Ready to Start Your Career?

A Quick Breakdown of WPA3

fl00dz 's profile image

By: fl00dz

September 26, 2018

Let's Get Ready for WPA3!As with all WiFi Standards in the past such as WEP, WPA, and WPA2, WPA3 is focused on security. Mostly benefiting the end-users with weak passwords (hopefully this will not make end-users think having a weak password is okay). It will also prevent brute force attacks, and even give us new ease of use Smart Device setup feature. All of these new features will be discussed below.A new standard called Simultaneous Authentication of Equals will be implemented in all WPA3 devices. What exactly is this? Well, in the past with WPA2, a malicious threat actor could quickly capture a handshake between their PC and the access point, and then head home to crack the handshake on their super PC. Now, a threat actor will need to be interacting with the access point to attempt to break it. Meaning they would have to sit in their car in an attempt at cracking the key. Not only that but now there will be a limit on password attempts. The deadline will be one attempt per interaction. Meaning that running a dictionary attack and cycling through 5000 passwords a second will be a thing of the past. This is why weak passwords won’t necessarily be considered stable now, but will most definitely be time-consuming. End-users should still implement best practice of creating unique and randomized passwords for the best security.My personal favorite feature is Individualized Data Encryption. Sounds a lot like a VPN, right? Well, it works in virtually the same idea. This new standard will protect end-users on any open network that is utilizing WPA3, much like a VPN. This is implemented by assigning an individual key to each user on the network, essentially encrypting all their data in transit. Even on open systems.WPA3 will also be 192-bit encryption vs. 128 on WPA2. I’m not going into much detail about this as it’s self-explanatory really. This just simply means it will be safer. Easy enough, right?!Finally, for those that have an array of IoT devices such as Roombas, Smart refrigerators and smart lights, there is an ease of use function built into WPA3 called Easy Connect. This is much like WPS, minus the vulnerability to key attacks. This feature will allow devices without screens, to be more easily connected to your network. For example, smart light bulbs typically create their own network. You would usually connect to this network, download the app and configure the device to connect to your home network. With WPA3, devices will use NFC to learn your WiFi home password from your smartphone! Meaning you can easily setup the new device just by putting it near your phone. Science!
  • When can we see these new WPA3 devices? We're not entirely sure yet. Although, we can most likely see some devices come out with WPA3 functionality this year!
  • Will my current router be WPA3 capable? This hasn't been entirely answered yet either. We can most likely see a firmware update pushed to some devices, but not all.
There you have it! Personally, I'm really excited for WPA3 and I think it's just what's needed to protect end-users.
Schedule Demo