Wi-Fi Protected Access 2 (network security technology) is commonly used on WiFi wireless networks. It is an upgrade to the original WPA technology. This was originally designed to replace the less secure WEP. WPA2 can be used on any certified Wi-Fi hardware that has been in use since 2006. It is based upon the IEEE 8002.11itechnology standard to data encryption.
WPA2 can be enabled with the strongest encryption option. This means that anyone within the range of the network may be able see the traffic but it is encrypted with the most current encryption standards.
In 2018, WPA3 certification was established. WPA3 was the first significant Wi-Fi security enhancement since WPA2 in 2004. The new standard provides a 192 bit equivalent security layer. It replaces the preshared key exchange (PSK), with an SAE exchange (Simultaneous authentication of Equals).
Frazer Hudson / Getty Images
WPA2 vs. WPA2 and WEP
It can be confusing to look at the acronyms WPA2, WPA2 and WEP. These seem so similar it shouldn’t really matter which one you choose to protect your network. But there are some differences.
WEP is the least secure, providing security comparable to a wired connection. WEP broadcasts messages via radio waves and is easy for hackers to crack. Because every data packet uses the same encryptionkey, this is possible. Automated software can locate the key if enough data has been analyzed by an attacker. This usually takes less than a minute. Avoid WEP.
WPA is a better alternative to WEP because it uses the TKIP encryption method to scramble encryption keys and verify they haven’t been modified during data transfers. WPA2 is more secure than WPA , but WPA2 requires a stronger encryption method known as AES.
There are many types of WPA2 security keys. WPA2 Preshared Key keys are 64 numbers long. This method is often used on home networks. Many home routers can interchange WPA2 PSK or WPA2 Personal mode – these refer to the same technology.
AES vs. TKIP Wireless Encryption
You can choose from two encryption methods when you set up a WPA2 home network: Advanced Encryption Standard or Temporal Key Integrity Protocol.
Administrators can choose from many combinations of home routers:
- WPA without TKIP (WPA–TKIP) – This is the default option for older routers that do not support WPA2.
- WPA with AE (WPA-AES ) AES was introduced in before the WPA2 standard was finalized. However, few clients were supportive of this mode.
- WPA2 with ES (WPA2-AES ) This is the default option for routers older than a year and the preferred choice for networks that support AES.
- WPA2 with TKIP and AES (WPA2-AES/TKIP) Routers must enable both modes if clients don’t support AES. WPA clients are not supported by most WPA clients, but all WPA2 clients that can support AES.
WPA2 Limitations
WPA2 and a separate feature, Wi Fi Protected Setup, are supported by most routers. WPS was created to make setting up home network security easier, but flaws in its implementation limit its utility.
WPA2 or WPS are disabled. An attacker must determine which WPA2 PSK the clients use. This is a tedious process. To reveal the WPA2 keys, an attacker will only need to find the WPS pin to clients with both features enabled. This is an easier process. Security experts recommend that WPS be disabled for this reason.
WPA2 and WPA3 can sometimes cause interference on routers that have both WPA2 and WPA3. This can lead to client connection failures.
WPA2 can cause network connections to be slower due to the additional processing load of encryption/decryption. WPA2 has a negligible impact on performance, especially when compared to the higher security risk associated with WPA and WEP or no encryption at all.
