Anyone who has ever set up a router is probably familiar with Wireless Protected Access, or WPA encryption. Now the stage is set for WPA3, an improved Wi-Fi security protocol that brings improved security to network devices.
At CES on Monday, the Wi-Fi Alliance announced WPA3, whose improvements will slowly roll out during 2018 in new devices. The Alliance also announced several improvements to the current, but aging WPA2 spec (in place since 2004), to secure it while WPA3-compliant devices move into the market.
WPA's chief improvements include individualized data encryption, so that hackers lurking on public Wi-Fi networks will find it more difficult to listen in on your wireless communications. More importantly, WPA3 also enforces interaction with the network when a password is entered, signalling the hotspot or router that someone is trying to guess your password and enabling limits to be placed on the number of guesses.
Without the protections enabled by WPA3, attackers could simply retry common passwords, such as "123456," until the router or hotspot let them in. With WPA3, the router could be configured to restrict access or even notify you that an attacker (or just a nosy neighbor) was trying to access your network.
WPA3 also contains a 192-bit security suite, aligned with the Commercial National Security Algorithm (CNSA) Suite from the Committee on National Security Systems, to help protect government and other secured networks, the Wi-Fi Alliance said.
The Wi-Fi Alliance also formalized some best practices in securing WPA2, according to Dark Reading, a networking site. Now, Wi-Fi companies will be required to submit to tests ensuring that their products behave responsibly when using security protocols, and that they standardize on 128 bits of encryption when connecting.