search

dwyl / focus-hub

:mute: The dwyl London office, No. 16 Palmers Rd
8 stars 1 forks source link

WiFi Security #80

Open ghost opened 7 years ago

ghost commented 7 years ago

Bearing in mind the security talk we had on Friday we should review our WiFi security.

ghost commented 7 years ago

@evilpacket Hey Adam! Thanks so much for the talk you gave us - I had a quick question spring to mind. We have a co-working space and our WiFi password is a memorable word so that the members of the space know it (lots of other coworking spaces, such as WeWork, do this). However is this not a good idea in terms of security? Should we be making the WiFi password really complex and difficult to guess? If so, we’ll probably need to have notes on the wall to remind people of the password - is this a good idea? How do WeWork (et al) get away with it being a simple password? Would be great to have your insight about how worried we should be about this!

evilpacket commented 7 years ago

Here is what came out top of mind. If you don't use a complex password (and turn off WPS if it's on on your router) and it's fairly public to get the password it should be considered an open network. That means untrusted network (think coffee shop wifi). The best option is for you to use a fairly complex but memorable password and for members with high security needs to use a vpn service while there (also any other untrusted network, it's a pretty good idea in general).

Our co-working pace here has the credentials on the wall and I simply treat it as an untrusted network since you never know who is coming or going or if their systems are compromised.

--- original message --- On Wed, May 31, 2017 at 01:33 am, notifications@github.com Mark William Firth wrote:

@evilpacket Hey Adam! Thanks so much for the talk you gave us - I had a quick question spring to mind. We have a co-working space and our WiFi password is a memorable word so that the members of the space know it (lot’s of other coworking spaces, such as WeWork, do this). However is this not a good idea in terms of security? Should we be making the WiFi password really complex and difficult to guess? If so, we’ll probably need to have notes on the wall to remind people of the password - is this a good idea? How do WeWork (et al) get away with it being a simple password? Would be great to have your insight about how worried we should be about this!

You are receiving this because you were mentioned.

Reply to this email directly, view it on GitHub, or mute the thread. --- end of original message ---