Discussion in 'Tomato Firmware' started by Kiwi8, May 20, 2009.
How often do u change your WPA or WPA2 passwords?
Once a quarter i guess. When i flash a new version and don't really want to copy/paste my previous one as it's near the same since 3 months.
Not needed when you use WPA2 AES and a 63 random printable ASCII characters from here https://www.grc.com/passwords.htm
So that means roughly 4 times a year?
If it's strong, never, unless I have reason to believe it's leaked from someone I gave it to, to those I might not know or trust.
I think you're asking the wrong question. Your real question is: What threats against your wireless network are you worried about?
If one of your wireless machines is a laptop, and there is a possibility that it's been compromised by a bot, then it doesn't matter how often you change your password. Everytime you tell it about your updated password, it'll tell its master.
Are you worried about someone sitting in your driveway listening to your packets and trying to crack your password?
Do you think that one of your friends, to whom you've told your password, is going to tell someone else who is going to tell someone else, who's going to post your address and password on some blackhat web site?
Do you think that if your network is cracked, that the bad guys are going to snoop around? Or do they just want free wifi?
How much of your time (entering the password on a Wii is a pain in the butt!) are you willing to spend to mitigate a vague threat?
All said, I change the password about once a year.
Never, I got WPA2 AES, 63 random characters (3xx something bit strong, can't remember exact number. Used http://keepass.info/news/n090314_2.07_beta.html to randomize and check strength) and a mac filter. Why would you change it? Some people are just paranoid :tongue:
Sort of, but i'm sharing with some neighboors. :wink:
Never, unless I feel that it has been compromised. As long as you are using WPA/WPA2 with AES encryption and a strong password using numbers, letters, & special characters, it will NEVER get hacked from the outside. The only method that I know of someone hacking into WPA was through TKIP encryption and dictionary attack. So, if you have a strong password and it's not in the dictionary file they are using, it will never get hacked from the outside.
Thanks for your responses.
If you are sharing with neighbors i would recommend a couple of things. First and foremost segment off your network so a compromised machine on theirs does not directly affect you. But know that unless you run a 3 router network, your neighbor getting compromised could allow someone to compromise your upstream DNS setting thereby watching everything you do. Can also use a strong key and input it for them not giving it to them so they never know, but that still does not fix the "if your neighbors machine gets compromised" issue.
One slightly off-topic question.... Does anyone know a way to completely segregate one particular wireless client (Static-DHCP so could be via MAC or IP) so they can only see the internet, not anything on the LAN?
I know one can set AP Isolation in the wireless settings, but am told that only segregates wireless clients from each other, they can still see wired clients....
Outside of getting really creative with access rules i do not see how you are going to accomplish this.