Wi-Fi Is Getting a Major Upgrade

The new security protocol is called WPA3 and will be widely adopted across the tech industry, likely starting in late 2019. It replaces WPA2, which arrived back in 2004.

Image for post
Image for post

Wi-Fi is getting a security update that’ll help prevent hackers from spying on your broadband connections.

The new security protocol is called WPA3, and will be widely adopted across the tech industry in the coming years, according to the Wi-Fi Alliance, the standards body which made the announcement on Monday.

The major change with WPA3 is how it can fend off attempts to crack the password on your Wi-Fi network.

It may seem counterintuitive, but you can actually crack a Wi-Fi password offline. All you have to do is capture a single password exchange with the network. You can then take that data and proceed to brute-force attack it with unlimited password attempts, with no need for a live connection.

Wi-Fi routers with easily guessable passwords can be particularly vulnerable to this threat. Once logged on, a hacker can potentially spy on any unencrypted data transmitted over the network. Fortunately, the WPA3 protocol is resistant to offline brute-force attacks. Hackers will only be able to crack the password if they have an active connection to the Wi-Fi network.

As a result, using easy-to-remember passwords for your internet router will present less of security risk, according to the Wi-Fi Alliance.

WPA3 replaces the older security protocol for Wi-Fi, WPA2, which arrived back in 2004. Last year, security researchers discovered that WPA2 had a serious bug called KRACK that can expose the data transmitted over Wi-Fi to potential snooping. Fortunately, vendors were quick to patch the problem.

In addition to WPA3, the Wi-Fi Alliance recently rolled out two new enhancements to the wireless technology, one of which promises to secure public hotspots with VPN-like encryption. Users who sign on to these upgraded Wi-Fi hotspots will do so over an individual encrypted connection, preventing potential snooping.

The other enhancement is designed to make it easier for IoT devices to connect to a Wi-FI network. All you’ll have to do is scan the IoT device’s QR code with a smartphone and it’ll automatically connect to the local network.

When these features become avaliable to consumers will be up to vendors. However, the Wi-Fi Alliance said the WPA3 protocol is expected to gain wide adoption in late 2019. Leading tech companies including Apple, Intel, and Samsung are all members of the alliance.

What Is WPA3 ? More Secure Wi-Fi ?

WPA stands for Wi-Fi Protected Access, and it’s a series of security protocols designed to safeguard your Wi-Fi traffic. Here’s what that means for your next binge-watch or video chat.

Image for post
Image for post

The next generation of Wi-Fi security is almost here, and it’s bringing a host of new features to keep your data safe — both at home and on public networks. Here’s everything you need to know about WPA3.

The Wi-Fi Alliance gave us a peek at WPA3 earlier this year at CES, but this week it officially announced the finalized details. Even though you won’t be able to start using it right away, it’s a big step for wireless security, and good news for laptop and smartphone users everywhere.

What Is WPA?

WPA stands for Wi-Fi Protected Access, and it’s a series of security protocols designed to safeguard your Wi-Fi traffic. When you connect to a Wi-Fi network and type in a password, WPA governs the “handshake” that takes place between your device and the router, and the encryption that protects your data. There’s a good chance your home network uses WPA2, the current version of this protocol.

WPA2 has been around since 2004, and while it greatly improved upon its predecessors, WEP and WPA, it’s not perfect (no computer security is). Now, over a decade later, WPA3 is finally on its way with a bunch of new improvements.

What’s New in WPA3?

WPA3 enhances Wi-Fi in the following ways:

  • Passwords are much harder to crack. With WPA2, an attacker can capture some data from your Wi-Fi stream, take it home, and run it through a dictionary-based attack to try and guess your password. WPA3, on the other hand, requires attackers to interact with your Wi-Fi for every password guess they make, making it much harder and time-consuming to crack. This is especially useful if you’re using a weak password on your network (though you really shouldn’t, given how easy it is to create a strong, easy to remember password).
  • Your old data is safer. Even if an attacker does figure out your password, they won’t be able to do quite as much with it as they could with WPA2. WPA3 supports “forward secrecy,” which means that if an attacker captures any encrypted data from your machine and then learns your password later on, they won’t be able to decrypt that old data they captured. They’ll only be able to decrypt newly captured data, so you can protect yourself by merely changing your password as soon as possible.
  • Smart home devices are easier to set up with Wi-Fi Easy Connect. If you’ve ever tried to set up an Internet of Things device on your network — particularly one that doesn’t have a screen — you know how annoying it can be. First you have to connect your phone to a separate network broadcast by the device, then select your home Wi-Fi from a list, and so on. With WPA3’s new “Wi-Fi Easy Connect,” though, you’ll be able to connect a device by merely scanning a QR code on your phone. (WPA2 included a somewhat similar feature called Wi-Fi Protected Setup, but it contained a number of security vulnerabilities.)
  • Public Wi-Fi networks will be more secure. Current Wi-Fi standards are horribly insecure for open Wi-Fi networks (like the one at your local coffee shop). If a network doesn’t require a password, it’s passing on much of your data unencrypted, which means attackers sitting inside that coffee shop might be able to sniff out personal information. With WPA3, even open networks will encrypt your individual traffic, making them much safer to use.

WPA3 also includes stronger encryption for enterprise Wi-Fi, though most home users won’t have to worry about that. In fact, home users won’t have to worry about much at all — connecting to a WPA3-secured network is exactly like connecting to any other password-protected Wi-Fi network. You’ll just need to make sure your home router supports WPA3 and has it turned on.

When Will I Be Able to Use WPA3?

Manufacturers are already hard at work getting upcoming hardware certified for WPA3, but don’t expect to be using it next week. New products with WPA3 support will begin appearing in the coming year, but the Wi-Fi alliance doesn’t predict widespread adoption until late 2019.

Furthermore, it’s unclear how many older devices will get software updates to support WPA3. Some may, but there’s a good chance you’ll need a new router to use WPA3 — though with 802.11 ax on the horizon, you’ll probably want a new router anyway for the speed and signal improvements wireless AX provides.

Even then, though, your laptop, smartphone, and other devices will need to be WPA3-capable in order to take advantage of the new security features, so it’ll likely be a gradual change. Thankfully, the Wi-Fi Alliance will still support WPA2 for a while, and WPA3 will be backwards compatible with WPA2 devices in the meantime. So even if you have old devices, you’ll still be able to connect to newer WPA3 routers while you wait to upgrade all your gear.

Written by

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store