iPhone password cracked using tether for a Wi-Fi hotspot
New findings by researchers shows that the iPhone security password can be cracked in just a mere 24 seconds, this was possible after the iPhone was used as a tether for a Wi-Fi hotspot.
It normally takes 50 seconds to crack the password using a single CPU machine, but afters tests using a 4 CPU machine it lowered the crack time to only 24 seconds. This was achievable after using a random password generator with in what they call a non-random manner.
This is too quick considering phones are always being hacked, so to see the iPhone password security in 24 seconds is very bad indeed. The research reports on the PSK authentication method used by Apple iOS to set up a secure WPA2 connection when using an iPhone as a Wi-Fi mobile hotspot and it shows that Apple iOS generates weak default passwords, which makes the Apple iOS mobile hotspot feature susceptible to dramatic attacks on the WPA2 handshake.
In a nutshell the passwords are generated in a random manner, which consists of a word four to six letters long. Then what happens is a number that has been randomly generated gets added to the end of that word, this should normally be ok dependent on the length of the word list being used.
One dictionary according to the researchers contained only 1,842 words; the words chosen seems to be non-random with some turning up more than they should do. The dictionary is now known as brute force password crack, in the research they found that running each of the 1,842 words against all the possibilities randomly is possible.
This means Apple will have to start using a larger dictionary, as well as using a longer number string and longer letter string, this will help a lot. We are guessing this security issue will be updated to iOS 7, maybe beta 2 or 3, time will tell.