March 11, 2026 17 minutes read Admin

Understanding Wi-Fi Security

An overview of WEP, WPA, WPA2, WPA3, common misconfigurations, and what those security choices look like from the street.

Wireless network security has evolved dramatically over the past two decades. Understanding the different security protocols and their vulnerabilities is essential for both securing your own networks and comprehending what wardrivers observe in the field.

The Security Protocol Evolution

WEP (Wired Equivalent Privacy) - 1997-2004

Status: Completely broken, never use

WEP was the original Wi-Fi security standard, designed to provide privacy equivalent to a wired connection. It failed spectacularly.

Critical Flaws:

  • 24-bit initialization vector (IV) - too short
  • IV reuse after collecting enough packets
  • Weak key scheduling algorithm
  • Can be cracked in minutes with modern tools

Historical Note: In the early 2000s, WEP networks were everywhere. Wardriving surveys from that era found 70-80% of networks using WEP or no encryption at all. Today, WEP networks are rare curiosities, usually indicating very old equipment.

WPA (Wi-Fi Protected Access) - 2003-2006

Status: Deprecated but still encountered

WPA was an interim solution while WPA2 was being finalized, addressing WEP's critical flaws.

Improvements:

  • TKIP (Temporal Key Integrity Protocol)
  • Per-packet key mixing
  • Message integrity check
  • Larger initialization vectors

Vulnerabilities:

  • TKIP has known weaknesses
  • Susceptible to certain attacks
  • Primarily a stopgap measure

WPA2 (802.11i) - 2004-Present

Status: Current standard, widely deployed

WPA2 became the gold standard for Wi-Fi security and remains the most common protocol in use today.

Key Features:

  • AES-CCMP encryption (strong cryptography)
  • Robust security protocols
  • Two modes: Personal (PSK) and Enterprise (802.1X)

WPA2-Personal (PSK):

  • Pre-shared key (password)
  • Suitable for home networks
  • 8-63 character passphrase

WPA2-Enterprise:

  • RADIUS authentication server
  • Individual user credentials
  • Certificate-based authentication
  • Suitable for corporate environments

Known Weaknesses:

  • Vulnerable to offline dictionary attacks (weak passwords)
  • KRACK attack (2017) - patched in modern devices
  • WPS (Wi-Fi Protected Setup) vulnerabilities
  • Deauthentication attacks possible

WPA3 (802.11i-2018) - 2018-Present

Status: Newest standard, growing adoption

WPA3 addresses WPA2's remaining vulnerabilities and adds modern security features.

Major Improvements:

Simultaneous Authentication of Equals (SAE):

  • Replaces PSK authentication
  • Resistant to offline dictionary attacks
  • Forward secrecy (compromised password doesn't reveal past traffic)
  • Protection against password guessing

Enhanced Open:

  • Opportunistic Wireless Encryption (OWE)
  • Encryption even on "open" networks
  • Protects against passive eavesdropping

192-bit Security:

  • WPA3-Enterprise mode
  • Government-grade security
  • Suite B compliance

Current Limitations:

  • Device support still growing
  • Transition mode (WPA2/WPA3) common
  • Some early implementations had bugs (DragonBlood)

Authentication Methods

Pre-Shared Key (PSK)

How It Works:

  • Single password shared by all users
  • Password hashed to generate encryption keys
  • Common in home/small business environments

Security Depends On:

  • Password strength (length and complexity)
  • Number of people who know the password
  • How often password is changed

Best Practices:

  • Minimum 16 characters
  • Mix of character types
  • Avoid dictionary words
  • Change if compromised

802.1X/EAP (Enterprise)

How It Works:

  • Central authentication server (RADIUS)
  • Each user has individual credentials
  • Certificates for device/user authentication

Common EAP Types:

  • EAP-TLS (certificate-based, most secure)
  • EAP-TTLS (tunneled TLS)
  • PEAP (Protected EAP)
  • EAP-FAST (Flexible Authentication via Secure Tunneling)

Advantages:

  • Individual accountability
  • Centralized credential management
  • No shared secrets
  • Dynamic key generation

WPS (Wi-Fi Protected Setup)

Status: Security risk, should be disabled

WPS was designed to simplify network setup but introduced critical vulnerabilities.

Methods:

  • PIN method (8-digit code)
  • Push-button method
  • NFC method

Fatal Flaw:

  • PIN method vulnerable to brute force
  • Effectively only 7 digits + checksum
  • 11,000 possible combinations
  • Can be cracked in hours

Recommendation: Always disable WPS on access points.

Common Security Misconfigurations

1. Hidden SSID (Security Through Obscurity)

What It Is: Disabling SSID broadcast to "hide" the network.

Why It Fails:

  • Network still easily detectable
  • SSID revealed when devices connect
  • Probes from client devices broadcast the SSID
  • Creates false sense of security

Reality: Hidden SSIDs appear in wardriving logs with "(hidden SSID)" or blank names but are fully detectable.

2. MAC Address Filtering

What It Is: Whitelist of allowed device MAC addresses.

Why It's Inadequate:

  • MAC addresses easily spoofed
  • Administrative burden (adding new devices)
  • Doesn't provide encryption
  • False sense of security

Proper Use: Can be an additional layer but never the only security.

3. Weak Passwords

Common Mistakes:

  • Short passwords (less than 12 characters)
  • Dictionary words
  • Personal information
  • Common patterns (Password123!)
  • Default router passwords

Impact: WPA2 with weak password is vulnerable to offline dictionary attacks after capturing the 4-way handshake.

4. Outdated Firmware

Risks:

  • Known vulnerabilities unpatched
  • Missing security updates
  • Incompatible with newer protocols
  • Performance issues

Solution: Regular firmware updates for all network equipment.

5. Default Configurations

Common Defaults:

  • Default admin passwords (admin/admin)
  • Default SSID (NETGEAR45, Linksys, etc.)
  • Unnecessary services enabled
  • WPS enabled

Wardriving Observation: Default SSIDs are easily spotted and often indicate other default/weak configurations.

What Wardrivers See

When scanning wireless networks, wardrivers observe:

Network Beacon Information

SSID:

  • Network name (or hidden status)
  • Reveals owner (sometimes)
  • Default SSIDs indicate router model

BSSID:

  • MAC address of access point
  • Identifies specific device
  • OUI (first 6 hex digits) reveals manufacturer

Encryption Type:

  • Open (no encryption)
  • WEP (critically vulnerable)
  • WPA/WPA2-PSK
  • WPA2-Enterprise
  • WPA3

Channel Information:

  • Operating frequency
  • Channel width (20/40/80/160 MHz)
  • Congestion patterns

Signal Strength:

  • RSSI (Received Signal Strength Indicator)
  • Indicates proximity and power
  • Helps create coverage maps

Security Indicators

Concerning Observations:

  • Open networks in residential areas
  • WEP encryption (ancient equipment or ignorance)
  • Default manufacturer SSIDs (poor security posture)
  • WPS enabled (detectable in beacon frames)

Good Security Indicators:

  • WPA2 or WPA3 encryption
  • Non-default SSIDs
  • Strong signal control (not unnecessarily powerful)
  • Enterprise authentication (in business contexts)

Securing Your Wireless Network

Essential Security Measures

  1. Use WPA2 or WPA3

    • WPA3 preferred if all devices support it
    • WPA2 acceptable with strong password
    • Never use WEP or Open

  2. Strong Passphrase

    • 16+ characters minimum
    • Random characters preferred
    • Password manager generated
    • Not based on personal information

  3. Disable WPS

    • Access router admin panel
    • Find WPS settings
    • Disable completely

  4. Change Default Admin Credentials

    • Router admin password
    • Different from Wi-Fi password
    • Long and complex

  5. Update Firmware Regularly

    • Check manufacturer website
    • Enable auto-update if available
    • Review changelog for security fixes

  6. Use Strong Admin Credentials

    • Change default username if possible
    • Long, complex password
    • Different from Wi-Fi password

Advanced Security Measures

Network Segmentation:

  • Separate guest network
  • IoT device isolation
  • VLAN configuration for advanced users

Reduce Transmit Power:

  • Only as strong as needed
  • Reduces unnecessary exposure
  • Limits range to your property

Disable Unnecessary Services:

  • Remote administration (unless needed)
  • UPnP (security risk)
  • WPS (always disable)
  • Legacy protocols

Monitor Connected Devices:

  • Review device list regularly
  • Identify unknown devices
  • Investigate suspicious connections

Use a Firewall:

  • Enable router firewall
  • Configure appropriately
  • Review logs periodically

The Future of Wi-Fi Security

Emerging Standards

Wi-Fi 6E (802.11ax):

  • 6 GHz spectrum
  • Less congestion
  • Enhanced security built-in

Wi-Fi 7 (802.11be):

  • Next generation standard
  • Further security enhancements
  • Improved performance

Ongoing Challenges

IoT Security:

  • Billions of devices
  • Poor security standards
  • Difficult to update
  • Network attack vectors

Legacy Device Support:

  • Older devices can't support new protocols
  • Forces use of transitional modes
  • Weakest link problem

User Education:

  • Most people don't understand Wi-Fi security
  • Default configurations persist
  • Weak passwords remain common

Conclusion

Wi-Fi security has come a long way from WEP's broken encryption to WPA3's modern protections. When wardrivers scan an area, the security protocols in use tell a story about the technological sophistication and security awareness of network owners.

The good news: securing a wireless network properly is straightforward with WPA2/WPA3, strong passwords, and basic hygiene like disabling WPS and updating firmware. The bad news: many networks still use outdated security or weak configurations, making them vulnerable to attack.

Understanding these security fundamentals helps both in securing your own networks and in interpreting the data collected during wardriving activities.