What is Wireless Protected Access (WPA)?

Instructor: David Delony

David is a freelance writer specializing in technology. He holds a BA in communication.

Wi-Fi security has come a long way. Wireless Protected Access, or WPA, is currently what keeps our devices from being compromised. In this lesson, we'll look at what WPA is, its security features, and the differences between WPA Personal and WPA Enterprise.

What is WPA?

WPA or Wi-Fi Protected Access, is a Wi-Fi security standard that's intended to replace the older WEP, or Wired Equivalent Privacy. WEP was supposed to keep Wi-Fi networks secure but turned out to be very easy to break, so it's been deprecated in favor of WPA. WPA is very common; almost all Wi-Fi equipment made in the last decade supports it.

Why WPA?

WPA makes using Wi-Fi networks more secure than leaving them unencrypted. With unencrypted Wi-Fi networks, it's possible for someone using a program called a packet sniffer to see the data coming across the network. This can include all of the web pages you're viewing, the email messages you're sending, even passwords and credit card numbers. Using encryption keeps all of this confidential information private by scrambling the plain text data, so that it looks like gibberish to an attacker.

When Wi-Fi first came onto the market in the late 90s, it used WEP to encrypt the traffic. In the early 2000s, security researchers found that they could easily break WEP, and the FBI demonstrated how insecure WEP was. The Wi-Fi Alliance officially deprecated WEP in favor of WPA in 2004.

WPA Security

Alice owns a coffee shop and wants to provide Wi-Fi access to her customers. She's read that she shouldn't use WEP because it's insecure, so she decides to use the default WPA2, because it should keep her customers safe. What did she read?

Well, one thing she would have read is that one major improvement of WPA over WEP is the length of the encryption keys. WPA uses a 256-bit key, where WEP used 64-bit and 128-bit keys. The longer key makes it more difficult for a hacker to break it. Even with a powerful computer, a hacker will need at least a few hours to decrypt a WPA key, meaning that most won't bother unless they're really determined to get into a network.

Despite the improvements in security, WPA turned out to have an Achilles' heel: it used the Temporal Key Integrity Protocol or TKIP. There were still a lot of Wi-Fi devices using WEP, and TKIP was designed to make it easy for them to move from WEP to WPA using firmware upgrades. TKIP thus turned out to be easy to break as well.

For that reason, a new encryption standard was needed and WPA2 superseded the original WPA. The biggest difference is that it uses AES, or Advanced Encryption Standard. AES is implemented using CCMP, or Counter Mode Cipher Block Chaining Message Authentication Code Protocol. The use of AES makes it much more difficult to break WPA2's encryption. There have been some successful attacks, but these are mostly proof of concepts by academic researchers that would be difficult to pull off in the real world.

To unlock this lesson you must be a Study.com Member.
Create your account

Register to view this lesson

Are you a student or a teacher?

Unlock Your Education

See for yourself why 30 million people use Study.com

Become a Study.com member and start learning now.
Become a Member  Back
What teachers are saying about Study.com
Try it risk-free for 30 days

Earning College Credit

Did you know… We have over 200 college courses that prepare you to earn credit by exam that is accepted by over 1,500 colleges and universities. You can test out of the first two years of college and save thousands off your degree. Anyone can earn credit-by-exam regardless of age or education level.

To learn more, visit our Earning Credit Page

Transferring credit to the school of your choice

Not sure what college you want to attend yet? Study.com has thousands of articles about every imaginable degree, area of study and career path that can help you find the school that's right for you.

Create an account to start this course today
Try it risk-free for 30 days!
Create an account