1

I have noticed in a few places people mention that if a popular SSID is used, it makes a network more vulnerable to rainbow table attacks. I saw this in one location and assumed they'd mistakenly used SSID in place of the word password, but I just saw it again in an answer on this website.

As far as I know the SSID is just the network name, and rainbow table attacks are concerned with password hashes, so what would using a common or popular network name have to do with making it easier for a password attack to be carried out on the network. Is the SSID used in any way, or is there some wierd correlation between SSIDs and common passwords?

Thanks!

curiousguy
  • 5,028
  • 3
  • 25
  • 27
dahui
  • 497
  • 1
  • 4
  • 14

1 Answers1

8

In WPA/WPA2, the SSID of the network is used as a salt to the encryption. A rainbow table therefore is only useful if the SSID used to generate it is the same as the SSID of the network you are attacking. Using a common SSID increases this chance.

Source

AlexH
  • 1,168
  • 6
  • 8
  • 1
    Only if the wiFi key is 64 hex characters, then the SSID is not used, see [url=https://stackoverflow.com/questions/18006390/why-is-the-wpa2-psk-key-length-limited-to-63-characters]URL https://stackoverflow.com/questions/18006390/why-is-the-wpa2-psk-key-length-limited-to-63-characters[/url] – Dick99999 Jan 16 '15 at 18:48