WPA3 is the third installment of the Wi-Fi Protected Access (WPA) standard, offered by the Wi-Fi Alliance to secure Wi-Fi connections and devices that use them. Introduced in 2018, WPA3 heavily increased the use of encryption to protect users’ connections to public Wi-Fi networks.
WPA2 (WPA3’s precursor) was susceptible to attacks wherein a hacker repeatedly guessed a password during the four-way handshake authentication process. WPA3 aimed to address WPA2 flaws by encrypting device connections to public Wi-Fi networks.
One primary feature of WPA3 was Wi-Fi Easy Connect, which offers asymmetric cryptography and simpler configuration. Users scan a QR code to connect to Wi-Fi rather than inputting a password. One main device per network becomes the configuration point and must be able to scan the QR code. Although it wasn’t technically part of WPA3, Wi-Fi Enhanced Open was introduced around the same time, offering encryption for public Wi-Fi networks. Opportunistic Wireless Encryption (OWE) encrypts an open network rather than using a pre-shared key (PSK), which are typically symmetric.
WPA2’s main weaknesses included allowing hackers to guess users’ passwords through brute force attacks on accounts that tried to connect to public Wi-Fi networks. WPA3 addresses these flaws by making it more difficult for hackers to attack and guess users’ passwords or freely observe their internet usage. It also implemented a program called Dragonfly, used to avoid the password-guessing problem, but in 2019 Dragonfly was revealed to be susceptible to similar attacks.
Devices can also create fake wireless networks by copying a legitimate Wi-Fi network name and pasting it into their phone’s name, tricking users into selecting that as their network. WPA3 cannot stop these “evil twin” attacks, either.