Our scanning vendor is marking us down because we are using IKEv1 in Aggressive Mode with a pre-shared key. We are using Sonicwall's Global VPN Client to connect to the VPN device in question.
I understand that this is a risk but I don't have a good feel for how risky it is. What are the practical risks involved here?
Supposedly, longer keys are safer. Assuming that the key itself is sufficiently random, how many characters is considered "safe" enough?