Wi-Fi is about to get more secure this year with the launch of the new WPA3 protocol, the industry body behind it has announced.
The Wi-Fi Alliance — which is comprised of tech stakeholders including Apple, Cisco, Intel, Microsoft and Qualcomm — made the announcement at CES on Monday.
When it lands later this year, WPA3 will offer new features to simplify and enhance security for users and service providers on personal and enterprise networks, the body claimed.
One feature, individualized data encryption, should finally help to mitigate one of the biggest challenges facing users of public Wi-Fi networks — others on the same network snooping on their sessions.
It will do this by creating a secure encrypted channel for each user on the network.
The Alliance also pointed to two other new features which “will deliver robust protections even when users choose passwords that fall short of typical complexity recommendations, and will simplify the process of configuring security for devices that have limited or no display interface.”
It is believed the former will include steps to prevent attackers brute-forcing the Wi-Fi passwords of other users on the same network, and stopping them from making multiple log-in attempts.
“Wi-Fi security technologies may live for decades, so it’s important they are continually updated to ensure they meet the needs of the Wi-Fi industry,” said Joe Hoffman of SAR Insight & Consulting. “Wi-Fi is evolving to maintain its high-level of security as industry demands increase.”
At the same time, the Wi-Fi Alliance announced enhancements to the WPA2 protocol used by most companies today.
It claimed testing improvements will reduce the likelihood of vulnerabilities resulting from network misconfiguration and safeguard managed networks with centralized authentication.
The update to WPA2 is long overdue. The protocol has been around for well over a decade and recently took a major hit when researchers discovered a serious vulnerability (KRACK) which could allow attackers to eavesdrop on users’ data.