WEP can be cracked very easily using a variety of programs that can be found on "wardriving" boards. WPA is theoretically much tougher (some would say practically impossible) to crack if a sufficiently complex PSK is used, but there has been a lot of chatter on wardriving boards about programs that claim to be able to crack WPA. I frankly have my doubts and attribute most of these claims to geekling bravado, but nonetheless, the chatter gives cause for concern.
There really are two separate risks inherent in wireless. One is data security, and the other is Internet leeching.
Practically any encryption at all will stop most casual leeching because in most cases (at least in urban and moderately dense suburban areas), it's easier for someone to find an unsecured network to leech from than it is to crack a secured one.
Data security, however, is another story; so it's wise to use every possible means to protect your network, and hope that a miscreant will give up and look for an easier mark.
Also, although you may not particularly care if someone steals your connection (some people actually welcome it because they hate their Internet providers), remember that if someone parks out in front of your home at 3:00 a.m. and downloads kiddie porn or bomb-making plans using your connection, it will trace to you.
Here are some things you can do to make your wireless network safer:
- Many routers have the ability to only accept connections from certain adapters, identified by their MAC numbers. This is by no means foolproof, but it does enhance security a bit.
- Disabling remote administration and setting a strong admin password for the router also help, but are not foolproof.
- Turning off SSID broadcast will keep out casual Internet leechers, but not crackers or wardrivers. Still, it's a good idea unless you will be adding clients frequently.
- Use WPA and set a complex PSK. The longer and more complex, the better.
- Of course, check for firmware updates.
- Don't allow leechers. Let your tightwad neighbor pay for his own Internet.
- If your data is not only confidential but also of a nature that would be particularly attractive to an identity thief, etc., then go with a secure VPN.
Rich