Operating system security

Windows Supported wireless encryption types

Marcel Deniau
July 31, 2020 by
Marcel Deniau

Introduction

We all want to keep our wireless network secure, to keep our personal data and information safe, don't we? Fortunately, Windows supports multiple wireless encryption types. You, as the user, have an option to choose between the best. However, you first need to understand the difference between the popular options, and which one makes a good option for your unique needs.

To help our readers, we have listed all the available options and what makes them different from each other.

Learn Windows 10 Host Security

Learn Windows 10 Host Security

Build your Windows skills with 13 courses covering Windows registry, services, processes, toolset and more.

Wireless security protocol

You need a wireless security protocol to secure your home or office wireless network. For the last couple of decades, wireless security protocols are also evolving and changing along with the wireless technology around us.         

For example, Windows has now shifted from WEP connections to WPA security protocols, as WEP connections are no longer supported. If you are using the most secure and compatible security protocol for your home network, the risk of someone illegally accessing your Wi-Fi network is very small. 

WEP

WEP, also known as Wired Equivalent Privacy, was ratified in 1999 as a Wi-Fi security standard and was one of the first and widely used wireless security protocols. In 2003 the Wi-Fi Alliance announced that Wi-Fi Protected Access (WPA) would supersede WEP in 2004. Ratification is ongoing. 

Since the Windows 10 1903 release, a warning pops up when a user tries to connect to a WEP or TKIP network, encouraging them to seek a secure connection. According to Microsoft, “In a future release, any connection to a Wi-Fi network using these old ciphers will be disallowed.”

The common wireless security protocols for Windows users

WPA

WPA, also known as Wi-Fi Protected Access, was the first official replacement of WEP. Wi-Fi Alliance officially adopted the new security protocol in 2003, just one year before they abandoned WEP for WPA.

Unlike WEP that uses 64-bit and 128-bit keys, WPA uses 256-bit keys, with the most common configuration being PSK or Pre-Shared Key. 

So what does WPA improve over WEP? These improvements include Temporal Key Integrity (TKIP) and message integrity checks. The message integrity checks allow the protocol to check if the data packets between the client and the access point are compromised. 

Similarly, TKIP is a better version of WEP's fixed key system, as it uses a key system for each packet, making it more secure. 

Even though better and more secure compared to WEP, WPA was used as a temporary bridge between WEP and complete WPA security protocol WPA2.  

As WPA was designed to be upgraded in already-in-use WEP-enabled routers, it had to use some features of the WEP system, making it vulnerable to some extent as well. If someone knows how to hack a WEP system and which elements to exploit, the chances are the person can also breach the WPA security protocol. 

How to configure WPA on Windows

  • Connect your router to your Windows device (computer, laptop) over Wi-Fi
  • Click on the address bar on your web browser and enter the IP address of your router (for example, 192.168.0.1)
  • Go to the Setup menu → Wireless Settings
  • On the new window, choose Security Options and select WPA. Here, you can enter the security key and click Save or Apply

WPA2

WPA2 is also called Wi-Fi Protected Access version 2. As the name reflects, it is a further upgrade of WPA. The new version was introduced in 2004, just one year after the development of the WPA security protocol.

WPA2+AES is currently one of the most used and most secure protections used for your wireless network. If you are using a device manufactured after 2006 and Wi-Fi CERTIFIED, it must already have a WPA2 security protocol implemented.

So what is the difference between WPA and WPA2?

WPA2 features AES algorithms along with the use of counter-cipher mode with block chaining message authentication code protocol, also called CCMP. The CCMP replaced the TKIP used in WPA protocol.

Even though WPA2 is considered as the most secure Windows protocol, there are still a few vulnerabilities. However, compared to WPA and WEP, WPA2 is the fastest encryption protocol in terms of data speed. 

How to configure WPA2 on Windows

  • Make sure your Windows computer/laptop is connected with your router
  • Click the Wi-Fi icon on the notification bar
  • Choose your router and open Network and Sharing Center
  • Go to Set Up a New NetworkManually Connect to a Wireless Network
  • You need to provide details like security type (WPA2-Personal/WPA2-Enterprise), the encryption type (AES) and network security key. Click OK

WPA3 

The latest and next-generation security protocol is WPA3. The latest upgrade to the WPA2 makes your Wi-Fi network security more robust. The new features add more cryptographic strength and disallow outdated protocols.  

Available in both WPA3-Personal and WPA3-Enterprise versions, the latest protocol provides better security against password hacks. The protocol uses SAE (Simultaneous Authentication of Equals) in place of Pre-Shared Key (PSK). 

This allows you even to use simpler passwords that are easy to remember. WPA3 also offers forward secrecy, which means it protects data traffic in case the password is compromised.

As it is the latest version, it is supported by the May 2019 Windows 10 update (Windows 10 version 1903). Similarly, you must have the latest models when it comes to routers that can support WPA3, like Netgear RAX120. 

Learn Windows 10 Host Security

Learn Windows 10 Host Security

Build your Windows skills with 13 courses covering Windows registry, services, processes, toolset and more.

Final words

While WPA3 is the most secure wireless security protocol for Windows users, it is still not compatible with most routers and older operating systems. This is why WPA2 is currently the most popular and commonly used security protocol, and has been for more than a decade. 

WPA2 uses AES encryption, which is harder to hack than the TKIP encryption WPA uses. WPA2 requires more processing power than WPA but when it comes to choosing between WPA and WPA2, WPA2 is the natural choice, unless WPA3 is an option.

Sources

  1. Windows 10 features we’re no longer developing, Microsoft
  2. Wi-Fi Alliance, wi-fi.org
  3. Why It's Time to Refresh Wi-Fi Hardware with WPA3 Devices, ITPro Today
Marcel Deniau
Marcel Deniau