Most implementations of WPA, in order to make use of the cryptography accessible to unsophisticated users with normal home computing equipment, allow users to enter a common shared phrase into a WPA user interface on the computer.
Other key management techniques are available to WPA, but these generally require more expensive and complex network management equipment, such as authentication servers.
Moskowitz states that after sniffing a few packets of data from certain points in Wi-Fi standard communication, an attacker could use a “dictionary attack” on the data offline in an attempt to guess the passphrase.
According to Moskowitz: “A key generated from a passphrase of less than about 20 characters is unlikely to deter attacks.
More info: [url=http://www.eweek.com/article2/0,3959,1375027,00.asp?kc=EWRSS03119TX1K0000594]http://www.eweek.com/article2/0,3959,1375027,00.asp?kc=EWRSS03119TX1K0000594[/url]