🌐 Networking Intermediate

What is WLAN security (WPA2 vs WPA3)?

Answer

WPA2 (Wi-Fi Protected Access 2) has been the standard wireless security protocol since 2004. WPA2-Personal uses a Pre-Shared Key (PSK) — everyone uses the same password; WPA2-Enterprise uses 802.1X with a RADIUS server for individual user authentication. WPA2-AES (CCMP) is secure; WPA2-TKIP is deprecated and weak. Major WPA2 vulnerability: KRACK (Key Reinstallation Attack) — allows decryption of traffic through manipulation of the 4-way handshake. WPA3 (2018) addresses WPA2 weaknesses: SAE (Simultaneous Authentication of Equals) replaces PSK — uses Dragonfly key exchange, making offline dictionary attacks against captured handshakes impossible. Forward secrecy — even if the password is later compromised, past sessions cannot be decrypted. OWE (Opportunistic Wireless Encryption) for open networks (encrypts without passwords). WPA3-Enterprise uses 192-bit cryptographic strength. Transition mode allows WPA2 and WPA3 devices to coexist. Enable WPA3 where supported; never use WEP or WPA.