Remember the Japanese researchers that came up with a technique to crack WPA pre-shared keys (PSK) in just a few minutes, thus in theory making most of the world’s WiFi networks with TKIP encryption instantly insecure?  If that story’s academic nature didn’t make you lose sleep over your own WiFi network insecurities, maybe this one will.

A new web-based service by ThoughtCrime Labs called WPA Cracker gives anyone the opportunity to gain access to a WPA secured WiFi network.  By simply submitting the results of a wireless network “handshake” to the WPA Cracker service, information easily obtained by any WiFi enabled computer, the company will apply the processing power of its computer cluster to decrypting the PSK.  Customers can choose between $17 and $34 rates, depending on whether they want half or all of the company’s computer cluster to tackle the decryption, which could take up to 40 minutes at half cluster utilization.

The company is targeting the service at “testers and network auditors who need to check the security of WPA-PSK protected wireless networks”, but clear opportunities for misuse exist.  To crack a WPA protected wireless network’s pre-shared key, the company uses a dictionary of over 135 million words “meticulously compiled with WPA cracking in mind”.  And while there is no guarantee that the target network’s PSK will be cracked, the company claims to have great success since most people use relatively weak PSK phrasing that their dictionary encompasses.

So if you’re running a wireless network, take 5 minutes and do your own security audit.  Make sure you’re network is using at least the WPA or WPA2 security protocol and not WEP.  If available, AES encryption is better than TKIP.  But most importantly, make sure your PSK phrase is a long, complex string of characters that no 135 million or more word dictionary compiled with “WPA cracking in mind” will contain.