Router manufacturers have been developing ways to make their routers more secure but at the same time still easy to connect to. This led to the development of WiFi Protected Setup (WPS).
WPS allows you to connect to a router in two ways, either by providing an 8 digit pin code (that is printed on the router) or by pressing the WPS button on the router and opening up a short connection “window”. Both of these methods require physical access to the router and
thus should be secure from “drive-by” hacking. However, that is not the case.
While I would need physical access to push the WPS button, the pin code method is the default and first available under the standard. The biggest issue with this is that the router authenticates the pin in two 4 digit parts. There are 10,000 combination of 4 digit numbers
and since most routers, don’t time-out or ban me for hammering attempts they are extremely easy to run a brute-force attack on. Once I have the first 4 digit number, then I brute-force the second 4 digit number and I’m on your network. We highly recommend setting the connection passphrase setup to WPA2-PSK (pre-shared key) and setting that key to something long and randomized. To be even more secure, make sure you disable the WPS function on your router.