Thanks for the research. It's interesting that the first article mentions a brute-force password-crack list of a claimed 40 million words. That's a lot, but consider a 12-digit strong password using only upper- and lower-case of the QWERTY part of the keyboard, plus the space key (i.e. no high ASCII), that's 95 possible characters. So, possible combinations are 95^12, ~5.4E23 of which only 4E07 are covered in the "large" dictionary. As long as one stays away from standard dictionary words or obvious combinations one should be OK.

It's interesting that the recommended length for WPA passphrases is at least 20 characters. If this was a strong password it would be even more infeasible. I'm guessing the designers of the standard may have feared that users would use only a smaller subset of characters:

One case of characters = 26^20 ~2E28
Two cases of characters = 52^20 ~2E34
Two cases of characters + 10 digits = 62^20 ~7E35

>Just Google WAP Hacking - many links. But it seems you are right Al depending on key length and the WAP type.
>
>http://docs.lucidinteractive.ca/index.php/Cracking_WEP_and_WPA_Wireless_Networks
>
>http://www.informit.com/articles/article.aspx?p=369221&rl=1
>
>
>
>
>>That's news to me. My understanding is if you make you passphrase "strong" (i.e. no dictionary attacks) and at least 12 characters it is still pretty much infeasible, and if you use AES, even better. Do you have a link showing how these have been hacked?
>>
>>I'd think it would be pretty big news, and I've heard nothing about it.
>>
>>>WPA and WPA2 are hackable too - it takes about 20 min to an hour to do it.
>>>
>>>>This is old news for any net admin, but no-one should any longer be using WEP (Wired Equivalent Privacy) security on their wireless networks.
>>>>
>>>>A new attack makes it possible to determine WEP keys even when your laptop is not within range of your corporate network: http://www.theregister.co.uk/2007/10/18/cafe_latte_wi-fi_attack/
>>>>
>>>>WEP is actually worse than useless, as it gives you a false sense of security. Switch to WPA or WPA2 instead. If anyone you know is still using WEP, do them a favour and let them know.