Our new Indie Games subforum is now open for business in G&T. Go and check it out, you might land a code for a free game. If you're developing an indie game and want to post about it, follow these directions. If you don't, he'll break your legs! Hahaha! Seriously though.
Our rules have been updated and given their own forum. Go and look at them! They are nice, and there may be new ones that you didn't know about! Hooray for rules! Hooray for The System! Hooray for Conforming!
Is WPA-TKIP secure?
MKR
Registered User regular
Registered User regular
Posts
So yeah, your answer is basically "kinda". If you want max security, use WPA2 if your devices support it (some slightly older devices don't). Otherwise, you won't have max security, but it's better than WEP and waaaayyy better than nothing at all.
I can't use better than WPA-TKIP on this network without some serious rejiggering.
It's in the title.
Thanks.
edit: I am probably misreading something
You guys are way better than Google.
*Edit: Or I should say TKIP requires less processing overhead to implement in software than AES.
tl;dr
Don't bother with MAC address filtering. It is stupid easy to clone a MAC address, and thus only provides a false sense of increased security.
Steam Profile | Signature art by Alexandra 'Lexxy' Douglass
I know it's easy enough to circumvent and all, but at the very least it does make it slightly more annoying if someone wants to get in. It's just an extra layer on top of things, which makes it slightly more difficult to piggyback on the network (like hiding your SSID, which is similarly easy to bypass as best I recall). Your average person will just go with the connection that it's easiest to get into, at any rate. If they're really lucky, someone left their router unsecured. If they're fairly lucky, someone just secured their stuff with WEP and didn't put anything else they need to deal with on it, and they have the tool to deal with this. If they have a couple more hoops to jump through with someone's connection, they might just not bother and move onto someone else nearby, that's my theory. But I suppose once you get to the point that you're actually using WPA/WPA2, you're not really a prime target, anyway, because plenty of people are less secure than that.
That's like saying, "You might as well put a few twigs in front of your dead-bolted door for an added hoop". At best it's worthless, at worst it's an annoyance to the rightful owner. If someone has the two braincells it takes to get a WEP cracking tool or network sniffer, getting past the MAC filter is less than trivial. The ONLY person that it would stop is the guy who's only going to connect to the completely unprotected network, whom we've already eliminated by using WPA.
Additionally, having your access point hide its SSID is one of the worst pieces of "advice" that's been perpetuated through the years. It does nothing positive, only increasing the potential for new problems and decreasing security.
@MKR
If WPA-TKIP is as high as your network (and all included client devices) can handle, then that's all you can do now. It's not the most secure, but it's better than WEP or nothing. Don't screw about with MAC filtering, SSID hiding, or any of that.
The likelihood of an attacker targeting your network is low, though still a possibility even for a "regular" person like you; some people get their kicks from just snooping around private networks, so don't become complacent. I would also suggest that you consider security capabilities as a factor when you upgrade any of your devices, and try to bring your network up to date over time. There's really nothing else to be said on the situation.
Using the AES+TKIP is basically backwards compatibility mode; it will try to do WPA2 AES, and fall back to WPA TKIP. It isn't always obvious what ends up being used depending on the hardware involved. Just something to keep in mind that your network may not be as secure as you think.
Done
Thanks. :rotate: