❔Q&A

Questions and Answers

Does this work for Windows or Linux?

No, this guide is for Mac only.

Should I be trying this on my neighbor’s WiFi?

NO. You may only try this on a WiFi network that you own / have explicit permission to experiment on, such as your home WiFi network. Any unauthorized attempts at breaking into a private network are illegal. We take no responsibility for such actions.

Does this method work with salted password hashes?

First, what is a salted password hash? A salted hash is just like a hash we have previously learned about in this tutorial, except that before hashing the password, a random string is appended to the password. Salting is an effective security method for protecting stored password hashes as it makes each hash harder to crack. Specifically, the attacker needs to be able to guess the length of the password plus the random hash to crack the salted hash. A server may employ salting to protect stored hashes, but a hash that is being sent over a network cannot have a salt. (This means, for example, that WiFi passwords cannot be hashed.) This is because there is no way to securely convey what the salt is across the network. If a computer is requesting access via a hashed password, there is no way for that computer to understand the authentication server's salt. Hence all password hashes sent for authorization must not be salted. In conclusion, yes this tutorial should work even in a system where passwords are salted, but that is not a concern of this guide as WiFi password hashes are not salted [11].