Actually I always uses a sha1sum of a random file that I have and I make sure I have that file on all my computers... should be random and long enough?
2007/3/30, Damon McMahon <[EMAIL PROTECTED]>:
> From: "Nick !" <[EMAIL PROTECTED]> > Date: 29 March 2007 2:16:31 PM > To: OpenBSD-Misc <misc@openbsd.org> > Subject: Re: Long WEP key > > > On 3/29/07, Lars Hansson <[EMAIL PROTECTED]> wrote: > >> Maxime DERCHE wrote: >> > IMHO you should think to configure your AP to provide a WAP-based >> > encryption... >> >> WAP-based encryption? Do you mean WPA? >> > > And to answer the original question: because OpenBSD doesn't support > WPA, and Theo has claimed somewhere that I can never find the link to > that WPA gives a false sense of security anyway. > > -Nick > From most of my reading a few months ago WPA-PSK is considered reasonably secure provided the pre-shared key is long enough... for some reason I can't find my references, but from memory depending on the source a minimum of around 34 to 39 random ASCII characters (50+ alphanumeric characters) is quoted. Obviously that's a very long passphrase in anyone's language and that's the problem. Most people (understandably) choose a passphrase at most one-third that length and in this situation WPA-PSK may be considered even less secure than the (deservedly) derided WEP.
-- Please avoid sending me Word or PowerPoint attachments. See http://www.gnu.org/philosophy/no-word-attachments.html
