Wi-Fi flaw gives up your password


Swiss reseacher Dominique Bongard holds a home Wi-Fi router whose passcode he broke into with a single try.

This is an archived article and the information in the article may be outdated. Please look at the time stamp on the story to see when it was last updated.

LAS VEGAS — Some popular home Wi-Fi routers use dumb computer chips that let hackers steal your password with a single try.

Swiss security researcher Dominique Bongard said many popular routers’ computer chips use a “random number generator” intended to safeguard your password — but it turns out those “random” numbers aren’t as random as they’re supposed to be.

Some are so poorly programmed that a hacker can easily determine the next numbers that the router will spit out. Some routers’ “random” number generators are so bad, it consistently just uses the number “0.”

To steal your Wi-Fi router’s password, all a hacker has to do is know the next number in the chain and send those to the router. The hacker also needs to know what model router you’re using, but that’s not all that tricky, given the popularity of consumer router brands.

A few keystrokes and voilà: The router gives up its own PIN code — and your Wi-Fi password. Once it gives up that passcode, hackers can join your network and steal data flowing between your devices and the router.

Bongard demonstrated his findings at the PasswordCon cybersecurity conference in Las Vegas on Tuesday using a common home router. He said the vulnerability only affects home routers that use a security standard called WPS — which many do.

“In just one try. Bang. Got it,” said Bongard. “It’s unbelievable.”

Trademark and Copyright 2021 Cable News Network, Inc., a Time Warner Company. All rights reserved.

Most Read

Top Stories

More Home Page Top Stories