Thursday, May 10, 2018

Word of the Day: Wi-Fi Protected Access (WPA)

Word of the Day WhatIs.com
Daily updates on the latest technology terms |May 10, 2018
Wi-Fi Protected Access (WPA)

Wi-Fi Protected Access (WPA) is a security standard for wireless internet connections. It improved upon and replaced the original Wi-Fi security standard, Wired Equivalent Privacy (WEP).

WPA was developed by the Wi-Fi Alliance to provide more sophisticated data encryption and better user authentication than WEP. The new standard, which was ratified by the IEEE in 2004 as 802.11i, was designed to be backward-compatible with WEP to encourage quick, easy adoption.

 

WPA has discrete modes for enterprise users and for personal use. The enterprise mode, WPA-EAP, uses more stringent 802.1x authentication with the Extensible Authentication Protocol (EAP). The personal mode, WPA-PSK, uses preshared keys for simpler implementation and management among consumers and small offices. Enterprise mode requires the use of an authentication server.

 

Network security professionals were able to support WPA on many WEP-based devices with a simple firmware update. While this effectively fixed the encryption issues that plagued earlier attempts at producing secure wireless protocols, it still had authentication issues that could be exploited.

WPA2 uses the Counter Mode Cipher Block Chaining Message Authentication Code Protocol (CCMP) to provide message authenticity and integrity verification, and it is much stronger and more reliable than the original Temporal Key Integrity Protocol (TKIP) protocol for WPA.

WPA2 still has vulnerabilities; primary among those is unauthorized access to the enterprise wireless network, where there is an invasion of attack vector of certain Wi-Fi Protected Setup (WPS) access points. Although this can take the invader several hours of concerted effort with state-of-the-art computer technology, the threat of system compromise should not be discounted. It is recommended the WPS be disabled for each attack vector access point in WPA2 to discourage such threats.

Though these threats have traditionally been directed at enterprise wireless systems, even home wireless systems can be threatened by weak passwords or passphrases. Privileged accounts (such as administrator accounts) should always be supported by stronger, longer passwords and all passwords should be changed frequently.

Quote of the Day

"The most common protocol used to connect IoT devices via Wi-Fi is WPA2 -- also known as Wi-Fi Protected Access II -- as it defines how a router and Wi-Fi client devices perform the 'handshake' network connection process to negotiate the encryption used to secure the connection." - Michael Cobb

 

Trending Terms

WEP
TKIP
802.1X
Extensible Authentication Protocol
RADIUS
hot spot

 
Learning Center

How will the new WPA3 protocol strengthen password security?
The WPA3 protocol aims to better protect the next generation of Wi-Fi-enabled devices. Discover how this new Wi-Fi protocol works and how it's different from its predecessor, WPA2.

WPA3 Wi-Fi protocol aims to improve security in 2018
The Wi-Fi Alliance announced the finalized WPA3 Wi-Fi protocol standards, which will be put in place in 2018 to improve security.

Battle of the IoT networks: Cellular versus Wi-Fi
Cellular or Wi-Fi. Given each technology's bandwidth, cost, coverage and security characteristics, which should IoT application developers choose? Sierra Wireless' Philippe Guillemette discusses.

Wireless security protocols: The difference between WEP, WPA, WPA2
Learn the difference between WEP, WPA and WPA2, and find out which of these wireless security protocols is best for your WLAN.

Why WPA2-PSK can be a security risk even with an uncracked key
WPA2-PSK can be used to improve Wi-Fi security, but it has its flaws. Here's a look at WPA2 and other Wi-Fi security methodologies.

Writing for Business

Customers began to complain that their Wi-Fi routers were ________ connectivity.

A. losing

B. loosing

Answer

 

Stay In Touch
For feedback about any of our definitions or to suggest a new definition, please contact me at: mrouse@techtarget.com

 

Visit the Word of the Day Archives and catch up on what you've missed!

 

FOLLOW US

TwitterRSS
About This E-Newsletter
This e-newsletter is published by the TechTarget network. To unsubscribe from Whatis.com, click here. Please note, this will not affect any other subscriptions you have signed up for.
TechTarget

TechTarget, Whatis, 275 Grove Street, Newton, MA 02466. Contact: webmaster@techtarget.com

Copyright 2018 TechTarget. All rights reserved.

No comments: