A few months after a vulnerability affecting the WPA2 security protocol used by most modern WiFi devices was disclosed, the WiFi Alliance has unveiled plans for a new WPA3 protocol that should bring better protections.
The first real draft of the new protocol won’t be available until later in the year, but the WiFi Alliance provided a sneak peek at some of the new features today:
- Data on public WiFi networks will be encrypted
- Protection against brute-force attacks by blocking authentication after multiple failed login attempts
- Support for using a phone or tablet to configure security on nearby screenless devices, bringing more protection to IoT gadgets and other devices that are hard to set up securely now
- 192-bit security suite for protecting networks with higher security requirements (government, industrial, etc)
Once the new standard is fully laid out by the WiFi Alliance, it’ll still be up to third-party companies to add support for WPA3 to routers, PCs, phones, tablets, and IoT devices. So it could be a few years before WPA3 use is widespread.
For now the best thing you can probably do is make sure your devices have all the latest security updates… and if you have devices (like routers or phones) that rarely, if ever, receive updates anymore then it might be time to think about upgrading to something newer and/or better supported.