By EarthLink Staff May 28, 2020
Summary: As we conduct more of our lives online, wireless security is increasingly important. From WEP in the 1990s to WPA2 to WPA3, we explain the strengths — and weaknesses — of each. Plus, we include other precautions to take, no matter what wireless security system you have.
The internet — wireless internet in particular — has grown exponentially since the mid-1990s. And with it, wireless internet security has expanded and evolved time and time again.
Today, internet security has never been more important. Our lives take place in the palms of our hands. We communicate, bank, shop, invest, and so much more all from our wireless devices.
As our lives become more and more digital, there are increasing opportunities for cybercrime and fraud. Personal information is embedded in nearly everything we do online, and that information can be left vulnerable to attacks if not secured properly. Just like how you shield your PIN from the person behind you in a checkout line, you need to protect your digital information.
There are several different types of wireless security, but how do you know which is the best for your internet? Here’s a rundown of what you get from each.
Wired Equivalent Privacy, better known as WEP, was one of the earliest forms of wireless internet security. The purpose of WEP was to offer the same protections as a wired connection, hence the name “Wired Equivalent.”
Even for the late 1990s, WEP did not offer particularly strong security, but it was incredibly popular throughout the entire world. Today, WEP is still the first type of security listed on router protocol selection menus.
U.S. restrictions on cryptographic technologies in the 1990s limited most manufacturers to create devices with 64-bit encryption.
WEP was adopted as the security standard in 1999, but by 2001 various loopholes and security flaws were easily manipulated by even modest hackers. WEP was officially retired as the security standard in 2004 by the WiFi alliance. Even if any of your tech offers this setting, it’s extremely outdated and not the type you should use.
WiFi-protected access, or WPA, was the security type adopted in response to WEP being retired. The most common WPA, WPA-PSK (Pre-Shared Key), uses a 256-bit encryption, a major security boost over the 64/128-bit WEP.
WPA also included integrity checks between the access point and client to ensure all key packets passing through originated from the user and not a non-approved source.
Unfortunately, much like WEP, WPA was soon shown to be easily exploited, and its wireless security features worked around fairly simply. WPA is still a better option than WEP, but with the constant evolution of technology, it suffers from some critical security flaws.
Luckily, WPA has largely been replaced by WPA2 security
If you’re using older software, it may only support WPA security, which can be used with minimal processing power. It requires a shorter password, which could be easier to remember, but also makes it a weaker security option. WPA isn’t secure enough to support an entire business — but it is a better option than WEP.
WPA2 replaced its predecessor, WPA, in 2006 as the primary and standard wireless security protocol. When it comes to WPA vs. WPA2 security, the biggest change was the mandatory use of Advanced Encryption Standard, also known as AES, encryption algorithms. AES is even used to secure government information, so you can feel safe using it to protect personal devices or company WiFi.
WPA2 also introduced Counter Cipher Mode with Block Chaining Message Authentication Code Protocol — CCMP for short — as an upgrade for the Temporal Key Integrity Protocol used in original WPA protocols.
The security risks of any known WPA2 system vulnerabilities are pretty slim. The risks that are present are almost entirely attached to high-level enterprise networks and do not need much consideration for home network security. That said, once someone has access to the network, they could attack other connected devices. This could become a problem if your company has an internal threat, like an unhappy employee who hacks into other devices connected to the company network.
WPA2 is a stronger, updated version of WPA. By using AES encryption and longer passwords, it creates a more secure network. Plus, you can choose personal or enterprise versions of WPA2, so it’s more customizable to your needs. The only downside is that it requires more processing power than WPA, so if you’re using a significantly older device, it may be slow or not work at all. If that’s the case, stick with WPA.
WPA3 was introduced in 2018 by the WiFi Alliance. This new version is predicted to have new features that keep your WiFi safer and require more robust authentication while being easier to use and implement. WPA3 devices have only been approved in the last few years, so it’s not as widely available as its predecessor. So if you’re looking to choose between WPA vs. WPA2 vs. WPA3, WPA2 is the most widely-available and trusted option at this time.
Looking for more ways to stay safer online? Check out our cyber safety suite — we’re committed to keeping your data more secure through VPNs, dark web monitoring, real-time threat protection, and more. Bonus: it pairs perfectly with EarthLink home internet.
See all posts from EarthLink Staff.