About WPS Attack by Brute Force

  • Share on Facebook
  • Share on Twitter
  • Share on Google Plus
  • Share on Linkedin

Wi-Fi Protected Setup (WPS) Vulnerability Notice

A flaw exists in the Wi-Fi Alliance’s WPS specification that would allow a hacker with a password-guessing tool to guess the password within a few hours (brute-force attack). If a hacker brute forces the WPS PIN and retrieves the password for the wireless network, he could access your wireless network data.

This flaw exists in all WPS-enabled wireless devices.

ZyXEL recommends you do the following:

  1. Do not use the WPS PIN Configuration method (see your product’s documentation)
  2. Use WPA2 encryption with a long password mixing letters and numbers.
  3. Disable UPnP.
  4. Enable MAC address filtering and allow only known computers to access your wireless network.

For more information on this vulnerability, please see http://www.kb.cert.org/vuls/id/723755
For more help, please e-mail support@zyxel.com.tw