Blog
What is Passwork?
By Iliya Garakh, CTO in Security

What is WEP, WPA, WPA2 and WPA3?

These days, locking your door and protecting your WiFi network are almost the same in terms of their importance. Without any protection, hackers may access your network and your personal information, such as your bank data, via any of your connected devices, including your video doorbell. Modern WiFi routers utilise security protocols and encryption technologies to mask your sensitive data so that you can protect yourself. In order to select the proper security settings for your WiFi network, you must understand the differences between WEP, WPA, WPA2, and WPA3.

WiFi Encryption: What is it?

Nowadays, the majority of WiFi routers encrypt all the data sent by your connected devices, including your computer, smartphone, or smart home appliances. As a result, nobody else will be able to access any of your personal information without the decryption key since it will convert all of your data into "cipher text."

An encryption protocol can be compared to a combination lock. To unlock your data and decode it into plain text, you need the appropriate combination.

The WiFi Alliance, a nonprofit organisation that holds the Wi-Fi trademark, has certified all WiFi protocols. There have been four distinct encryption systems throughout the years: WEP, WPA, WPA2, and most recently, WPA3.

WEP

The WiFi Alliance approved the first wireless security standard, called WEP (Wired Equivalent Privacy), in 1999. The WEP standard was initially intended to offer security that was comparable to that of a wired connection, however several security holes were found over time.

WEP really offers "little to no protection, since WEP can be broken using publicly accessible tools," according to the FBI. The WiFi Alliance formally abolished WEP in 2004 as a result of these security concerns. It’s crucial to remember that utilising WEP is still preferable to employing no security mechanisms at all.

WPA

The WPA (WiFi Protected Access) standard was introduced in 2003 as a stopgap measure to take the place of the WEP standard. WPA employs Temporal Key Integrity Protocol (TKIP) to dynamically produce a different key for each data packet delivered, in contrast to WEP, which uses the same key for each authorised system.

The WiFi Alliance deprecated the WPA protocol in 2015 because it "no longer provides the level of security required to safeguard consumer or corporate WiFi networks" due to a range of uncovered security weaknesses.

WPA-PSK

A streamlined WiFi security protocol called WPA-PSK (Pre-Shared Key) was created for residential networks. Similar to WEP, it employs a static key to make things simpler, but the key automatically changes on a regular basis to stop hackers from breaking into your network.

WPA2

When we compare WPA with WPA2 (WiFi Protected Access Version 2), we can observe a substantial increase in security. WPA2, which was introduced in 2006, is identical to WPA but replaces TKIP with the more powerful Advanced Encryption System (AES).

The US government uses the same encryption standard, AES, to safeguard secret materials. With WPA-AES, relatively few security holes have been found, and the majority of them may be avoided through the use of a strong password.

Since WPA2 certification became required in 2006, any router produced after that year must support WPA2. When you connect an older device, WPA2 routers will still default to WEP, so be careful to turn off WEP on your router to close these security gaps.

WPA3

In 2018, the WiFi Alliance certified WPA3, the newest WiFi security technology. WPA3, the most recent network security protocol, enhances the security characteristics of WPA2 by introducing new ones.

For instance, WPA3 verifies authentication via a "handshake" between your network and any of your wireless devices. A gadget only allows someone to guess the WiFi password once if it is offline. This safeguard makes sure that the user must be able to view your router directly.

Even if WPA3-certified items are becoming more widely available, not everyone will have access to them. If your router is outdated, you may need to replace it or wait in the hope that your manufacturer releases an update that enables WPA3 usage.

What WiFi security protocol is the best?

The WiFi Alliance advises using WPA3 as your wireless security protocol if your router is compatible with it. However, if you have older devices connected to your network since WPA3 is still so new, you might need to utilise WPA2.

  • WPA3-Personal: The best security setting for home WiFi networks
  • WPA3-Enterprise: The best security setting for businesses
  • WPA2 (AES): The second-best security setting, available on more routers
  • WPA/WPA2-PSK (TKIP/AES): The best security setting for networks with older devices because it enables you to use both WPA and WPA2, but it is not available on most routers
  • WPA2-PSK (TKIP): Still usable, but it only provides you with minimal security
  • WPA-PSK (AES): An updated version of WPA that replaces TKIP with AES, but you should only use this setting if there are no better options available
  • WPA-PSK (TKIP): No longer considered secure
  • WEP 128: Risky
  • WEP 64: Highly risky, but better than having no security
  • Open network: No security at all

When you get a new WiFi router, the first thing you should do is create a strong, unique password for your WiFi network. The WiFi Alliance recommends that you use a password that is at least 8 characters long and contains letters, numbers, and special characters.

After you create a password, the WiFi Alliance also suggests that you change it at least once a year. You should also change your router’s login credentials, install an antivirus program, and update your router’s firmware.

A self-hosted password manager for your business

Passwork provides an advantage of effective teamwork with corporate passwords in a totally safe environment

Learn more