HOWTO : Protect from being attacked by PMKID attack
On Aug 04, 2018, the developer of hashcat discovers a new way to attack WPA/WPA2 Wifi, namely PMKID attacks, when he is going to find a new way to attack new WPA3. This attack requires no Wifi user attached to the Wifi router and no need 4-way handshake. Meanwhile, almost all modern Wifi routers are vulnerable to this attack.
I conducted a quick test on my living area recently and found all Wifi routers (including mine) are vulnerable to this attack. If working with hashcat and/or good dictionaries properly, the WPA PSK (pre-Shared Key) password can be obtained without any problem.
Comes to the conclusion, WPA2 is no longer safe!
However, we can protect our Wifi by following methods :
(1) Make the WPA PSK password as complex and as long as possible (mine is 26 characters long);
(2) Make sure the WPA PSK password cannot be found in the available dictionaries (such as rockyou);
(3) Make sure your Wifi router can prevent ARP spoofing (Address Resolution Protocol) or apply MAC address filtering when possible;
(4) If possible, change your WPA PSK password at least once a month; and
(5) Keep your Wifi signal as weak as possible. Yes, makes it as weak as possible.
Reference
[1] New attack on WPA/WPA2 using PMKID
[2] Youtube PMKID attack Demo
That's all! See you.
I conducted a quick test on my living area recently and found all Wifi routers (including mine) are vulnerable to this attack. If working with hashcat and/or good dictionaries properly, the WPA PSK (pre-Shared Key) password can be obtained without any problem.
Comes to the conclusion, WPA2 is no longer safe!
However, we can protect our Wifi by following methods :
(1) Make the WPA PSK password as complex and as long as possible (mine is 26 characters long);
(2) Make sure the WPA PSK password cannot be found in the available dictionaries (such as rockyou);
(3) Make sure your Wifi router can prevent ARP spoofing (Address Resolution Protocol) or apply MAC address filtering when possible;
(4) If possible, change your WPA PSK password at least once a month; and
(5) Keep your Wifi signal as weak as possible. Yes, makes it as weak as possible.
Reference
[1] New attack on WPA/WPA2 using PMKID
[2] Youtube PMKID attack Demo
That's all! See you.