Skip to main content

MS-CHAPv2 Hack Called No Threat to Enterprise WLANs

posted onAugust 6, 2012
by l33tdawg

Enterprise Wi-Fi networks can keep using WPA2 security safely, despite a recent Defcon exploit that has been widely, but wrongly, interpreted as rendering it useless.

The exploit successfully compromised a legacy authentication protocol, MS-CHAPv2, which was created by Microsoft years ago. But the vulnerabilities of this protocol (and other similar ones) are well known, and Wi-Fi Protected Access 2 makes use of additional mechanisms to protect them. That protection is still in force, according to both the Wi-Fi Alliance and a wireless architect, who blogged in depth on this issue after the Defcon exploit was reported.

In the wake of the Defcon demonstration, enterprises were being urged by some to abandon MS-CHAP, the Protected Extensible Authentication Protocol (PEAP), WPA2 or all of the above. None of that is necessary.

Source

Tags

Wireless Security

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th