What's the difference between WPA and WPA2? Is WPA safe enough?

What's the difference between WPA and WPA2? Is WPA safe enough?

Attached: 1514896338269.png (612x491, 22K)

lmgt4u

WPA2 is twice as good

Your home Wi-Fi is as good as compromised if any of the following is true:
>you haven't replaced your router's firmware with OpenWRT
>you're using antiquated standards like WPA instead of WPA2
>your Wi-Fi passphrase is under 20 characters or trivial to guess
>you don't have KRACK mitigation enabled

Both can be broken, WPA2 is harder.
Thing is, if someone gets your password hash, sooner or later they are going to crack it, unless you are a human being and change your password every month

The smell.

WPA4 is twice as good as WPA2.

>not using mac address filtering

No, WPA was replaced immediately after being cracked the first days of release.

Cant you simply discover people mac trough tcpdump? or is the mac also encrypted when going trough wpa/wpa2?
Well, then you could rely on people stupidity and set a man in the middle i guess?

Nope, Mac is not encrypted.

Then you easily change your own mac adress to match the allowed MACs.

Actually, even 11 chars are hard to bruteforce because the time on RX480 would be over a week. You are being paranoid with 20 characters. Tomato or DD-WRT are still good, tested Tomato with Metasploit just recently, despite being abandoned it still holds up. And you forgot
> you have WPS enabled

Password are easy to crack because people use words intead of combinations of bumbers+symbols+uppercase letter+lowercase letter.
A hybrid/dictionary atack can easily crack most passwords.

So, what it just sits there scrambling its AC address until a combination works?

>brute forcing a protected router

What do you do when the third try locks out your mac address and alerts the admin?

change the mac

Only if you do that then it won't connect in the first place. Mac + Pass is the best way to do it, if your router's firmware allows it.

>only one mac is allowed

Sure if you have like 100 people using a single wifi then you may be able to get in since there's 300 tries to be wrong, but you'd probably just get locked out for 24 hours by the admin when he stops all new connections during the attack and confirms current connections.

I do admit some luck would be necessary.
But then again there are ways to get the password without bruteforcing(who the fuck relies on bruteforcing nowadays)

That's the whole point. lol Also, getting someone's mac address is really simple. Getting the password take a little more social engineering sometimes. But, if someone is really that dedicated, in the first place, you have more problems than just keeping your wifi secure.

You don't brute-force the router, baka. WPA2-PSK handshakes contain a hash of the SSID and password. You can just intercept that and crack it offline.

Why would you use WPA2-PSK when MAC filtering is turned on and using policy passwords?

What the fuck is a "policy password"?

nobody cares enough to break into your wifi anyway.