• Identity 101
  • WPA3 Security: Benefits, Vulnerabilities & Comparison to WPA2

WPA3 Security: Benefits, Vulnerabilities & Comparison to WPA2

Learn how Adaptive Multi-Factor Authentication combats data breaches, weak passwords, and phishing attacks.
Read more
Okta
Updated: 07/14/2023 - 1:04
Time to read: 3 minutes

Are you using Wi-Fi to read this article? Your router follows a set of protocols dictating connections, speed, and more. A WPA3 router could offer more

WPA3 devices explained

The Wi-Fi Alliance released WPA3 in about 2018. The new rules build upon protocols released in WPA2, which companies have used since 2004.

The Wi-Fi Alliance exists to develop new technologies, programs, and requirements that make Wi-Fi safer and easier for everyone. The company's protocols are typically released to great fanfare, and manufacturers need a year (or two) to make their products compatible.

While everyday users may have no idea that WPA3 exists, they may begin to see the phrase when they're shopping. To upgrade, users will need to buy new WPA3 routers.

With a new router in hand, people must then configure their devices. Some companies, including Apple, offer straightforward support to help users connect to their new WPA3 routers without losing functionality. Even so, converting can be somewhat tricky, and it's wise for everyone to back up sensitive data before they get started. 

Some people may opt to stick with old routers, and that's acceptable. The Wi-Fi Alliance plans to support and update WPA2. But the new rules come with plenty of benefits, including:

  • Secure handshakes. In old WPA protocols, a device and router connected via a pre-shared key. Unfortunately, this authentication method is relatively easy for hackers to break via brute force attacks. In WPA3 encryption, devices use so-called Simultaneous Authentication of Equals (SAE). It's much harder to eavesdrop passwords, and that could keep devices safer.
  • Enhanced encryption. WPA3 protocols call for GCMP-256 encryption rather than 128-bit encryption used in prior versions. It's much harder for one user to snoop on someone else's traffic with this method.
  • Stronger protections. A user can make one offline password guess. Brute-force attacks, in which a hacker uses hundreds of tries, aren't possible.

Given these benefits, some people may opt to upgrade routers to keep their work safer. And companies that offer Wi-Fi as a perk may upgrade their devices to keep customers and employees safer and happier. 

WPA3 security shortcomings

Chances are, the old router you're using relies on WPA2 protocols. Those rules have security limitations, including a hacker's ability to guess your password. Changing to the new system may help, but it won't provide perfect protection. 

WPA3 shortcomings include:

  • Ongoing security risks. Shortly after WPA3 was released, researchers discovered a flaw that exposed network passwords. More coding problems may lurk within the new protocol.
  • Poor support. Even if you buy WPA3 routers, you may not be able to connect unless your devices also support the protocols. Older computers and smartphones may not.
  • Enhanced cost. Companies may balk at the bills associated with new system-wide routers. 

Remember that WPA3 isn't foolproof. Don't develop a false sense of security, especially if you're working with sensitive information. Proceed carefully, and lean on tried-and-true systems, such as a VPN, when you need remote access. 

If you're not sure what a VPN is and how it can protect you (especially if you also use multi-factor authentication), check out our blog.  

References

Who We Are. Wi-Fi Alliance.

Recommended Settings for Wi-Fi Routers and Access Points. Apple.

Flaws in Wi-Fi's New WPA3 Protocol Can Leak a Network's Password. (April 2019). PC Magazine.