The Wi-Fi Alliance took the floor at CES to announce that not only is it rolling out an entirely new Wi-Fi security standard, WPA3, but the most prevalent existing standard, WPA2, will be getting some security enhancements in the near future. WPA3 is an evolution of WPA2 that addresses some pain points on the user end while also beefing up security in an individualized fashion, helping to protect users from the modern threat landscape on the connection end, no matter how well they may or may not be protected on the device end. WPA2, meanwhile, will be getting additional security features in the near future that will protect existing devices and installations more thoroughly without any change in how users address them. No definite date for the release of WPA3 has been announced at this time, nor has the Wi-Fi Alliance said when it will be introducing the new security measures into WPA2.
WPA2 will be getting enhancements to its Protected Management Frames technology, which will make it harder for packet sniffers and other snooping methods to eavesdrop user traffic, even if the eavesdropper is another device on the same network. Enhancements to the ways that WPA2 tests devices on a network will help to protect users from the perils of a misconfigured network by applying more thorough vetting to devices and their activities on the network. Finally, WPA2 will begin to use centralized authentication services, adding a cloud backend to on-device security for redundancy. While this may not stop attacks from people who legitimately log their devices onto a WPA2 network and then surreptitiously begin attacking other devices or the network itself, it will add another layer to help slow down or stop exploits that would otherwise allow unauthorized devices onto a network.
WPA3 retains the same security features that WPA2 currently has and is getting, but will also make things easier for users and implement protections aimed at addressing user error. The biggest change, however, does not pertain to most casual users at all; use cases with heightened security needs will be able to take advantage of a specially developed 192-bit protection and encryption scheme called the Commercial National Security Algorithm, developed by the Committee on National Security Systems. Casual users, meanwhile, will be able to utilize protections even when setting passwords that do not meet WPA2's minimum security standards, and will have an easier time configuring devices without a display by connecting to them with other devices.