When setting up a Wi-Fi network, it is important to choose a good encryption key to ensure data security. WPA and WPA2 are the most commonly used protocols to prevent access by cybercriminals, who can collect information for illegal activities or install malware. But what are WPA and WPA2 anyway? Below, I will explain more details about these patterns.
Released in 2003, WPA addresses several vulnerabilities from its predecessor, WEP. This protocol is more secure because it uses a 256-bit key for encryption, a huge improvement over the 64-bit and 128-bit keys of the previous standard.
Another feature of WPA is the Temporal Key Integrity Protocol (TKIP), responsible for dynamically generating a new key for each packet or data unit, being more secure than the WEP fixed key system. However, this standard still delivers a low level of security.
The WiFi Alliance, the organization that establishes the Wi-Fi protocols, had to keep some elements of WEP in order for older devices to be compatible. Because of this, WPA has loopholes that can be exploited quite easily.
To solve the problems, the organization introduced the WPA2 protocol in 2004. The new standard is easier to configure and delivers a more complex security system. The big difference is in the Advanced Encryption Standard (AES), which has replaced TKIP.
This technology has improved the level of security to the point where it is used to protect government information. That is, WPA2 provides strong encryption. However, it has a critical vulnerability: if an unauthorized person gains access to the network, they can attack other connected devices.
Differences between WPA and WPA2
|Cryptography||Temporal Key Integrity Protocol (TKIP)||Advanced Encryption Standard (AES)|
|Support||Devices with older software||Devices with latest software|
|password length||short||long and complex|
WPA3 was released in 2018 to fix vulnerabilities from previous versions. It brings an encryption system called Perfect Forward Secrecy and a number of improvements, such as new features to simplify security, stronger authentication, and greater cryptographic strength.
However, this standard has not yet been widely adopted. There are routers with WPA3 on the market, but they tend to be more expensive. In addition, although manufacturers provide the update that delivers the new protocol, not all models sold officially have hardware capable of supporting it. In other words, WPA3 is not an option for most people, at least not yet.