Since the early history of wireless networks they were generally considered to be insecure compared with wired ones. But since the popularity of wireless networks has risen much higher than wired networks, the need for rules on how to secure wireless networks has also risen high. That’s where Wi-Fi security protocols appeared to enable the security and effectiveness of wireless networks. These protocols appeared gradually and also got significant updates to make up for some security flaws. This article will explain every protocol in particular and compare them. Hence, you will have a more clear understanding of what to choose when setting up your router.
Wi-Fi Security Protocols – What are They?
Any modern network router offers different network protection settings. They differ by the strength of the cipher they use, as well as the overall design of the security protocol. You can see their list in the router settings. Among them are Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), and two updated versions of the latter – WPA2 and WPA3. The difference is not obvious, but it is crucial for the proper network security setup. Thus it is important to have a look upon all of them.
What Is WEP Protection in Wireless Networks?
WEP abbreviation stands for Wired Equivalent Privacy. It appeared at the dawn of wireless networks, in September 1999. The expectancy for this protocol was that it would deliver the same security measures as wired networks. The second hope was that it would prevent unauthorized access to a wireless network. But it turned out that WEP didn’t fulfill its role because of numerous flaws. Hence, wireless networks with WEP protection still didn’t have an efficient layer of security. The reason for the protocol’s unsuccess lies in its inability to provide end-to-end security.
The very first wireless security protocol saw usage only at the lowest layers of the OSI model — physical layers and data link. The reason for such limitations comes from the restriction on cryptographic technologies at that time. Moreover, Wi-Fi devices of that time had a limit of only 64-bit encryption. But even after the 64-bit limitation surpassing and the protocol update to a 128-bit variant, it still had some major security issues. That’s why it was decided to search for a proper substitution, and thus the WPA standard appeared.
What Is WPA?
In 2003 WPA security protocol came onto the scene offering much stronger security than WEP did. WPA received 256-bit encryption, which is a significant increase compared to 64-bit and 128-bit in the WEP. Unlike WEP, WPA featured two distinct modes of security protocols: WPA-Enterprise and WPA-Personal. The former is great for home usage, while WPA-Enterprise offers security for companies and organizations where a RADIUS server is present.
What Is Networks Protection with WPA2?
WPA2 came as an improvement for WPA in 2004. The most significant new security feature this protocol has brought in was an implementation of the Advanced Encryption Standard (AES). This standard provides much higher security and performance as well. Alas, WPA2 have a security vulnerability as well, which threatens the security of enterprise wireless networks. With this vulnerability, actors can have access to certain keys and attack other devices on the network.
What Is WPA3 Wireless Networks Protection?
Wi-Fi Alliance proposed this security protocol in June 2018. The aim was to simplify wifi security but at the same time enable more serious authentication and increase cryptographic strength for highly needed and sensitive data customers.
WPA3 doesn’t have some flaws that were initially present in WPA2, for example, susceptibility . WPA3 is the best choice for public networks (like coffee shops or hotels). It includes the must-have features like the automatic connections encryption without the need for any credentials. In addition WPA3 supports forward security updates and backward compatibility with devices that used the WPA2 protocol.
How Can I Secure My Wireless Network
Of course, we should understand that security protocols can’t be enough if a user doesn’t follow some cyber hygiene rules. What could be the point of a WPA3 protocol if you still have the factory password on your wifi router and anyone can just look up on the internet the password to it.
Once again, the main is that you just can’t solely rely on security protocol but you yourself should do some basic cyber hygiene things to make that security protocol effective:
- Enable Firewall. Most likely your wifi router has already built in a firewall but sometimes it can be turned off. You may need to check it and turn it on. Firewalls additionally protect you against any network attacks from outside intruders while also securing your broadband connection;
- Have your router placed in the center of your home. Maybe at first sight it doesn’t seem like an obvious thing but it really is. Most users have their wifi routers placed at doors or windows and it significantly increases chances of anyone with a malicious intent to intercept your Wi-Fi signal. The best thing would be to place your wifi router in the center of your home so that the signal that goes beyond your house will be minimal;
- Regularly update your router software. The same as with firewall most routers will automatically update but you need to check if your router has such an option. If not you need to do the update manually. Regular updates is important because they eliminate the number of exploits some threat actors can use against your network;
- You can hide your network from view. When you buy a new wifi router it will have a publicly visible name most likely set by its manufacturer. To hide your wifi router name from public and to change its default name reduces the chances that threat actors could guess the type of router you have and attack you;
- Use a VPN (Virtual Private Network). This is a useful tool that allows users to communicate more safely over an unencrypted unsecured network. VPN encrypts your data in a way that an outsider who managed to get a hold of your communication could not tell from which location you really are or what you’re doing online;
- Change the default password of your wifi router. One of the most important rules is always to change the default password of your wifi router because anyone can look up this information on the internet provided they also know the type of your wifi router and hack into your network;
- Enable MAC Address Filtering. Media Access Control (MAC) address or the physical address is basically the phone book of all the devices that are allowed to connect to your network. Enable this feature to limit the number of devices connecting to your network and allowing only those you are familiar with;
- Disable Remote Administration. Routers can also have a feature like remote administration when anyone that is close enough to your home can connect to your wifi network and view or change your wifi settings. If you don’t use the remote administration at all its better to disable it so that you reduce the chances of someone unauthorized to connect to your network and change anything in it;