A new security protocol for wireless internet access known as Wi-Fi Security Protocol 3, or WPA3, has been certified and router manufacturers are looking at ways to enable it on existing hardware. While the new standard has been accepted for use in a variety of new hardware, it’s hoped that it can be adopted by routers already in the homes of millions of users, to help better protect their in-home Wi-Fi connections.
WPA2 is the current standard of Wi-Fi protection on most existing routers in the market. It’s been around since 2004, and although bugs and exploits for it have cropped up over the years, it’s been an enduring and effective standard of protection. In January 2018, however, the collection of companies that manages wireless development, known as the Wi-Fi Alliance, announced the new WPA3 standard. It promises to improve security and make it easier to set up wireless devices without a display.
For individuals in the home, WPA3 provides more robust protection for devices by safeguarding passwords — even if they aren’t the most robust. It also leverages “Simultaneous Authentication of Equals,” which protects passwords during transmission between devices to prevent credential snooping during a login. Enterprise users will be able to enjoy stronger encryption over Wi-Fi networks through a number of cryptographic tools.
Connecting internet of things (IoT) devices should be a lot easier with WPA3 too. It introduces “Wi-Fi Certified Easy Connect,” which allows users to connect a device without a display to the network using a companion device like a smartphone. All a user has to do to get the device to connect is scan a QR code.
All of this means that WPA3 is more secure and easier to use than its predecessor, but the question remains of how many device manufacturers will retroactively add support for it to routers that have already been sold. CNET suggests that a number of them are looking into it, specifically citing Cisco as being particularly interested in adding that security to older devices.
None of these security improvements should take away from the importance of personal security though. We would always recommend you use strong, unique passwords. Find it hard to remember them? Use a password manager!