WPA2 or Wi-fi Protected Access 2, the default WiFi security standard that defends your wireless network against hackers has been around for over a decade. But even tried and tested security technology is not entirely foolproof. Last year Belgian researchers discovered a vulnerability dubbed KRACK in WPA2 security protocol that makes it possible for attackers to eavesdrop on your encrypted data when you connect to Wifi network. Boom. All your selfies, credit card info, passwords, usernames, phone number etc can be sniffed by a remote hacker.
Obviously patches were released by major tech giants, so the best thing to ensure that you are safe is always keep your computer and smartphone updated. However, the WiFi Alliance, the body that oversees the development of WiFi protocol announced WPA3, the next generation of WiFi security that fixes KRACK vulnerability, adds stronger security and introduces several other new features.
It’s common for users to ignore strong passwords composed of special characters, numbers and letters and instead go for easy to remember ones like “123password” or “Iloveyoumum”. Hackers have had a field day cracking these passwords within seconds. Now with WPA3, the WiFi Alliance hopes to “deliver robust protections even when users choose passwords that fall short of typical complexity recommendations” according to press release posted on their website. Obviously this is no excuse for using weak passwords for your WiFi network.
WPA3 standard also aims at simplifying configuration of devices that won’t have user interfaces which accept WiFi SSIDs and passwords. Think about new wave of wireless smart speakers for instance or microwaves, baby monitors, security cameras and a host of hundreds of sensors and IoT devices about to get released into the wild. These don’t have the luxury of big screens with keyboards where you can easily enter details of WiFi network before you connect.
Another feature coming with WPA3 is stronger security for WiFi open networks which don’t require users to first authenticate via the correct WiFi password. According the Alliance, the feature “will strengthen user privacy in open networks through individualized data encryption” .
Lastly WPA3 will bring Commercial National Security Algorithm (CNSA) Suite, a 192-bit security protocol to government, defense, and industrial networks. Obviously you can’t expect your bank’s WiFi network security to be the same as your home WiFi network which you use to stream cat videos from NAS drive to your TV.
“Security is a foundation of Wi-Fi Alliance certification programs, and we are excited to introduce new features to the Wi-Fi CERTIFIED family of security solutions,” said Edgar Figueroa, president and CEO of Wi-Fi Alliance. “The Wi-Fi CERTIFIED designation means Wi-Fi devices meet the highest standards for interoperability and security protections.”
WPA3 won’t immediately replace WPA2 just yet. You can expect WPA2 to still be supported for a long time as the new standard becomes to roll out in new routers by the end of year or early next year.