WPS Wi-Fi Standard is Not Secure

If you are running a wireless router at your home, I am guessing it has WPS and is insecure. I would immediately fix that by placing the following Ubiquiti EdgeRouter X wired router to place between your modem and your wireless router.

What is WPS (Wi-Fi Protected Setup) and how does it work?

WPS was designed by the Wi-Fi Alliance and introduced to the market in 2006, with the goal of allowing home users who don’t want to fiddle with long wireless network passwords and security settings to quickly connect new wireless devices to their networks.Wi-Fi Alliance is a global non-profit association that promotes Wi-Fi technology and certifies Wi-Fi products.

The Wi-Fi Alliance more than 600 members, and it includes many famous companies including Microsoft, Apple, Samsung, Intel, Broadcom, and others. All the relevant providers of networking equipment are also part of this organization.

Among other things, this organization owns the Wi-Fi trademark. When you see a device with the Wi-Fi logo on it, it means that it has been certified by the Wi-Fi Alliance.

The WPS-standard, however, is a security disaster because any knowledgeable entity (governments as well as independent rogue hackers) can crack the WPS-provided default password in less that 11,000 tries, which is a piece of cake and will take about 5 minutes of brute force. Now anyone can have access to your home network, install key-logging software and steal your passwords as you type them (before the stream gets encrypted).

WPS uses an eight-digit PIN. All routers with WPS enabled have a PIN code that’s automatically generated and it cannot be changed by users. It is often printed on the bottom of the router. The problem is that the WPS PIN is insecure and easy to hack.

  • The eight-digit PIN is stored by routers in two blocks of four digits each.
  • The router checks the first four digits separately from the last four digits.
  • A hacker can brute-force the first block of four digits and move on to the second block.
  • Once this PIN is brute forced, the hackers can get complete access to your network.

Other security researchers have revealed different programming and design flaws that make WPS rather insecure. You can read what they have to say, here: