CNET también está disponible en español.

Ir a español

Don't show this again

Internet

WPA3 Wi-Fi is here, and it's harder to hack

That's good, because the last update was during the George W. Bush administration.

There's a new standard for securing Wi-Fi connections, and it's called WPA3.

Here's what that means for you: New Wi-Fi routers will come with stronger protections for the data that flows between your computers, phones or smart home devices and your internet connection. It will also boost security in workplace Wi-Fi networks with changes to the way wireless behaves on enterprise networks. The Wi-Fi Alliance, a partnership of tech companies that hashes out the protocol for Wi-Fi, announced some of these features earlier in 2018. On Monday, the organization announced the protocol has been finalized.

Asus router

The WPA3 standard will bring tighter security to your Wi-Fi connections.

Chris Monroe/CNET

Wi-Fi is easy to take for granted -- it's literally in the air all around us, provided we're near a wireless router. But there's tons of sensitive information floating over the ether on Wi-Fi connections, so making wireless connections secure is no joke.

To better secure Wi-Fi users, the new protocol will make it harder to run a common hacking attack on your personal wireless network. It's called an offline dictionary-based attack, and it allows hackers to make endless guesses as to what your Wi-Fi password is. That often relies on software that tries combinations of characters, words and even common passwords to break into accounts.

WPA3 is available on new routers certified by the Wi-Fi Alliance, and it's up to individual vendors whether to install the protocol on existing routers with a software update.

WPA3 replaces Wi-Fi Protected Access 2, more commonly called WPA2, which was first introduced over a decade ago, in 2004. Security problems in WPA2 cropped up occasionally in that time, reminding us that unsecured Wi-Fi is bad news.

Most recently, researchers found a flaw they called KRACK, which could let attackers on the same Wi-Fi network access your internet traffic without a password. Device manufacturers released patches for the problem, and the Wi-Fi alliance required all new routers to be tested for the vulnerability. It was a repeat of a lesson from a decade earlier, when researchers found a different problem in the encryption that keeps internet traffic secure on a Wi-Fi connection.

Manufacturers like networking giant Cisco voiced their support for WPA3 in statements Monday. Cisco said it was not only planning to implement WPA3 in its upcoming products, but also looking for ways to update devices already out in the world with software that puts the new protocol in place.

"The WPA3 program will bring much needed upgrades to wireless security protecting all levels of customers from consumer to enterprise [and] government," the company said in a statement.

For personal Wi-Fi users, the new security protections will work even if user passwords aren't highly complex and hard to guess, said Kevin Robinson, the Wi-Fi Alliance's marketing vice president. But even so, he urged users to be smart about their passwords.

"Users should still choose passwords that are hard to guess," Robinson said. "A user should not go and pick 'password' as their password."

Security:  Stay up-to-date on the latest in breaches, hacks, fixes and all those cybersecurity issues that keep you up at night.

Blockchain Decoded: CNET looks at the tech powering bitcoin -- and soon, too, a myriad of services that will change your life.