Unfortunately, standard Bluetooth security is comparatively weak. Both the device PIN and encryption keys are variable...
length, and their minimum lengths are too short to prevent cracking. Static device PINs and key inputs mean that compromised values remain in use for a long time. Connections can also be hijacked when Bluetooth is used with one-way authentication – for example, when the PDA authenticates itself, but the desktop or phone it connects to does not.
When using Bluetooth, the best answer is to stay at least 30 feet away from public areas where eavesdroppers hang out. If that's not realistic, use the longest possible Bluetooth PINs and encryption keys, choose random PIN values, avoid saving your PIN on your device, and use two-way authentication whenever you can. Beware that device support for Bluetooth security does vary, so read product specs before you buy to make sure these security options are present and turn them on. These Bluetooth security measures can deter casual attackers, but to defeat motivated attackers, you'll need higher-layer security measures.
Related Q&A from Lisa Phifer, Wireless Expert
Wireless expert, Lisa Phifer addresses a query regarding Wi-Fi replacing Ethernet. Lisa provides analysis, advantages and disadvantages, and future ...continue reading
Are Cisco 1200 access points operated in “thick” or autonomous mode or as a thin AP, a lightweight access point that is controlled by a central ...continue reading
Lisa Phifer explains multiple access point configuration when a device tries to differentiate transmitted signals from each point and explains ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.