Make password into the router then not open :(

As long as you're choosing the characters at random (using a true crypto qualified random number generator), it doesn't matter what language they are in.


openwrt is open source !
you can add any think ? Schedule to password change automatic ?
used pass1 and pass2 and pass3 etc
i want enable today
pass1 ( enable )----------
pass2 ( disable )
pass3 ( disable )
then tomorrow
pass1 ( disable )
pass2 ( enable )----------
pass3 ( disable )
After tomorrow
pass1 ( disable )
pass2 ( disable )
pass3 ( enable )-----------
etc ?
can be add any think ?

Yes you can change password as you like but you'll need to change it every time you want to change it. I dont think there's a way to add multiple passwords to Wi-Fi in WPA2-PSK but you can create cron jobs to change configuration as you like through uci. Look at the cron documentation for more info.

1 Like

You can, but you're not going to make things significantly more secure.

First off, how are you going to store the "next" passwords? If a script can read them every night, they certainly aren't secure.

More importantly, how long would it likely take someone to crack a good password?

Safes are probably a good analogy. Very secure safes are often rated in hours -- how long they can sustain an attack before they are broken into. Nobody expects a safe to be "impenetrable", but they're "good enough" if it is reasonably certain that someone will be discovered trying to break in before they succeed (overnight, or over a long weekend, for example).

I've read that an average English-language speaker has a vocabulary of 20-30,000 words. Let's be conservative and say that they are pulling from a pool of only 1,000 words. Let's also say that in the pass phrase, there are only four words that are "random".

1,000 ^ 4 = 1,000,000,000,000 combinations

Now let's say that one can be tested every 10 ms. That's pretty fast over wireless. 100 per second. That's got to be some serious, continuous log spam!

1,000,000,000,000 passwords / 100 passwords per second = 10,000,000,000 seconds

10,000,000,000 seconds / 60 seconds per minute / 60 minutes per hour / 24 hours per day

~ 115,740 days / 365 days per year ~ 317 years

So for a 1 in a 100 likelihood of your password being "guessed", assuming they know your exact list of 1,000 words and aren't trying any others, you're looking at over 3 years of continuous, 100 tries per second attacking.

In my opinion, you're a lot better off changing your pass phrase occasionally to prevent human error and concentrating on things that truly make a significant difference in security.

1 Like