There are currently four wireless security protocols available. Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), Wi-Fi Protected Access 2 (WPA2), and Wi-Fi Protected Access 3 (WPA3).
First, please note that WEP means Wired Equivalent Privacy rather than Wireless Encryption Protocol as many believe. WEP was the first security protocol for Wi-Fi networks and provides a very basic level of security. Although it was considered secure at one point, WEP is no longer the recommended protocol for modern day use.
Wi-Fi Protected Access was introduced as the need to replace WEP. Compared to WEP, WPA offers stronger encryption and addressed some of WEP’s many vulnerabilities. Temporal Key Integrity Protocol (TKIP) was WPA’s key feature, which offered more secure communication compared to WEP. Like WEP, WAP was eventually replaced by a more modernized protocol and should no longer be utilized.
Wi-Fi Protected Access 2 provided even stronger security compared to WPA and is currently the most widely used security protocol. The biggest difference between WPA2 and WPA is that WPA2 uses Advanced Encryption Standard (AES) for encryption and provides improved security features. WPA2 also offers two different modes, Pre-Shared Key (PSK) and Enterprise. In PSK mode, one password is shared among all devices on the network and is used to encrypt all wireless communications. Due to its ease of setup, PSK mode is typically used in consumer home networks and commercially for public Internet access points. However, managing these keys can be cumbersome. In Enterprise mode, the authentication process is performed using a server-based protocol such as Remote Authentication Dial-In User Service (RADIUS). The usage of RADIUS allows the Enterprise mode to have more specific, or granular access controls for private networks, lending itself to be preferable in corporate environments by preventing the need to create and use new keys each time an employee departs.
Wi-Fi Protected Access 3 is the most recent and the strongest wireless security protocol. In addition to addressing some vulnerabilities of WPA2, WPA3 introduced new security features, such as a stronger authentication handshake and enhanced encryption. It also offers two different modes, WPA3-Personal, and WP3-Enterprise, aiming to replace WPA2-PSK and WPA2-ENT respectively. Though technically the most secure, organizations will find it difficult to switch to WPA3 due to the cost of upgrading devices that support WPA3.