Quiz Entry - updated: 2026.07.14
What are the four shared key authentication methods (WEP, WPA, WPA2, WPA3), and which should be used today?
WEP is broken (never use). WPA improved on WEP with TKIP but is legacy. WPA2 uses AES-CCMP and is the current standard. WPA3 adds SAE and Protected Management Frames — it's the recommended choice for new deployments.
* Wi-Fi security evolution WEP→WPA3. *
| Method | Encryption | Algorithm | Status |
|---|---|---|---|
| WEP | RC4 with static key | Rivest Cipher 4 | Broken — NEVER use. Can be cracked in minutes |
| WPA | TKIP (improved RC4) | Temporal Key Integrity Protocol | Legacy — avoid. TKIP changes key per-packet but still uses RC4 |
| WPA2 | AES-CCMP | Advanced Encryption Standard | Current standard. AES is considered the strongest encryption |
| WPA3 | AES-GCMP / 192-bit | Latest security methods | Recommended. Adds SAE, PMF, forward secrecy |
WPA3 improvements over WPA2:
- SAE (Simultaneous Authentication of Equals): Replaces the PSK 4-way handshake. Resistant to offline dictionary attacks — even if attacker captures the handshake, they can't brute-force the password offline
- Protected Management Frames (PMF): Mandatory. Prevents deauthentication and disassociation attacks
- Forward secrecy: Even if the password is later compromised, previously captured traffic cannot be decrypted
- Open Network Encryption (OWE): Encrypts traffic on open networks without authentication (e.g., coffee shop Wi-Fi)
Tip: WEP can be cracked with tools like aircrack-ng in under 5 minutes with enough captured packets. If you see WEP on any network in 2024+, it's a critical vulnerability.
Go deeper:
Wi-Fi Protected Access (Wikipedia) — the WEP→WPA→WPA2→WPA3 evolution and why WPA3 is the one to use today.