IT Security Outsourced IT

Wi-Fi Protected Access

What is Wi-Fi Protected Access?

Wi-Fi Protected Access (WPA) is a security standard for computing devices with wireless internet connections. The Institute of Electrical and Electronics Engineers (IEEE) published standards for creating a network in which machines can connect wirelessly in 1997. WPA was developed by the Wi-Fi Alliance to provide better data encryption and user authentication than Wired Equivalent Privacy (WEP), which was the original Wi-Fi security standard.1 Since the late 1990s, Wi-Fi security types have gone through many updates and evolutions:

WEP. WEP was the first security protocol to secure data on wireless networks. The goal of WEP is to secure wireless communications by encrypting them, and to prevent cyberattacks. WEP encrypts web traffic using 64- and 128-bit encryption keys which provide a connection to a wireless-security-enabled network. WEP uses static keys- each authorized system on the same network receives and exchanges encrypted messages using the same key- ensuring the content of the messages remains hidden from intruders who do not have the key. Over time the security of WEP has declined, as more security flaws were discovered by cyberattackers. Therefore, WEP is no longer recommended by cybersecurity experts.

WPA. WPA was released in 2003 and is an improved encryption standard for Wi-Fi network protection. It was developed for better data encryption and user authentication on wireless networks and addressed the static key vulnerability found in WEP. WPA uses the Temporal Key Integrity Protocol (TKIP), which generates a new key for each packet transmitted over the network. TKIP prevents intruders from creating their own keys that match the one used on the wireless network. WPA uses a 128-bit encryption key and includes message integrity checks to determine if a cyberattacker has intercepted and altered data packets. Cyberattackers have also found ways to exploit WPA.

WPA2. WPA2 was released in 2004 and is an improved version of the WPA wireless security protocol. WPA2 has been widely adopted and is considered the industry standard for securing Wi-Fi networks. Most routers and Wi-Fi connections use WPA2. Its main improvements include stronger encryption and robust authentication.

WPA3. WPA3 was released in 2018, and it is the latest and most secure Wi-Fi Protected Access security protocol. WPA3 adds extra security to both personal and enterprise models, addresses a WPA2 vulnerability discovered in 2017, and provides stronger data encryption, simultaneous authentication of equals (SAE) protocol, and improved brute force attack protection. Drawbacks of WPA3 include device incompatibility, lack of infrastructure support, protracted transition period, and lack of user awareness.

1 Wi-Fi Alliance, 2023, “20 Years of Wi-Fi”

2 Slekyte, 2023, “WEP, WPA, WPA2, and WPA3: Differences explained”