
    • Reviews
    • About us
    • Our Writers
    • Contact Us

    © 2011 NewsFleet - All Rights Reserved.

    This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.