Ah ha! WPA is not the cure to the WEP security for Wi-Fi devices as once thought. As it turns out, it is actually quite easy to crack WPA with the proper know how and skills. So now what? Are we just up a creek then?

Not completely. There are still things that can be done. For instance, using your pet’s name is not a strong password. Consider using symbols, upper and lower case letters to keep things locked up tight. You might also consider stepping up to enterprise-based authentication if you are working with sensitive data.

We warned you: short WPA passphrases could be cracked–and now the software exists: The folks who wrote tinyPEAP, a firmware replacement for two Linksys router models that has on-board RADIUS authentication using 802.1X plus PEAP, released a WPA cracking tool.

As Robert Moskowitz noted on this site a year ago, a weakness in shorter and dictionary-word-based passphrases used with Wi-Fi Protected Access render those passphrases capable of being cracked. The WPA Cracker tool is somewhat primitive, requiring that you enter the appropriate data retrieved via a packet sniffer like Ethereal. Once entered, it runs the cracking algorithms.