WPA(2) Secure enough?

[Mrpeepers310]

For the past two weeks I have been messing with cracking wpa, wpa2 networks. I have scoured the forums here as well as googled enough that it now only suggests wpa related topics lol.

But from what I've concluded, it seems that wpa2 is quiet possibly as secure as we need as long as you have a secure password.

My rationale is that because a person can literally make anything their password that most wordlists would not be able to crack it. If someone makes there password with just their last name and say, their birthday. (i.e. Martin04221966) most password lists would not be able to crack that.

So, I guess my overall question is for someone to correct me if I'm wrong on saying that if a password includes a proper noun or multiple words plus numbers, the wpa attack would not be able to crack the password.

[imported_pingu]

The randomness of your passphrase determines its strength. An attacker will most likely have wordlists with common number/letter replacements people use as well as the common phrases used, but usually a 22 random (the randomness is key) character passphrase that isnt in popular tables or wordlists would take a long time to crack. This is of course dependant on the speed of the attackers setup, but assuming it isn't someone with a decent amount of money and time to dedicate to getting your key, you should be safe. Correct me if im wrong of course!

Really though if your network was that important, a very determined attacker would probably choose a different attack vector such as phishing or am I just paranoid ;()

[Mrpeepers310]

But would proper nouns and names or even phrases be in most wordlists?
I guess my point is that a normal, educated, person would most likely use a name or phrase of some personal worth plus add numbers to the end, that the chance in an attacker getting it dead on is pretty slim. I mean, if the owner even puts the password of their dog and its birthday, rover11092005. I believe no wordlist would have that.

Again correct me if I'm wrong and if their is a wordlist that can get that specific I would love for someone to post a link on here!

[imported_longjidin]

yes i agree bro!!! to crack the wpa/wpa2 we need good password list but wireless is wireless its fly every where hah! out there someone or some where still looking a way to smash this wpa/wpa2 encryption.......good job guys out there!!!!! even i still try to crack this issue ........thanks to <<BackTrack community for supporting. pwnsauce!!! hoora!!

[imported_anubis2k7]

You should have a look at some of the wordlists out there to get an idea of what is in them. Most WL IMHO can only go after the low hanging fruit, i.e. what is common, so if you have your network secured with something like G3t0ffmYn3t would not be in a WL.

You can also further its security by some random chars for the ESSID, since this is used to salt the password

[imported_pingu]

Wordlists I have for WPA have common words/names/palces with leet replacements, some popular phrases and are 550MB each. Obviously change the default SSID to something unique with random characters e.g. not in the top SSID list that the rainbow tables from schmoo use. I have about 40% success rate with the rainbow tables, so some people still use simple passphrases (8 characters). There are some good wordlists on this site