Forum Thread

Netgear MR814v2: How do I secure my wifi with password?

thatbb6 1,298 256 April 4, 2012 at 01:30 PM
update:
I just got my TWC installed and I need to figure out how to secure my Wifi with password. My router is Netgear MR814v2. I googled and found bunch of info on how to change int but for some reason my page looks NOTHING likes it! What is that generate button next to the passphrase field for? Can anyone help me out? Pictures below show the difference between my actual screen and the other type.



ignore the old stuff:
I got AT&T Internet with 6Mbps download so usually with my old set up, my download speed could go up to 600+KBps. Since I suspect the router was giving me problem with connection because it would disconnected a few times a day, I swapped it out for a cheap Belkin N150. It says maximum transfer speed is 150Mbps so I thought it should be good enough. However, when I swapped my old Netgear for the Belkin, max speed I ever got was 350KBps. Is the Belkin bottlenecking my internet speed?

The other question I have is when I tried to go back to my old set up with Netgear MR814v2, it goes on the the wizard set up. What am i supposed to do with this page to go online? Pic below is a sample of how my page looks.

25 Comments

1 2

Sign up for a Slickdeals account to remove this ad.

Joined Feb 2007
L10: Grand Master
7,354 Posts
2,746 Reputation
#16
Quote from mrbobhcrhs View Post :
All I am going to add is when you secure your wifi choose WPA2-AES (not WPA-AES or WPA2-TKIP) as all the rest can easily be cracked.

Link to where WPA-AES and WPA2-TKIP "easily cracked"







True WPA2-AES is the strongest encryption but the others are also.

Stay away from WEP
Reply Helpful Comment? 0 0
#17
Quote from boltman2007 View Post :
Link to where WPA-AES and WPA2-TKIP "easily cracked"







True WPA2-AES is the strongest encryption but the others are also.

Stay away from WEP
are you asking for a link for proof that is hackable? The flaw is in TKIP (thus WPA-AES should be ok in theory) but here [tgdaily.com] is the link to TKIP being hacked in 1 minute.
Reply Helpful Comment? 0 0
....


...
#18
You sure your firmware is fully updated? Looks like your router only supports wep as is.
Reply Helpful Comment? 0 0
Joined Feb 2007
L10: Grand Master
7,354 Posts
2,746 Reputation
#19
Quote from mrbobhcrhs View Post :
are you asking for a link for proof that is hackable? The flaw is in TKIP (thus WPA-AES should be ok in theory) but here [tgdaily.com] is the link to TKIP being hacked in 1 minute.
Thanks... wonder if passphrase length would make a difference. Would have liked more details. Because a short passphrase would be easy a long one doubtful.
Reply Helpful Comment? 0 0
#20
Quote from boltman2007 View Post :
Thanks... wonder if passphrase length would make a difference. Would have liked more details. Because a short passphrase would be easy a long one doubtful.
I think its an issue with IV packets like WEP (I dont think TKIP has IV packets but something like it)
Reply Helpful Comment? 0 0
#21
Quote from boltman2007 View Post :
Thanks... wonder if passphrase length would make a difference. Would have liked more details. Because a short passphrase would be easy a long one doubtful.
No. Passphrase length doesn't matter. AES encryptions takes your passphrase and duplicate it to pad it up for the required bits specified to encode your data. This is part of the AES encryption spec.
Reply Helpful Comment? 0 0
Joined Feb 2007
L10: Grand Master
7,354 Posts
2,746 Reputation
#22
Quote from CrappySyntax View Post :
No. Passphrase length doesn't matter. AES encryptions takes your passphrase and duplicate it to pad it up for the required bits specified to encode your data. This is part of the AES encryption spec.
I was wondering if the vulnerability related to TKIP if passpharse length was the issue not AES,
Reply Helpful Comment? 0 0

Sign up for a Slickdeals account to remove this ad.

Joined Aug 2005
L10: Grand Master
12,661 Posts
4,824 Reputation
Pro
#23
Quote from boltman2007 View Post :
Thanks... wonder if passphrase length would make a difference. Would have liked more details. Because a short passphrase would be easy a long one doubtful.
Quote from CrappySyntax View Post :
No. Passphrase length doesn't matter. AES encryptions takes your passphrase and duplicate it to pad it up for the required bits specified to encode your data. This is part of the AES encryption spec.
Length does matter, https://www.grc.com/passwords.htm Has a good explanation.

Quote :

When does size matter?

The use of these maximum-entropy passwords minimizes (essentially zeroes) the likelihood of successful "dictionary attacks" since these passwords won't appear in any dictionary. So you should always try to use passwords like these.

When these passwords are used to generate pre-shared keys for protecting WPA WiFi and VPN networks, the only known attack is the use of "brute force" -- trying every possible password combination. Brute force attackers hope that the network's designer (you) were lazy and used a shorter password for "convenience". So they start by trying all one-character passwords, then two-character, then three and so on, working their way up toward longer random passwords.

Since the passwords used to generate pre-shared keys are configured into the network only once, and do not need to be entered by their users every time, the best practice is to use the longest possible password and never worry about your password security again.
Note that while this "the longer the better" rule of thumb is always true, long passwords won't protect legacy WEP-protected networks due to well known and readily exploited weaknesses in the WEP keying system and its misuse of WEP's RC4 encryption. With WEP protection, even a highly random maximum-entropy key can be cracked in a few hours. (Listen to Security Now! episode #11 for the full story on cracking WEP security.)
Save the pass phrase as a text file on a jump drive to put onto computers, email it to your phone and copy and paste. I also always take out similar looking characters like 0 and O, I and | etc.

It is also worth noting to change the password used to login to the router to make your administration changes. This does not need to be super complex just something your neighbors/family can't guess. It has been known that some viruses will attack default routers to redirect DNS, etc.

One last thing is to turn off WPS as it is quite vulnerable on most routers and is an easy and quick way to defeat all that you have just done above.
http://www.safegadget.com/72/majo...y-wps-bug/
http://www.engadget.com/2011/12/2...or-manufa/

http://dankaminsky.com/2012/01/02/wps/
Reply Helpful Comment? 0 0
Vague questions receive vague answers . . . . . .
#24
Quote from LiquidRetro View Post :
Length does matter, https://www.grc.com/passwords.htm Has a good explanation.



Save the pass phrase as a text file on a jump drive to put onto computers, email it to your phone and copy and paste. I also always take out similar looking characters like 0 and O, I and | etc.

It is also worth noting to change the password used to login to the router to make your administration changes. This does not need to be super complex just something your neighbors/family can't guess. It has been known that some viruses will attack default routers to redirect DNS, etc.

One last thing is to turn off WPS as it is quite vulnerable on most routers and is an easy and quick way to defeat all that you have just done above.
http://www.safegadget.com/72/majo...y-wps-bug/
http://www.engadget.com/2011/12/2...or-manufa/

http://dankaminsky.com/2012/01/02/wps/
Alright, let me rephrase my wording. The length of your "passphrase" does not matter, but you still don't want it to be easily guessed. There's no encryption system out there that can protect you if you decide to make your passphrase a commonly used word, like "password". AES encryption is a standard and openly published standard for a single key encryption system. So if someone know your passphrase they can easily decrypt your data. The paragraph right before the one LiquidRetro quoted was:

Quote :
Shorter pieces are random too:

A beneficial property of these maximum entropy pseudo-random passwords is their lack of "inter-symbol memory." This means that in a string of symbols, any of the possible password symbols is equally likely to occur next. This is important if your application requires you to use shorter password strings. Any "sub-string" of symbols will be just as random and high quality as any other.
This is basically saying your encoded password will be just as random whether its long or short and there is no algorithmic sequence from character to character.
Reply Helpful Comment? 0 0
Joined Aug 2005
L10: Grand Master
12,661 Posts
4,824 Reputation
Pro
#25
Quote from CrappySyntax View Post :
Alright, let me rephrase my wording. The length of your "passphrase" does not matter, but you still don't want it to be easily guessed. There's no encryption system out there that can protect you if you decide to make your passphrase a commonly used word, like "password". AES encryption is a standard and openly published standard for a single key encryption system. So if someone know your passphrase they can easily decrypt your data. The paragraph right before the one LiquidRetro quoted was:



This is basically saying your encoded password will be just as random whether its long or short and there is no algorithmic sequence from character to character.

Right, but length does matter as it is all about entropy. It is the entire concept behind this https://www.grc.com/haystack.htm which is similar to what you are saying.

And because everyone loves an informative cartoon.
https://xkcd.com/936/

Reply Helpful Comment? 0 0
#26
Quote from LiquidRetro View Post :
Right, but length does matter as it is all about entropy. It is the entire concept behind this https://www.grc.com/haystack.htm which is similar to what you are saying.

And because everyone loves an informative cartoon.
https://xkcd.com/936/

lol, nice.

So what I was saying in the first post is that because of "Rijndael key schedule [wikipedia.org]", length doesn't matter. It takes a key of any length and transform it into appropriate bit size keys. These keys are what is actually used to encode your data and is derived from your passphrase. So to translate it to xkcd terms you'll always have 128, 192 or 256 bit entropy (depends on your algorithm); it will always be at the maximum entropy. This is one of the reason AES is such a great encryption algorithm.
Reply Helpful Comment? 0 0
Page 2 of 2
1 2
Join the Conversation
Add a Comment
 
Copyright 1999 - 2016. Slickdeals, LLC. All Rights Reserved. Copyright / Infringement Policy  •  Privacy Policy  •  Terms of Service  •  Acceptable Use Policy (Rules)  •  Interest-Based Ads
Link Copied to Clipboard