WPA2
Wi-Fi Protected Access 2 (WPA2) is a security protocol and certification program developed by the Wi-Fi Alliance to secure wireless computer networks. Introduced in 2004 as an enhancement to the original WPA (Wi-Fi Protected Access) standard, WPA2 has been widely adopted due to its improved security measures.
WPA2 uses the Advanced Encryption Standard (AES), a strong encryption protocol that provides significantly more secure data protection than the Temporal Key Integrity Protocol (TKIP) used in the original WPA.
Like WPA, WPA2 supports two modes of authentication: WPA2-Personal (WPA2-PSK) and WPA2-Enterprise (WPA2-EAP). WPA2-Personal uses a Pre-Shared Key (PSK), while WPA2-Enterprise employs an authentication server for greater security in business and enterprise environments.
WPA2 addressed and fixed the vulnerabilities found in WPA, making it more secure against certain types of attacks, such as packet spoofing and key reuse attacks. The Wi-Fi Alliance made WPA2 mandatory in all Wi-Fi certified devices, ensuring a baseline security standard across Wi-Fi products.
WPA2 devices are backward compatible with WPA, allowing them to work with older hardware, though they must operate in a less secure mode to do so. WPA2 quickly became the standard for Wi-Fi security in both home and business networks due to its robust security features.
In WPA2-Personal, the PSK is typically a passphrase, which should be long and complex to ensure security against brute-force attacks. WPA2-Enterprise provides additional security through the use of an authentication server (RADIUS server), offering a higher level of security for corporate and enterprise networks.
Despite its improvements, WPA2 has had vulnerabilities, like the KRACK (Key Reinstallation Attack) discovered in 2017. This led to increased emphasis on the adoption of the latest security patches and configurations.
In 2018, the Wi-Fi Alliance introduced WPA3, which provides further security enhancements. However, WPA2 remains widely used and is still considered secure when configured correctly and updated regularly.