When it comes to using Wi-Fi, most of us don’t really put much thought into how safe it is. We often connect to public networks without giving it a second thought, leave our phone in places where they can be used by unauthorized people or do many other things which are not very safe for our devices.
All these days, WPA2 has been our protector when it comes securing Wi-Fi networks. If your home Wi-Fi password protected, it probably used the WPA2 If you don’t know what WPA2 is, let’s take a look at the definitions.
“WPA” is the short form of Wi-Fi Protected Access. The pioneers of WPA were WPA1 and WEP, which are not widely used anymore as they are insecure. Since 2004, WPA2 has been the one we’ve all been using. WPA2 requires the usage of strong and robust AES encryption which is still quite hard for hackers to crack. This method of encryption guarantees that a Wi-Fi access point such as a router and a client such as a phone can securely communicate.
WPA2 is a security protocol or standard that defines how you connect to a password-protected Wi-Fi network. Basically, it sets the rules about how a router and a Wi-Fi client device such as a phone or a laptop can ensure that each of them will be able to maintain a secure communication without being spied on. It facilitates the “handshake” that leads to establishing a transfer of data over the network.
However, WPA2 has some limitations that have been talked about for many years now. Which is why the announcement of WPA3 by the Wi-Fi Alliance has caught everyone’s eye in the CES 2018. WPA3 is the third version of WPA and is going to replace WPA2 in a matter of time. It is predicted to make the lives of hackers much harder.
Basically, WPA2 and WPA3 certifications are both attributes given to device manufacturers after they have fully implemented the necessary security features in their devices and then applied for it. Only after being accepted can they label their devices as “Wi-Fi CERTIFIED™ WPA2™” or “Wi-Fi CERTIFIED™ WPA3™” and put them on the market.
If you’re wondering what the limitations of WPA2 are that WPA3 can overcome, there are basically four fundamental features of WPA3 that make it better than WPA2. Even though the details of these have not been disclosed yet, we can tell you the basic problems they wanted to fix.
Securing Public Wi-Fi networks
Wherever we are, let it be an airport, café or any place we don’t usually visit, we are always looking for an open and public Wi-Fi. The reason is simple, no one likes using their mobile data!
However, what we fail to realize is that when it comes to security, these networks are in a really bad place. Since they don’t require a password for people to connect to the network, they don’t really have any security standards to meet.
Data sent over such unprotected networks are not encrypted at all, they are just sent as plain text! Even if you have to sign in to the network via a webpage, it doesn’t make a difference. While the increase of HTTPS connections did somewhat improve things, it didn’t stop people from finding out which sites you are visiting and what those pages contained. Basically, everything you do on a public network can be easily spied on by criminals.
To solve this issue, WPA will introduce “individualized data encryption”. So, even if you connect to a network that doesn’t have a password, the data sent between your device and the router will be encrypted. Unless someone knows how to decrypt it/ crack the encryption, your information should be perfectly safe!
Securing users from Brute-Force Attacks
WPA2 ensures that you have entered the correct password and that both devices maintain proper encrypting methods. When a device connects to the access point, they perform a “handshake” based on those 2 checkpoints. However, this method has been proved to have loopholes in the KRACK attack in 2017.
WPA3 claims to have a new “handshake” that will provide strong security even if users cannot choose a strong password. Therefore, it will protect you against brute force attacks where someone tries to enter a network without knowing the exact password.