What Is A Wpa Password For Mac
© Casezy idea/Shutterstock WPA2 is the safest password setting you have on your router. Casezy idea/Shutterstock
- WPA2 is currently the recommended password type for Wi-Fi routers, and lets you secure your network with a custom password.
- You can find and change your WPA2 password by logging into the router's settings page in a web browser.
- Visit Business Insider's Tech Reference library for more stories.
If you've had an internet router installed in your home recently, chances are that it's using WPA2 password protection.
- Just a note that several times now, people have been subsequently able to connect to my WPA-secure wireless network after I opened the Guest Network, no password. Hell if I know why, but it worked. – Zo219 Aug 28 '13 at 7:57.
- Double click the corresponding entry in the main panel. If there is more than one, look for the most recent one with a type matching 'AirPort network password'. Click the checkbox labelled Show password, and enter your user account password when prompted. The password will be displayed in the text box, where you can copy it as needed.
Short for 'Wi-Fi protected Access 2,' WPA2 debuted in 2006 and has been the preferred security protocol since that time.
But how does WPA2 work? And is it even safe?
Here's what you need to know about WPA2, including a guide on how to find your WPA2 password using a Mac or PC.
Check out the products mentioned in this article:
Apple Macbook Pro (From $1,299.00 at Apple)
Acer Chromebook 15 (From $358.99 at Staples)
WPA2 is the safest form of Wi-Fi password protection
If you're using a Mac, you need to be running OS X 10.4.2 or better. Apple calls its version WPA2 Personal. While Linux is outside the scope of this article, you can get more information here.
WPA2 protection is immensely safe. WPA2 relies on a user-generated password to keep strangers out of your internet, and there's currently no way for a hacker to infiltrate it remotely.
The original security protocol for Wi-Fi networks was called WEP (Wired Equivalent Privacy), but it had a number of serious vulnerabilities. Established in 1999, it had been cracked by 2001. It was then superseded by the first version of WPA in 2003, which was replaced by WPA2 in 2006.
If your router is using any security protocol other than WPA2, you should open the router's settings and change it to WPA2.
The most common way to locate your Wi-Fi router's security settings, which includes the WPA2 password, is by signing into your router's settings page in a web browser.
If the router's manufacturer offers a mobile app, you might be able to see the WPA2 settings there as well.
How to find your WPA2 password
1. To open the router's security settings, you'll need to know the router's IP address. This is often written on the side or bottom of the router itself, but if you can't find it there, you can look up the IP address on your computer. Check out our article on how to do just that.
© Dave Johnson/Business Insider The 'Default Gateway' on Windows computers is your router's IP address. Dave Johnson/Business Insider2. Once you have the IP address, open any web browser. In the browser, enter the router's IP address in the address bar and press Enter or Return.
3. You'll need to log into the router's settings page using the username and password you used when you installed the router. Check the router's setup guide, or the notes you took when you reset the username and password. Many routers also have this written on the side or bottom.
© Dave Johnson/Business Insider Log into your router's settings page to find the WPA2 password. Dave Johnson/Business Insider4. Every router is different, but you can typically find the WPA2 settings in a section called 'wireless' or 'security.' You should see a menu in which you can select the security protocol (such as WEP, WPA, or WPA2) and the current password.
© Dave Johnson/Business Insider You may need to browse the admin controls to find the security protocol. Dave Johnson/Business InsiderIf you find that you can't log into your router, or can't find your password, try contacting the router's manufacturer or your internet service provider.
Related coverage from Tech Reference:
Yesterday, my friend Victor wanted to crack a wifi network (his, of course) using his MacBook Pro.
I told him to use the excellent VirtualBox images of Kali Linux from Offensive Security and aircrack-ng.
I had just forgotten that:
- Using advanced wireless features is impossible from a virtual machine
- Even if he used Kali Linux with a dual boot, installing the wireless drivers to make it work with the airport card is tiresome.
- Most (not
airmon-ng
) aircrack-ng tools can be installed on macOS with MacPorts, butairodump-ng
andaireplay-ng
crash.
So PLEASE, if you want to do other advanced networking things than network sniffing or what is described in this article, do yourself a favour and buy an USB adapter to use with the virtual machine.
There is a list on the website of aircrack-ng
, and I think the Alfa AWUS051NH v2 is great.Some people say it is expensive, but last time I checked on Google Shopping, it cost less than half an Apple mouse.
There are 3 steps:
- Identify the target acces point: name (= BSSID), MAC address (= SSID) and channel (~ radio frequency)
- Sniff the channel in monitor mode to retrieve:
- a beacon (easy)
- a handshake (= four-way handshake), or some frames of it (hard)
- Crack the password using the dump
What makes the retrieval of the handshake hard is that it appears only when somebody connects to the access point.
The good news is that you can deauthentificate people from the wifi network - it’s called wifi jamming and it’s useful to impress a girl and piss off people at Starbucks.When they reconnect, they re-send the handshake. That adds a Deauth step.
“Install”
Scan
It saves the .cap
capture file and displays the path.
If you don’t have the beacon or the handshake, it will fail accordingly.
For wordlists, see below.
As I said, aireplay-ng
doesn’t work on a MacBook Pro.The catch is that aireplay-ng
can do a lot of other things besides deauth attacks.
You might read that airport cards do not support packet injection, but packet injections are for WEP attacks and nobody uses WEP anymore. We only want to send some deauthentification frames.
Use JamWiFi. A ready-to-use application is provided there.
In fact, you can indentify the target with it too, and it has a really nice GUI.
Once you have selected the access point, you can deauth one or multiple users. Stop after about 50 “Deauths”, or else the persons might have trouble to reconnect during several minutes.
It might not work it you are too far from the target as your airport card is far less powerful than the router.
Using airport
presents some issues. You cannot know if you got the beacon and the handshake until you stop the capture and try with aircrack-ng
.
You capture a lot of unuseful packets too.
Using tcpdump
is more efficient.
When you launch those lines, the first tcpdump
easily captures a beacon and the second waits for the handshake.
Use JamWiFi to deauth some users, and when tcpdump
shows you it got 4 frames or more, Ctrl-C. It appears you can use less that 4 frames, but it depends on the frames you got (for instance 1,2 or 2,3 are sufficient). Anyway you should normally get at least 4. If nothing shows, try to deauth another user.
Now you have everything in capture.cap
. You can also run aircrack-ng
on it.
Like aireplay-ng
, aircrack-ng
offers so many features that it cannot be the best in everything.
We can really speed up the process by using hashcat.
Install with brew
Convert with cap2hccapx
hashcat
doesn’t take cap files, only hccapx files.
Just install hashcat-utils and use cap2hccapx
Alternatively, use this online tool.
Crack
This page provides some examples.
To use with a dictionnary:
You have a lot of other options, like brute force:
Refer to the documentation fot more patterns.
What Is A Wpa Password For Mac Windows 10
Speed
hashcat
works on the GPU.
What Is A Wpa Password For Mac Os
On my MacBook Pro, it yields a performance of 5kH/s: it tests 5000 passwords in a second.
On a Tesla K20m, the speed is 75kH/s. I managed to crack the 5 last lowercase letters of a wifi password in about 1 minute (26**5 // 75000 = 158 seconds to test them all).
We can see here that a GTX 1080 breaks 400kH/s.
I recommend:
For more efficiency, target the networks with silly names (good examples are “mozart”, “I love cats”, “Harry and Sally”), and avoid the ones called “National Security Agency”, “sysadmin” and “sup3r h4x0r”.
To find a password, you have to be lucky and have a good idea of its shape.
A lot of default wifi passwords are composed of 8 or 10 hexadecimal digits.
In average (worst case divided by 2) and according to the above benchmark, with a GTX 1080:
- 8 hexadecimal characters take 90 minutes.
- 10 hexadecimal characters take 16 days.
- 12 hexadecimal characters take 11 years.
What Is A Wpa2 Password
If you only want free wifi, just do MAC spoofing on a hotspot that uses web login.