WPA versus WPA2?

So what’s the difference?

Not much or a lot depending on your opinion. WPA uses TKIP for key management, whereas WPA2 uses AES-CCMP. Usually depending on how the AP has been set up, you can use either (TKIP or AES-CCMP) interchangeably, thus using WPA or WPA2 as needed. Many older devices like those running Windows Mobile 5, only support WPA with TKIP, while WPA2 is now required for Wi-Fi Alliance‘s “WiFi CERTIFIED” moniker.

This is a pretty rough overview, however in the end the general consensus is WPA2 is more secure due in part to it’s use of the government/industry preferred AES protocol for key protection. However WPA is probably sufficient for the vast majority of uses and is infinitely better than using WEP protocol. WEP really is only useful for keeping your average neighbor off your network – any mildly serious attacker will be able to compromise a WEP based wireless network.

As long as I’m on the subject, hiding your SSID is also basically a useless joke as there are so many tools to sniff them even when not set to “broadcast”. Either use WPA(2) or further encapsulate your traffic over a VPN connection. Still, in general as an extra layer of protection, you ought to disable “broadcast SSID“, though because of the way the protocol works the benefit is honestly nearly nil. Still, “layered security” is the way to go.







Leave a Reply

Your email address will not be published. Required fields are marked *