To secure your WIFI from attack, the best way, apart from a very secure Pre Shared Key is to disable WPS. This will really ensure that your network is safe from automated cracking tools. The WPS pixie attack is very effective at retrieving the PSK of a network that you would think was safe from attack, but is actually very insecure. A network that is using an insecure router can be cracked in one minute. That is not good, then someone can use your network for torrenting and/or hacking attacks that would be blamed on you as they are using your network. So turn off WPS. My router uses OpenWRT and I can disable WPS for my 5GHZ and 2.4GHZ networks. That makes it a lot safer. Having a very long and complex PSK is also a very good security measure. This makes it exponentially harder to crack when using a word-list against a wireless network capture after a handshake has been captured. A very long and complicated wireless PSK would require a massive word-list to crack such a strong password.
Here is an example.
ubuntu ~/crunch-3.6 $ ./crunch 5 96 "ABCDEF0987654321$%#^&*()_+" --stdout Crunch will now generate the following amount of data: 17575625800609220224 bytes 16761422920808 MB 16368577071 GB 15984938 TB 15610 PB Crunch will now generate the following number of lines: 2580398988131410784
A 15610 Petabyte wordlist is unimaginable as of yet. The largest RAID array I have heard of is 120 Petabytes, not 20,000. So a very complicated passkey is still a very good defense. Having your WIFI PSK as “homefifi” is not a good defense against malicious users. Another good defense is to change the WIFI name from the default to something else, having a generic WIFI name like Telstra68956 is a good way for someone to guess what hardware you have. This is why it should be changed to something creative.