It’s easier to picture the targets and attacker as people. So we’ll call these people A who’ll be a device on the network, B is the wifi router, and C is the device running the attack.

Here’s the scenerio, A and B are having a conversation. All is normal until C pops in slobbering drunk, starts yelling semi-coherently as loud as he can and will not shut up.

Since C is so loud A and B cannot effectively communicate and decide to stop their conversation for the moment. Eventually C passes out and it’s finally quiet. A walks back up to B and they exchange a secret handshake then continue talking.

What A and B don’t realize is D was sitting nearby and took a photo of their secret handshake and is now working on figuring out exactly how to do it so they can start talking to B.

As for protecting yourself, currently using newer wifi protocols will help, 2.4g is (hardware-wise) the easiest and cheapest way for attackers to exploit. But it’s best to assume that without hardwiring everything, you will not be able to completely mitigate the deauth portion of the attack.

However, because the handshake is the important part it’s best to use a strong password and the best encryption available to you. When attackers try to figure out the password from the handshake they throw “wordlists” at it or *maybe* attempt a brute force. Something like “Password123” is going to be in every wordlist whereas “Hd7+3dTFg{=9~2” would not.

Also turn off WPS, I always try to attack via WPS before trying to capture a handshake. It doesn’t often work anymore, but when it does it literally only takes a couple seconds.