A WiFi security auditing facility for WPA networks could leave the door open to wireless network attacks.
ElcomSoft’s Wireless Security Auditor (EWSA) software has recently been updated with a password recovery utility. As reported by infosecurity (http://www.infosecurity-magazine.com/view/12862/password-recovery-software-means-companies-are-no-longer-secure-when-using-wifi/) this software means that attackers could use multiple computers to carry-out a brute force attack on a WPA network.
Even though WPA is recognised as providing far superior protection than the WEP algorithm for WiFi, businesses need to carefully consider their need for wireless connectivity. This should be carried out as part of a risk-benefit analysis of the company’s operations and assets.