In a recent column, I suggested that a consumer worried about Internet banking over a home Wi-Fi network could use a wired Internet connection that would be safer. But several readers asked whether using wireless encryption (automatic coding) was a better solution.
"I totally agree that a wired connection is always more secure than a wireless one, but shouldn't a home user be encouraged to go the extra step and enable (wireless) encryption?" asked Rick Erickson, PC and network administrator of Fidelity Bank in Edina.
Richard Milberg of Easton, Pa., agreed. But Phil Pollock of Chaska and Karyn Gaffaney of Roseville wondered if the encryption they're using is strong enough to protect their home networks.
The answer falls into a technological gray area. Encryption is good protection, but it's not perfect, said Rob Juncker, vice president of technology operations at security firm Shavlik Technologies in Roseville. Even some of the best encryption methods available to consumers have been cracked by experts.
But encryption protects not by making it impossible to breach your home network, but by making it so much work that hackers will look for easier targets, Juncker said. The question is how much encryption is enough to give you an acceptable margin of safety.
Don't use older Wired Equivalent Privacy (WEP) encryption, which has been broken into many times, Juncker said. You're probably safe if you use Wi-Fi Protected Access (WPA) encryption. An improved encryption, WPA 2, is even safer.
But you've also got to be smart about how you use encryption. Experts recommend using passwords longer than a few letters or numbers, because the longer the password is, the more work it is for a hacker to break it. Don't use passwords that are real words or hackers can run a "dictionary attack" that will eventually guess your password. (According to news reports, hackers using multiple computers can run a dictionary attack in 20 minutes or less.)
Consumers also should know that even the best encryption software won't prevent them from being tricked, Juncker said. A consumer can still fall victim to a "man in the middle attack," in which a hacker with a PC impersonates your Wi-Fi hotspot and tries to convince your PC to connect with him instead of with your wireless router.
