WEP or WPA?
October 03, 2022
It so happens that wireless networks are more vulnerable to cyber security threats than wired ones meaning they need more robust and user efficient security and safety. A particular non-profit organization, the Wi-Fi Alliance, also owns a Wi-Fi trademark to oversee the implementation and regulation of Wi-Fi security protocols.
There are currently four different types of security protocols, some of which are quite obsolete and others still widely used by Wi-Fi routers around the world. They are WEP, WPA, WPA2, and WPA3.
The principle by which all security protocols work is to encrypt the transmitted data so that for some intruder, it won't be recognizable or readable if intercepted. With the help of encryption, key protocols mash up the data to prevent its interception.
But still, the question is what those abbreviations all mean and how they work concerning securing your Wi-Fi router. Each of the abbreviations stands for the following terms:
- WEP — Wired Equivalent Privacy;
- WPA/2/3 — Wi-Fi Protected Access.
To know more about each of the terms, read the following paragraphs below.
What Does WEP Mean?
This protocol became the very first of its kind to be created to secure Wi-Fi security. In September 1999, Wi-Fi Alliance put it to work. Initially, the protocol's key was 64-bit because of the US restrictions on exporting cryptographic technologies. Later, the protocol received 168-bit and 256-bit sizes a key.
The most common implementation of key size, though, remains to be the 168-bit size. But in 2004, the protocol was stopped from being revised because of its evident ineffectiveness against much more increased computing powers. So instead, the WEP protocol was substituted by WPA, which took more from it.
Specialists advise that systems that still use WEP security protocol should be upgraded, or the device needs to be changed if it's not possible.
What Does WPA Mean?
Next, after WEP proved its apparent ineffectiveness with numerous vulnerabilities found, WPA came to replace it. This security protocol had much better authentication and encryption features.
In contrast to WEP, the protocol used two technologies different from Wireless Equivalent Protection. They were advanced encryption standards and temporal key integrity protocols. In addition to them, WPA supported built-in authentication, which WEP didn't.
All WEP devices can upgrade to WPA, but some security implementations will fall to the WEP level. The thing will happen to all connected devices. Unfortunately, some security implementations will fall to the WEP level. But WPA is better than WEP.
Currently, the most preferred security protocol for Wi-Fi routers. In 2006, it replaced WPA and became the most widely used.
The protocol uses user-based password protection that eliminates the possibility of unauthorized remote access. You don't need to go straight up to your router and upgrade it to WPA2 because chances are this security protocol is already in place.
But if the situation might be different, check your Wi-Fi router security protocol by signing into your router via browser or, if it has a mobile app, then via the app. In the same way, you can change your Wi-Fi password.
What Does WPA3 Mean?
This security protocol is the last generation of them. The security level gets higher than the WPA2, although the security protocol supports backward compatibility. But as we already mentioned, reversing the old security protocol doesn't come without drawbacks.
Cybersecurity specialists think the protocol will dominate others because of its more up-to-date security measures against present cyber threats.
The WPA3 security protocol has 3 primary forms:
1️⃣ Wi-Fi Enhanced Open Mode.
Encrypts traffic on open networks where password is not used;
2️⃣ WPA3 Enterprise Mode (WPA3 ENT).
The same as with WPA2 ENT, this security protocol also needs a management frame protection to be in place. There also exists another stronger 192bit version of this variant;
3️⃣ WPA3 Personal (WPA-3 SAE) Mode.
This variant provides security when the set password is weak.
Besides having different variants for different security measures, the WPA3 security protocol offers some key features that help to improve the security of Wi-Fi router much better even for WPA2:
- Transition mode
The feature allows to switch back to WPA2 if a device doesn't support WPA3;
- Simultaneous Authentication of Equals (SAE)
This particular feature prevents brute force attacks. If some password doesn't respond to password complexity requirements, the feature will provide needed security;
- Management Frame Protection (MFP)
This feature doesn't allow illegitimate deauthorization of clients from the network. Namely, it counteracts man-in-the-middle attacks or IDS/IPS systems efforts to force clients out.
How To Protect Wi-Fi Home Network?
In addition to having the appropriate Wi-Fi security protocol, you also need to follow some critical cybersecurity tips concerning your Wi-Fi network security:
💡 Turn off the remote administration feature.
If you don't need this feature regularly, it would be better not to have it turned on. Because it's one of the common ways for threat actors to get your wifi settings and change them without you. See the administration section of your router to change this setting.
✨ Turn on MAC address filtering.
This setting will allow you to restrict devices connecting to your home network, giving permission only to those you registered. In such a way, you can enable additional security measures for your network.
🧱 Enable Firewall.
Most wifi routers have in-built firewalls, but sometimes they can be turned off. Make sure you have one in place and it's not disabled. Firewalls protect against network attacks from threat actors.
🏠 Place your router in the center of your home.
An obvious thing to do. If any hacker doesn't have access to your wifi router signal, they can't attack you by intercepting the signal. Don't place your router near windows or doors and make threat actors' life easier.
🔁 Regularly update the router firmware.
While some routers have the auto-update feature - most of them won't, so make sure your router firmware is updated. Because if there's any vulnerability found, threat actors will likely try to exploit it.
🔕 Hide your network from being seen by everyone.
You can use a unique feature to help you hide your network from people in the surrounding area. Changing your network's default name will make it harder for threat actors to hack into your network. Because every router has assigned by the manufacturer its SSID (Service Set identifier) and you can change it and make your network invisible.
❗ Don't use the default password and username.
Just saying that anything default can be easily looked up on the internet, and that's the first thing that threat actors will try to do. So be creative and make up your complex and strong password that no one outside your network will easily guess. The same goes for username - also, don't make it something obvious. A quick reminder that your strong password should consist of letters of all registers, numbers, and various characters.