Differences between WPA, WPA2 and WPA3 in Wi-Fi security

Thanks to Wi-Fi, devices such as smartphones, tablets but also TVs and consoles have been able to integrate increasingly advanced features, benefiting from the advantages of the Internet without being slaves to a cumbersome cable.

However, the absence of the wire has opened up an important security “chasm” when it comes to controlling the devices that we can connect to our modem: without adequate protection anyone can exploit the personal wireless network to surf the Internet without paying anything and making the civil and criminal responsibilities fall on us (if the freeloader downloads music and films illegally through our network, the competent authorities will take it out on us).

In the following guide we will show you how to protect our wireless networkdiscovering what the acronyms mean to identify the most famous security protocols (WEP, WPA, WPA2 and WPA3), so as not to find ourselves unprepared and “exploited” by smarter people.

READ ALSO -> Router settings for wifi network security

1) WEP security

The first form of protection that we can apply to our Wi-Fi network is WEPa fairly old and obsolete security protocol that offers only minimal protection against unwanted intrusions.

In the early days of Wi-Fi it was one of the most used but the methods for violating it have grown like hotcakes (complete with detailed guides) and now it is possible to illegally obtain the WEP access password in just a few secondseven from a mobile phone!

So using WEP security is like having no security at all: we will only keep away users with little IT knowledge while anyone who knows how to use the Internet a little will steal our access password and use our connection without problems, even with a long password.

2) WPA security

Precisely to respond to the vulnerabilities of WEP, a much more effective protection protocol was born, namely WPA.

WPA is more difficult to crack and still allows you to obtain a good level of protection in all use scenarios, in particular by choosing a fairly long password and modern encryption (such as AES). For domestic use refer to WPA-PSKi.e. access via keyword (to distinguish it from WPA-Enterprisewhere a server and a valid certificate is required for each connection).

WPA remains susceptible to dictionary attacksi.e. those hacker attacks in which the attacker uses a database of common words to guess the password used by making numerous attempts in a second (the speed depends on the power of the PC used for hacking): if we use WPA it is better to choose a very long password (at least 20 characters) and that it does not contain any reference to names, people, dates, birthdays or any words that can be indexed in a dictionary.

WPA has been replaced by WPA2 but remains available to connect old Wi-Fi devices not compatible with the new protocol, it is no coincidence that many modern routers offer the mixed WPA/WPA2 security: if the connected device is recent the modem will always use WPA2, otherwise it will use WPA to obtain maximum compatibility.

3) WPA2 security

Currently the most effective protection system for any Wi-Fi network is WPA2. Born as an evolution of WPA, it offers a very high level of encryption (it uses AES and CCMP automatically) and it is less sensitive to dictionary attackswhich makes it the best “lock” we can put on our wireless network.

For domestic use refer to WPA2-PSKi.e. access via keyword (to distinguish it from WPA2-Enterprisewhere a server and a valid certificate is required for each connection).

WPA2 should be the starting point for choosing a home Wi-Fi network without too many demands, even more so if we are not surrounded by too many users. If we have some older devices still working we recommend adopting the mixed WPA/WPA2 security (our modem/router will choose the best protection based on the device requesting the connection).

4) WPA3 security

To further mitigate dictionary attacks, a dictionary was created the latest evolution of the WPA protocolor WPA3. WPA3 provides modern encryption methods (SAE), which make it nearly impossible to launch dictionary attacks without precise network conditions.

Security features such as i Protected Management Frames (PMF)which guarantee a secure exchange of data during the initial notification phase (always very vulnerable), thus making the initial connection phase between two devices (Handshake) inviolable.

WPA3 allows for fast access even without entering any passwordbut using a codice QR.

Modems and routers that support WPA3 usually use the mixed protocol WPA2/WPA3so as to be able to connect any device put on the market without support for the WPA3 protocol (i.e. the majority) and guarantee maximum security for devices created with WPA3 support.

5) Change Wi-Fi security

Now that we know what the various acronyms for wireless protection mean, let’s find out how to quickly change the type of protection. This modification can only be made on the modem/router control panelso before proceeding we will need to access this panel.

In most cases it is sufficient to open a browser on a device already connected to the network and type one of the following addresses in the top bar:

• 192.168.1.1
• 192.168.0.1
• 192.168.1.254

We will then have access to the modem login screen and, after entering the username and password (if we have never changed the credentials they are usually admin/admin), we will have access to the configuration panel.

From the configuration panel we look for the section Wi-Fi, Wireless, Wireless Settings or Wi-Fi Security (the names change based on the model of modem or router you have) to change the type of protection applied to our Wi-Fi network, choosing WPA2/WPA3 o WPA2-PSK.

If we have a dual band Wi-Fi modem (which also transmits on 5GHz) we will have to make the same change for the other frequency too, so as to always have maximum protection whatever the network used.

For further information we can read the article on how to enter the router to access the settings easily.

6) What Wi-Fi protection are we using?

We don’t know what type of Wi-Fi protection we are using for the network we are connected to? If we use a public hotspot, knowing this information will allow you to understand whether the data you are exchanging with the router is safe or not.

To quickly check the type of Wi-Fi security of the network used or nearby networks we can use a free app for Android Wi-FiAnalyzer.

Once the app has been installed, simply open the section reserved for Access Points to find out the protection adopted by the network to which we are connected and the protections adopted by nearby networks.

If instead we wanted to carry out this check from the PC just right-click on the wireless icon at the bottom right (on Windows 11 and Windows 10), click on Network and Internet settingspress on Property and check the safety protocol used in the field Security type.

Conclusions

Using WPA3 is the best choice from a security point of view but many devices sold in recent years only support WP2; it is therefore better to use mixed protection WPA2/WPA3 and accompany it with one very strong passwordas also recommended in the guide on ways to create secure, easy-to-remember passwords.

If we want to change modem and choose one that supports WPA3 we can purchase the TP-Link Mercusys MR60X o l’AVM FRITZ!Box 7590 AX Edition International; other interesting modems can be seen in the ai guide best Modems of the moment (fiber, dual band, wireless AX).