Wi-Fi flaw gives up your password

This is an archived article and the information in the article may be outdated. Please look at the time stamp on the story to see when it was last updated.

LAS VEGAS (CNNMoney) — Some popular home Wi-Fi routers use dumb computer chips that let hackers steal your password with a single try.

Swiss security researcher Dominique Bongard said many popular routers’ computer chips use a “random number generator” intended to safeguard your password — but it turns out those “random” numbers aren’t as random as they’re supposed to be.

Some are so poorly programmed that a hacker can easily determine the next numbers that the router will spit out. Some routers’ “random” number generators are so bad, it consistently just uses the number “0.”

To steal your Wi-Fi router’s password, all a hacker has to do is know the next number in the chain and send those to the router.

The hacker also needs to know what model router you’re using, but that’s not all that tricky, given the popularity of consumer router brands.

A few keystrokes and voilà: The router gives up its own PIN code — and your Wi-Fi password. Once it gives up that passcode, hackers can join your network and steal data flowing between your devices and the router.

Bongard demonstrated his findings at the PasswordCon cybersecurity conference in Las Vegas on Tuesday using a common home router.

He said the vulnerability only affects home routers that use a security standard called WPS — which many do.

“In just one try. Bang. Got it,” said Bongard. “It’s unbelievable.”


1 Comment


    People should use WPA2 in their router settings. It is much more secure.

    Also set your router to not broadcast the network name, and make sure the pass code is not something easy to guess.

    Lastly, turn it off if it’s not being used or unplug the ethernet cable. No one can hack something that’s not plugged in.

Comments are closed.