WPA3 will greatly improve router security, but it will not replace your VPN.
Behold, the dawn of WPA3! Well... actually, there’s nothing much to see yet.
The Wi-Fi Alliance just last month started certifying products that support the new security protocol. It’s going to take time for those products to get to market, and then even more time for users to adopt all the new equipment. Yes, some of your existing devices will upgrade to WPA3, but for the most part we will see a whole new generation of products and services marching to the marketplace in later 2019. And here’s the upshot — the new standard is indeed a much-needed update to router security, but a VPN will still complete your privacy protection.
This is a pretty big moment, as it starts the slow fadeout of WPA2, our industry standard for over ten years. In fact, WPA2 was regarded as top security until last year when a major flaw was discovered and exploited, leading to key reinstallation attacks (KRACKs). Once cybercriminals figured it out, they could hack into your router, grab some of your data, then take it offline to their own workspace where they could focus on cracking your password by checking every word in the dictionary.
WPA3 completely removes this vulnerability, providing only one chance at guessing the data offline. If the guess is wrong, the data is lost and the cybercriminal has to go capture it from your router again just to get another single try. Unless your hacker lives upstairs from you and can easily keep hopping on your Wi-Fi signal, this is going to put the dictionary attack criminals out of business.
Another new feature we can expect is “forward secrecy.” This security measure protects all your older data if a bad actor does make it onto your network somehow. WPA3 will ensure that any intruder will only see the data you are currently accessing at the time. Any encrypted data that was captured in the past will not be able to be decrypted using the newly-cracked encryption keys.
Still another promising new improvement from WPA3 is something the Alliance calls “Wi-Fi Easy Connect,” which will reportedly connect your growing world of IoT devices to your router just by scanning both the router’s QR code and the QR code on the device.
There’s no question these new features will bring router security light years closer to the protection we need, but as great as they will be, they still do not completely solve the online privacy and security problem. It’s important that users keep perspective on what WPA3 does and DOESN’T do. There will still be risk.
Yes, you might trust the connection between your device and the router (your access point); but whoever controls that access point can intercept your web connection. A VPN, however, hides you from everyone — cybercriminals, your ISP, the coffee shop where you’re using public Wi-Fi. It adds encryption where WPA3 does not and closes the circle on protecting your privacy. If you do not yet use a VPN, download a 7-day free trial of Avast SecureLine VPN and experience online freedom.
And speaking of much-needed better security, take a look at our new best practices for creating strong passwords and give all your accounts the security overhaul they need to stay safe in today’s cyber-climate.
Read what Avast CEO Ondrej Vlcek believes can be a “big picture” solution for Internet of Things security vulnerability.
Find out what you need to know about the leak of a half-million security credentials for routers and Internet of Things devices.