If you can recall, there was a serious weakness discovered in WPA2 networks last year and it put the once-trusted security standard into a precarious position.
The security flaw was dubbed KRACK and it allows an attacker to intercept data from a nearby Wi-Fi network, including passwords, photos, credit card information, private messages, emails and web activity. Basically, anything that’s normally protected and encrypted by the WPA2 standard.
Since the KRACK attack put the security WPA2 of the standard itself in question, is the replacement for it in the works?
Get ready for WPA3
The answer is yes. The Wi-Fi Alliance, the non-profit body that defines and promotes the standards of Wi-Fi technology, recently unveiled the new WPA3 Wi-Fi security standard at CES in Las Vegas.
Building on the security advantages of WPA2, WPA3 will not only eliminate KRACK-style attacks, it will also reduce the potential for weaknesses brought by bad configurations and weak passwords. Furthermore, it will protect managed networks with a more centralized authentication system.
Since WPA3 is an entirely new standard and it’s meant to replace WPA2, users may have to buy new “WPA3 certified” equipment to take advantage of it.
Although some of the security enhancements may make it in WPA2 devices (especially the ones that address the KRACK flaw), the full WPA3 standard will be only available in new equipment.
If you’re shopping around for a new router, look for the “WPA3 Certified” sticker if you want to future-proof it.
New security features
Here are the four key new WPA3 security enhancements that were announced:
Protection against weak passwords – One feature in WPA3 will protect your network even when you decide to use a weak Wi-Fi password (for example, “1234”). This could include brute force attack protections, which can lock out a device after a number of unsuccessful attempts.
Simplified security – Another new feature will make the process of connecting and configuring their network security of gadgets without displays (such as Internet-of-Things appliances) simpler.
Protection in public networks – WPA3 will also introduce “individualized encryption.” This will be a big privacy boost in open and public networks considering when enabled, each connected user won’t be able to read each other’s data.
Better encryption – Encryption in WPA3 will also be further strengthened with a 192-bit security suite. This abides by the encryption upgrades required by the U.S. government for industries.
Windows chip flaw patch is crashing some PCs, making them unbootable
In other security news, it appears that Microsoft’s Windows patch against the recently discovered Meltdown chip flaw is crashing certain PCs. Click here to learn why.