Today, a little over five months after it was announced in January, WPA3, a new Wi-Fi security protocol and the successor to WPA2, is finally official.
The Wi-Fi Alliance, the nonprofit organization that certifies Wi-Fi networking standards, has introduced a certification program for the two forthcoming flavors of WPA3 — WPA3-Personal and WPA3-Enterprise — alongside Wi-Fi Easy Connect, a new program that simplifies the process of pairing Wi-Fi devices without displays.
WPA2 is the current standard of Wi-Fi protection on most existing routers in the market. It’s been around since 2004, and although bugs and exploits for it have cropped up over the years, it’s been an enduring and effective standard of protection.
The new WPA3 standard brings over enhanced protections against offline, password-guessing attacks. Should a hacker capture your Wi-Fi data to use it offline in an attempt to guess passwords over and over, WPA3 will render that data useless and only allow a single guess.
New WPA3 networks will also prevent attackers from compromising old data with the help of a new attack. If a hacker captures your Wi-Fi stream and manages to find the password, he or she won’t be able to read older data.
Finally, a feature called Easy Connect will let you connect the smart, Internet-enabled home gadgets to Wi-Fi that don’t have any buttons or screens. A simple scan of a QR code found on a compatible product will be enough. That’s all great for the future of home networking, but you’ll have to wait for compatible hardware to take advantage of it.
The two new iterations of WPA3 share a number of features, such as the latest security methods and the non-acceptance of legacy protocols, but each mode of operation also contains additional capabilities that take into account differences between the usages of, and requirements for, home versus enterprise networks.
WPA3-Personal is optimized for smaller, one-password networks in homes and apartments, and has an authentication mechanism that’s resistant to what’s known as a dictionary attack, in which hackers intercept traffic between a client and Wi-Fi router and use a graphics card or cloud computing service to iterate through all possible passwords.
WPA3-Enterprise, a protocol intended for large-scale Wi-Fi deployments in corporate environments, offers a slightly different set of protections: a 192-bit security suite that’s aligned with the Commercial National Security Algorithm (CNSA) Suite from the Committee on National Security Systems.
It is expected that WPA3 will roll out over the next year to early adopters and will take several years before the majority of devices support the new protocol.
