Editing Wi-Fi (section)

== Security ==
{{Main|Wireless security}}

The main issue with wireless [[network security]] is its simplified access to the network compared to traditional wired networks such as Ethernet. With wired networking, one must either gain access to a building (physically connecting into the internal network), or break through an external [[Firewall (computing)|firewall]]. To access Wi-Fi, one must merely be within the range of the Wi-Fi network. Most business networks protect sensitive data and systems by attempting to disallow external access. Enabling wireless connectivity reduces security if the network uses inadequate or no encryption.<ref>{{cite web|url=http://networkbits.net/wireless-printing/80211-g-pros-cons-of-a-wireless-network-in-a-business-environment/|title=802.11 X Wireless Network in a Business Environment – Pros and Cons.|last=Jensen|first=Joe|date=26 October 2007|website=Networkbits|archive-url=https://web.archive.org/web/20080305075900/http://networkbits.net/wireless-printing/80211-g-pros-cons-of-a-wireless-network-in-a-business-environment/|archive-date=5 March 2008|url-status=usurped|access-date=8 April 2008}}</ref><ref>{{cite news|url=http://www.app.com/article/20130701/NJNEWS/307010010/Free-Wi-Fi-User-beware-Open-connections-Internet-full-security-dangers|title=Free Wi-Fi? User beware: Open connections to Internet are full of security dangers, hackers, ID thieves|last=Higgs|first=Larry|date=1 July 2013|work=[[Asbury Park Press]]|archive-url=https://archive.today/20130702002841/http://www.app.com/article/20130701/NJNEWS/307010010/Free-Wi-Fi-User-beware-Open-connections-Internet-full-security-dangers|archive-date=2 July 2013|url-status=dead}}</ref><ref>{{Cite news|url=https://www.bbc.com/news/technology-26762198|title=Data-stealing Snoopy drone unveiled at Black Hat|last=Gittleson|first=Kim|date=28 March 2014|work=[[BBC News]]|access-date=29 March 2014|archive-url=https://web.archive.org/web/20140330062159/http://www.bbc.co.uk/news/technology-26762198|archive-date=30 March 2014|url-status=live}}</ref>

An attacker who has gained access to a Wi-Fi network router can initiate a DNS spoofing attack against any other user of the network by forging a response before the queried DNS server has a chance to reply.<ref>{{cite web
 |url         = http://cr.yp.to/djbdns/forgery.html
 |title       = DNS forgery
 |first       = Daniel J.
 |last        = Bernstein
 |author-link  = Daniel J. Bernstein
 |year        = 2002
 |access-date  = 24 March 2010
 |quote       = An attacker with access to your network can easily forge responses to your computer's DNS requests.
 |url-status  = live
 |archive-url  = https://web.archive.org/web/20090727073417/http://cr.yp.to/djbdns/forgery.html
 |archive-date = 27 July 2009
}}</ref>

=== Securing methods ===
A common measure to deter unauthorized users involves hiding the access point's name by disabling the SSID broadcast. While effective against the casual user, it is ineffective as a security method because the SSID is broadcast in the clear in response to a client SSID query. Another method is to only allow computers with known MAC addresses to join the network,<ref>
{{cite web
 |url         = http://www.cs.wright.edu/~pmateti/InternetSecurity/Lectures/WirelessHacks/Mateti-WirelessHacks.htm#_Toc77524658
 |title       = Hacking Techniques in Wireless Networks
 |last        = Mateti
 |first       = Prabhaker
 |year        = 2005
 |publisher   = [[Wright State University]] Department of Computer Science and Engineering
 |location    = Dayton, Ohio
 |archive-url  = https://web.archive.org/web/20100305180937/http://www.cs.wright.edu/~pmateti/InternetSecurity/Lectures/WirelessHacks/Mateti-WirelessHacks.htm#_Toc77524658
 |archive-date = 5 March 2010
 |url-status  = live
 |access-date  = 28 February 2010
}}</ref> but determined eavesdroppers may be able to join the network by [[MAC spoofing|spoofing]] an authorized address.

[[Wired Equivalent Privacy]] (WEP) encryption was designed to protect against casual snooping but it is no longer considered secure. Tools such as [[AirSnort]] or [[Aircrack-ng]] can quickly recover WEP encryption keys.<ref>{{cite web|url=http://www.wirelessve.org/entries/show/WVE-2005-0020|title=Wireless Vulnerabilities & Exploits|last1=Hegerle|first1=Blake|last2=snax|date=17 August 2001|publisher=wirelessve.org|archive-url=https://archive.today/20060919203035/http://www.wirelessve.org/entries/show/WVE-2005-0020|archive-date=19 September 2006|url-status=dead|access-date=15 April 2008|last3=Bruestle|first3=Jeremy}}</ref> Because of WEP's weakness the Wi-Fi Alliance approved Wi-Fi Protected Access (WPA) which uses [[Temporal Key Integrity Protocol|TKIP]]. WPA was specifically designed to work with older equipment usually through a firmware upgrade. Though more secure than WEP, WPA has known vulnerabilities.

The more secure [[WPA2]] using [[Advanced Encryption Standard]] was introduced in 2004 and is supported by most new Wi-Fi devices. WPA2 is fully compatible with WPA.<ref name="wpa2-mandatory">{{cite web|url=http://www.wi-fi.org/news_articles.php?f=media_news&news_id=16|title=WPA2 Security Now Mandatory for Wi-Fi CERTIFIED Products|date=13 March 2006|work=[[Wi-Fi Alliance]]|archive-url=https://web.archive.org/web/20110807093143/http://www.wi-fi.org/news_articles.php?f=media_news&news_id=16|archive-date=7 August 2011|url-status=dead}}</ref> In 2017, a flaw in the WPA2 protocol was discovered, allowing a key replay attack, known as [[KRACK]].<ref>{{cite web|url=https://www.krackattacks.com/|title=Key Reinstallation Attacks: Breaking WPA2 by forcing nonce reuse|last=Vanhoef|first=Mathy|date=2017|archive-url=https://web.archive.org/web/20171022022042/https://www.krackattacks.com/|archive-date=22 October 2017|url-status=live|access-date=21 October 2017}}</ref><ref>{{cite web|url=https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/|title=Serious flaw in WPA2 protocol lets attackers intercept passwords and much more|last=Goodin|first=Dan|date=16 October 2017|website=[[Ars Technica]]|archive-url=https://web.archive.org/web/20171021121658/https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/|archive-date=21 October 2017|url-status=live|access-date=21 October 2017}}</ref>

[[File:QR code Wi-Fi.svg|thumb|upright=0.63|A [[QR code]] to automate a Wi-Fi connection using ''WIFI:S:Wikipedia;T:WPA;P:Password1!;;'']]

A flaw in a feature added to Wi-Fi in 2007, called [[Wi-Fi Protected Setup]] (WPS), let WPA and WPA2 security be bypassed. The only remedy {{as of|2011|lc=on}} was to turn off Wi-Fi Protected Setup,<ref>{{cite web |url=http://www.kb.cert.org/vuls/id/723755 |title=CERT/CC Vulnerability Note VU#723755 |access-date=1 January 2012 |url-status=live |archive-url=https://web.archive.org/web/20120103152902/http://www.kb.cert.org/vuls/id/723755 |archive-date=3 January 2012 }} [[US CERT]] Vulnerability Note VU#723755</ref> which is not always possible.

[[Virtual private network]]s can be used to improve the confidentiality of data carried through Wi-Fi networks, especially public Wi-Fi networks.<ref>{{Cite web|url=https://www.consumer.ftc.gov/articles/0014-tips-using-public-wi-fi-networks#protect|title=Tips for Using Public Wi-Fi Networks|author=Federal Trade Commission|date=March 2014|website=Federal Trade Commission – Consumer Information|access-date=8 August 2019|archive-date=9 August 2019|archive-url=https://web.archive.org/web/20190809122844/https://www.consumer.ftc.gov/articles/0014-tips-using-public-wi-fi-networks#protect|url-status=live}}</ref>

A [[URI]] using the WIFI scheme can specify the SSID, encryption type, password/passphrase, and if the SSID is hidden or not, so users can follow links from [[QR code]]s, for instance, to join networks without having to manually enter the data.<ref>{{cite web|title=Share your Wi-Fi SSID & Password using a QR Code|url=http://www.technostarry.com/share-wi-fi-details-using-qr-code/|date=19 July 2015|access-date=28 July 2021|archive-date=12 January 2023|archive-url=https://web.archive.org/web/20230112193217/http://www.technostarry.com/share-wi-fi-details-using-qr-code/|url-status=live}}</ref> A [[MeCard (QR code)|MeCard]]-like format is supported by Android and iOS 11+.<ref>{{cite web |title=zxing documentation: barcode contents |url=https://github.com/zxing/zxing/wiki/Barcode-Contents |website=GitHub |publisher=zxing |language=en |access-date=28 July 2021 |archive-date=15 February 2016 |archive-url=https://web.archive.org/web/20160215201205/https://github.com/zxing/zxing/wiki/Barcode-Contents |url-status=live }}</ref>

* Common format: <code>WIFI:S:<SSID>;T:<WEP|WPA|blank>;P:<PASSWORD>;H:<true|false|blank>;</code>
* Sample <code>WIFI:S:MySSID;T:WPA;P:MyPassW0rd;;</code>

=== Data security risks ===
Wi-Fi access points typically default to an encryption-free (''open'') mode. Novice users benefit from a zero-configuration device that works out-of-the-box, but this default does not enable any [[wireless security]], providing open wireless access to a LAN. To turn security on requires the user to configure the device, usually via a software [[graphical user interface]] (GUI). On unencrypted Wi-Fi networks connecting devices can monitor and record data (including personal information). Such networks can only be secured by using other means of protection, such as a [[VPN]], or [[Hypertext Transfer Protocol]] over [[Transport Layer Security]] ([[HTTPS]]).

The older wireless-[[encryption]] standard, Wired Equivalent Privacy (WEP), has been [[Fluhrer, Mantin, and Shamir attack|shown]] easily breakable even when correctly configured. Wi-Fi Protected Access (WPA) encryption, which became available in devices in 2003, aimed to solve this problem. Wi-Fi Protected Access 2 (WPA2) ratified in 2004 is considered secure, provided a strong [[passphrase]] is used. The 2003 version of WPA has not been considered secure since it was superseded by WPA2 in 2004.

In 2018, [[WPA3]] was announced as a replacement for WPA2, increasing security;<ref>{{cite web|url=https://www.techspot.com/news/72656-wpa3-protocol-make-public-wi-fi-hotspots-lot.html|title=WPA3 protocol will make public Wi-Fi hotspots a lot more secure|last=Thubron|first=Rob|date=9 January 2018|website=Techspot|archive-url=https://web.archive.org/web/20181116023123/https://www.techspot.com/news/72656-wpa3-protocol-make-public-wi-fi-hotspots-lot.html|archive-date=16 November 2018|url-status=live}}</ref> it rolled out on 26 June.<ref>{{Cite web|url=https://www.theverge.com/circuitbreaker/2018/6/26/17501594/wpa3-wifi-security-certification|title=Wi-Fi security is starting to get its biggest upgrade in over a decade|last=Kastrenakes|first=Jacob|date=26 June 2018|website=[[The Verge]]|archive-url=https://web.archive.org/web/20190220012909/https://www.theverge.com/circuitbreaker/2018/6/26/17501594/wpa3-wifi-security-certification|archive-date=20 February 2019|url-status=live|access-date=26 June 2018}}</ref>

=== Piggybacking ===
{{Main|Piggybacking (Internet access)}}
{{Further|Legality of piggybacking}}
{{Further|Wi-Fi Protected Setup#Physical security issues}}

Piggybacking refers to access to a wireless Internet connection by bringing one's computer within the range of another's wireless connection, and using that service without the subscriber's explicit permission or knowledge.

During the early popular adoption of [[802.11]], providing open access points for anyone within range to use was encouraged{{By whom|date=March 2010}} to cultivate [[wireless community network]]s,<ref>{{cite web|title=NoCat's goal is to bring you Infinite Bandwidth Everywhere for Free|url=http://nocat.net/|url-status=dead|archive-url=https://web.archive.org/web/20111022034826/http://nocat.net/|archive-date=22 October 2011|access-date=14 October 2011|website=NoCat.net}}</ref> particularly since people on average use only a fraction of their downstream bandwidth at any given time.

Recreational logging and mapping of other people's access points have become known as [[wardriving]]. Indeed, many access points are intentionally installed without security turned on so that they can be used as a free service. Providing access to one's Internet connection in this fashion may breach the Terms of Service or contract with the [[ISP]]. These activities do not result in sanctions in most jurisdictions; however, legislation and [[case law]] differ considerably across the world. A proposal to leave [[graffiti]] describing available services was called [[warchalking]].<ref>{{cite web|url=http://www.blackbeltjones.com/warchalking/warchalking0_9.pdf|title=Let's Warchalk|last=Jones|first=Matt|date=24 June 2002|archive-url=https://web.archive.org/web/20080705034313/http://www.blackbeltjones.com/warchalking/warchalking0_9.pdf|archive-date=5 July 2008|url-status=dead|access-date=9 October 2008}}</ref>

Piggybacking often occurs unintentionally&nbsp;– a technically unfamiliar user might not change the default "unsecured" settings to their access point and operating systems can be configured to connect automatically to any available wireless network. A user who happens to start up a laptop in the vicinity of an access point may find the computer has joined the network without any visible indication. Moreover, a user intending to join one network may instead end up on another one if the latter has a stronger signal. In combination with automatic discovery of other network resources (see [[DHCP]] and [[Zeroconf]]) this could lead wireless users to send sensitive data to the wrong middle-man when seeking a destination (see [[man-in-the-middle attack]]). For example, a user could inadvertently use an unsecured network to log into a [[website]], thereby making the login credentials available to anyone listening, if the website uses an insecure protocol such as plain [[HTTP]] without [[Transport Layer Security|TLS]].

On an unsecured access point, an unauthorized user can obtain security information (factory preset passphrase or Wi-Fi Protected Setup PIN) from a label on a wireless access point and use this information (or connect by the Wi-Fi Protected Setup pushbutton method) to commit unauthorized or unlawful activities.