WPA3 is the next generation Wi-Fi standard that will replace the current WPA2 standard. The protocol has been announced in response to the ever0changing landscape of Internet enabled devices, along with the advancement of intelligent threats to data security and integrity.
The Wi-Fi Alliance has started to certify products that can use WPA3 along with major manufacturers like Qualcomm and Cisco, who are ready for the switch with new chips and support for existing products.
WPA stands for Wireless Protected Access. It is essentially to the security standard that governs the protocol a router and device use to communicate. As complicated as that sounds, it is the method by which they “handshake” to securely connect. WPA2 introduced strong AES encryption which is harder to crack. This means the Wi-Fi access point, like a router and your device, phone or laptop can communicate without being easily snooped on.
The WPA2 standard was introduced in 2004, and as technology has progressed, so must security.
- WEP: Original IEEE 802.11 standard ratified in 1999
- WPA: draft IEEE 802.11 standard available since 2003
- WPA2: full IEEE 802.11i standard available in 2004
- WPA3: Available in January 2018
The main benefits of WPA3 over older standards roughly divide into three key areas as follows.
Privacy over public Wi-Fi networks has become a problem that cannot be ignored. Free, open Wi-Fi such as coffee shops and airports are inherently insecure. Traffic can be snooped on easily. Anything that is passed through that network via HTTP, but not HTTPS, can be observed with freely available tools. This is, of course, illegal, but criminals know that the chances of being caught are slim in that kind of environment.
WPA3 introduces data encryption that will be individual. So, if I connect to the Wi-Fi at my local coffee shop, and you do also, we have our own level of encryption that will be applied, even if we didn’t verify with a password. That’s not to say it is an “auto encryption,” per se, but it will mean that less tech-savvy users have a level of protection they may not otherwise be able to apply.
Following on from the concept of individual encryption, the “handshake” discussed above will be stronger. Even users who use a weak password will benefit from the new standard. Dictionary attacks will no longer work, and while these standards have existed for a while, they are now mandatory for WPA3 device certification.
Devices like Amazon’s Alexa and Google Home give a range of options for users to enjoy enhanced services. An issue is that these smart devices often have no display which makes their connection cumbersome. WPA3 promises to make this easier, although the exact details are still to be finalised. It is similar to the WPS standard which allows a single push button to pair devices.
When Will WPA3 Be Released?
As of this post, it should be available now.
WPA3-certified devices are being released, and older devices are receiving firmware updates.
The biggest problem is the glacial-like speed with which companies and service providers introduce the new standard. Realistically, it will take perhaps a few years or more before users see wide adoption that allows both routers and devices to communicate without issue.
There is also the factor of user education so that WPA3 becomes common, just as WPA2 replaced WEP. Manufacturers also need to make it clear what devices support what standard.
In the short term, all technology will be subject to bugs and flaws. Until these are patched and WPA3 becomes widespread, public Wi-Fi users, and even home users, can elect to protect themselves with a VPN to provide an additional layer between their data and prying eyes.
How do you feel about WPA3? Will it make things more secure or cause more confusion? Also do you use a VPN or other ways to protect your data? Let us know in the comments section.