The Wi-Fi Alliance, an organization working together to ensure quality and consistency in Wi-Fi technology, made up of companies such as Apple, Intel, Microsoft, etc. (a full list of member can be viewed here) has approved WPA3 as a new standard for encrypting Wi-Fi to mitigate new security issues that might be present with a weak password and simplifying setting up Wi-Fi devices.
When setting up your Wi-Fi, you can set up a WEP, WPA or WAP 2 security. WPA3 adds a 4rth option to that list and there are many reasons you should be using it if it is available for you. Each security protocol has included security improvements over the previous. WPA3 is also the most significant upgrade in the security protocol for Wi-Fi in over a decade.
Your Wi-Fi might be broadcasting your data without you even realizing it. This can include a network drive, printers, IoT devices and even phones, tablet and computers. If your Wi-Fi password is still defaulted or weak, you might be inviting malicious attackers. We depend heavily on the internet and our Wi-Fi to always be working – make sure your home network is protected.
Don’t expect there to be a cybersecurity fairy that will come and improve the security of your Wi-Fi and Wi-Fi enabled devices. This will be a multi-year process which starts with buying a new router that supports WPA3, although more modern routers will be going through an update to include WPA3. Older Wi-Fi enabled devices also might not be able to support WPA3; fortunately WPA3 is backwards compatible and will work with devices that only support WPA2 (in the case you want to connect your Sony PSP-1000 to your new Wi-Fi).
The new security features in WPA3 include protection against offline password guessing attacks. This technique is when a malicious attacker captures data from your Wi-Fi, then tries to guess the password afterwards. Previously they had an unlimited amount of tries to guess your password and see the data they recorded from your Wi-Fi. In WPA3, malicious attackers will only get one try to guess the password of offline data; then the data is destroyed. An attacker will still be able to make assumptions while interacting with a live Wi-Fi, but the risk is much lower as they need to be in proximity of the Wi-Fi signal and devices have safeguards to protect against repeat password guesses.
Another significant security addition to WPA3 is forward secrecy. This handshake means even if your password gets compromised, the attacker won’t be able to access data from before he was able to log in. In this case, the Wi-Fi has been compromised, and a malicious attacker will be able to see new data movement on the network, but nothing from before.
Open Wi-Fi networks such as those at a coffee shop, mall, airport, etc. aren’t encrypted and can be incredibly risky to connect to. (In a previous blog I talked about using a VPN to protect your data when accessing the internet on an open Wi-Fi network – What is a VPN and why you need to care). WPA3 has constructed a Wi-Fi Certified Enhanced Open protocol that uses Opportunistic Wireless Encryption (shortened to OWE) to create a secure connection between you and the open Wi-Fi network using a unique key. This is a massive upgrade to your security when it comes to connecting to a public Wi-Fi network, but you should always be vigilant and exercise caution when connecting to an open Wi-Fi. Criminals can set up open Wi-Fi networks and trick people into joining them.
Internet of Things
One of the big reasons for this security advancement is because of the widespread use of IoT devices that are connected to Wi-Fi networks. There has been a massive boom of connected devices in the past few years. Today you can buy everything from an internet connected refrigerator, door lock, smart speaker, and more, for home use and business (IoT has become a trend in agriculture, healthcare, hospitality and other markets). If you’ve ever tried connecting one of these devices to your Wi-Fi network it can be complicated and confusing. The WPA3 upgrade to Wi-Fi adds a new way to connect to your home network, with a QR code called Wi-Fi Easy Connect. Just scan the QR code, and your device is connected.
Many of the Wi-Fi Alliance members have already started implementing compatibility into their devices in preparation for the launch of the WPA3 bundle. Wi-Fi security just got better; it is especially needed at this time where Wi-Fi seems to be a significant vulnerability to our cyber hygiene.
As updates start to be rolled out for WPA3, make sure you can and know how to update your router. For some you might need to read the manual for your specific router to find out how to check for updates. If your router is included with your internet/cable package, you might need to call your service provider.
If your enterprise needs to refresh its Wi-Fi network or would like to create a more secure open Wi-Fi for your customers, Next Digital can help. We have proven experience in setting up and maintaining networks in small and large enterprises. We work with you to find the best solution to match your business goals, and we help with procurement of the best technology for your business. Contact Next Digital today, and we will be able to find a solution for you.
TL;DR – WPA3 means better security at home and for enterprises, safer access to open WiFi networks, an easier way to connect smart home devices, and devices compatible with WPA2 will still work on WPA3. You might need to upgrade your router and some of your devices to reap the benefits.