• #1 NetSpot
  • Best WiFi tool to assess your WiFi security
  • 4.8
  • 969 User reviews
Get NetSpot

All About WiFi Security

WIFI SECURITY IS A BIG TOPIC TO GET INTO, BUT LEARNING JUST THE BASICS BY READING ARTICLES PUBLISHED ON THE NETSPOT BLOG CAN GIVE YOU A MASSIVE EDGE OVER CYBERCRIMINALS, WHO ARE ALWAYS ON THE LOOKOUT FOR NEW WAYS TO BYPASS WIFI SECURITY AND STEAL SENSITIVE INFORMATION FROM UNSUSPECTING USERS.
CHECKED BY
  • NetSpot
  • Essential for WiFi security
  • 4.8
  • 969 User reviews
Get NetSpot

Download NetSpot and use it to verify that your own WiFi network adheres our security recommendations.

Jump to...
What Is WiFi Security?
WEP vs WPA vs WPA2
WiFi Standards
What Is WiFi Security Recommendation on iOS?
Common WiFi Home Security Vulnerabilities
Best WiFi Security Tips
Conclusion
FAQ

What Is WiFi Security?

As you may know, WiFi networks transmit data between devices using radio waves, typically on the 2.4 gigahertz and 5 gigahertz radio-wave frequencies. Just like you can tune an FM radio to a specific channel to listen to your favorite radio show, anyone with the necessary skills can configure a WiFi capture device to collect all data that’s transmitted on a specific frequency.

To prevent potentially malicious strangers from seeing what you do online, stealing your passwords, and doing all kinds of other things, modern devices implement several different wireless network security standards, whose purpose is to encrypt wirelessly transmitted data and turn it into meaningless ciphertext.

Thanks to WiFi security, you can connect to a public WiFi network at an airport together with hundreds of other people and know that your personal information will remain private.

What Is a Network Security Key for WiFi?

Secure WiFi connections are established when wireless clients (smartphones, laptops, etc.) and the wireless networks they connect to prove their identities to each other.

From the point of view of a regular user, the authentication process begins with the network security key prompt. This prompt acts as a gate, preventing those who don’t have the right network security key from establishing a secure connection.

WiFi Security

Network security keys are typically alphanumerical passwords, but passwordless authentication using technologies like Wi-Fi Protected Setup (WPS) is also possible.

WEP vs WPA vs WPA2

Even though WiFi security is a hot topic these days, there are still far more unsecured WiFi networks than most security experts would like. In fact, approximately 24.7 percent of WiFi hotspots in the world do not use any encryption at all, according to statistics from Kaspersky Security Network (KSN).

Such networks are commonly referred to as “open” because anyone can connect to them, and also because anyone can see the activity of the people connected to them. Needless to say, using open WiFi networks for anything that’s even remotely personal is a very bad idea. Fortunately, there are several security algorithms for wireless networks, with WEP, WPA, and WPA2 being by far the most prevalent ones.

What Is WEP?

WEP is short for Wired Equivalent Privacy, and it’s a security algorithm for IEEE 802.11 wireless networks, which communicate in the 900 MHz and 2.4, 3.6, 5, and 60 GHz frequency bands. WEP was first introduced in 1997, and it had been the main WiFi security algorithm until it was superseded by Wi-Fi Protected Access (WPA) in 2003 and later declared as deprecated.

Standard 64-bit WEP uses only a 40-bit key, and this key is shared among users, making it problematic for large organizations to fix security issues. The first WEP exploit was published in 2001, and the FBI publicly demonstrated that it was possible to crack a WEP-protected network in less than 3 minutes with tools that were freely available on the internet.

Today, WEP is used by only around 3 percent of access points globally. Most new routers don’t even give users the option to use it, and those that do display a warning message to inform users about the numerous shortcomings of the WEP security algorithm.

What Is WPA?

Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access II (WPA2) are security algorithms developed by the Wi-Fi Alliance to address the numerous shortcomings of the WEP security algorithm.

WPA2 is currently used on almost 70 percent of all WiFi routers, and most router manufacturers have made it the default security option. WPA2 relies on the Advanced Encryption Standard (AES) block cipher, which is a specification for the encryption of electronic data approved by the National Security Agency (NSA) for top secret information.

While significantly more secure than WEP, even WPA2 isn’t without its issues. Arguably the biggest problem with WPA2 is the fact that it remains vulnerable to password cracking if users rely on a weak password. To fix the issues associated with WPA2, the Wi-Fi Alliance announced WPA3 in January 2018, and certificate began in June 2018.

WPA3 is here

The next-generation, much improved, highly secure protocol promises safer browsing and keeping your important data from being stolen even on public networks. It can be even said that WPA3 will keep its users so safe they will even forget hazards ever existed.

The protocol is required since July 1, 2020, so there are already many new routers that support it. Here are some of the benefits users who purchase WPA3-enabled routers can look forward to:

Password Protection

Creating new passwords can be mundane, hence a lot of people end up using the same password for multiple accounts, plus passwords lack creativity, which results into an easy hacking. With WPA3 comes a new key exchange protocol that will protect you from dictionary attacks targeting lazy passwords created in a hurry.

Connect devices safely

WPA3 makes it much easier to connect new devices that don’t provide a convenient way to select a network and enter the correct password with Wi-Fi Easy Connect. This standardized provisioning and configuration solution makes it possible to connect a device by scanning the product quick response (QR) code, NFC tag, or downloading device information from the cloud.

Check your encryption with NetSpot

Powerful advanced tool for multiple Wi-Fi networks Surveys, Analysis and Troubleshooting.

WiFi Standards

WiFi devices can exchange information only because they talk the same language. This language is created and maintained by the Institute of Electrical and Electronics Engineers (IEEE) LAN/MAN Standards Committee (IEEE 802), which is why it’s called IEEE 802.11.

Just like regular languages evolve over time to reflect the changes in the world around us, the IEEE 802.11 protocols for implementing wireless local area network computer communication evolve as well.

Here’s a brief overview of past, present, and future WiFi standards:

WiFi Standard Name Adopted in Maximum link rate of
WiFi 1 802.11b 1999 up to 11 Mbit/s
WiFi 2 802.11a 1999 up to 54 Mbit/s
WiFi 3 802.11g 2003 up to 54 Mbit/s
WiFi 4 802.11n 2008 600 Mbit/s
WiFi 5 802.11ac 2014 6,933 Mbit/s
WiFi 6
(Read more:
What is WiFi-6?)		 802.11ax 2019 9,608 Mbit/s
WiFi 7
(Read more:
What is WiFi-7?)		 802.11be coming soon 40,000 Mbit/s

Also worth mentioning is 802.11mc, one of the maintenance/revision groups for the 802.11 standards.

What Is WiFi Security Recommendation on iOS?

On iOS devices, a WiFi network sometimes displays the Security Recommendation warning in the WiFi settings menu. When you see this message, your device is trying to tell you that you’re connected to a WiFi network whose security could be improved.

Perhaps the password is too weak, or the network is using an outdated security algorithm, or it doesn’t have a password to begin with. Whatever the case is, you can always click on the “i” icon displayed next to the warning message to learn more about your wireless network security.

Read here more about top WiFi security tips on how to stop a WiFi hacker from stealing your personal information.

How Do I Fix Weak Security on My WiFi?

All weak security WiFi warnings on iOS can be fixed by doing the following:

  • Use a modern WiFi security standard: iOS considers all standards that use Temporal Key Integrity Protocol (TKIP) as insecure. Fortunately, modern routers support WPA2 and WPA3 with AES encryption.
  • Create a strong WiFi password: To resist brute-force attacks, your WiFi password should be reasonably strong. You can use an easy-to-remember passphrase instead if you want to.
  • (Bonus) Don’t share your password with strangers: While iOS has no way of knowing how many people you’ve shared your password with, it’s a good idea to share it with only those you really trust. For other people, you can create a guest WiFi network instead.

Now that you know the answers to the questions “What does weak security mean on WiFi?” and “Why does my WiFi say weak security?” you can go ahead and implement the above-described fixes.

Check your encryption with NetSpot

Powerful advanced tool for multiple Wi-Fi networks Surveys, Analysis and Troubleshooting.

Common WiFi Home Security Vulnerabilities

WiFi home security is an important topic because nearly every household has a wireless network. The unfortunate reality is that all major WiFi security types have known vulnerabilities that can be exploited unless certain measures are taken.

KRACK (or Key Reinstallation Attacks)

Perhaps the most severe attack on WiFi security was discovered in 2016 by Belgian researchers Mathy Vanhoef and Frank Piessens. Called Key Reinstallation Attack, or KRACK for short, this replay attack makes it possible for any attacker within range of a victim to steal sensitive information and read information that was previously assumed to be safely encrypted.

The worst thing about KRACK is that it affects all software platforms, including Microsoft Windows, macOS, iOS, Android, Linux, and OpenBSD.

Read about the six essential steps you need to take right now to protect yourself from the KRACK attack.

Best WiFi Security Tips

While it’s beyond the scope of this article to list all best wireless security tips professional network administrators like to give to home and business users alike, we still feel the need to cover just the very basic ones.

Choose a Strong Password

Regardless of which WiFi security type you choose, a strong password remains the most effective protection against cybercriminals. A good password is long enough so it’s impossible to brute force it by trying many passwords or passphrases with the hope of eventually guessing correctly. You can easily calculate how long it would take an average computer to crack your password here.

Don’t Forget to Update Your Router

Just like your smartphone, your router has an operating system that needs to be updated from time to time to fix various vulnerabilities and bugs that went unnoticed when it was released. While some routers update automatically, it’s always a good idea to manually check at least once a month to verify that your router is up to date.

Update Your Router

Monitor Your Wireless Security

With a WiFi surveillance and monitoring app like NetSpot, you can easily see your WiFi security settings as well as the security settings of all other WiFi networks that are within your range.

NetSpot

NetSpot can help you decide whether you should kick people off your WiFi, and it can also tell you where you should place your router to enjoy the best coverage possible.

Detect Who Is Connected to Your WiFi

When WiFi users are asked if they know how to detect who is connected to their WiFi, they typically give one of two answers:

Those who give the second answer usually don’t realize that having a stranger connected to your WiFi network is a lot like having a stranger in your house. That’s why it’s important to occasionally check who is connected to your WiFi and kick all unfamiliar users out.

Use VPN for Public WiFi Security

Public WiFi networks are convenient, but they are not all equally secure. In fact, some public WiFi networks are downright malicious, set up by criminals just to lure in unsuspecting users and steal their personal information.

In situations when you have no other option but to use a public WiFi network you don’t completely trust, you should protect yourself by creating an encrypted VPN tunnel and sending all data through it.

Conclusion

WiFi security is a complex topic with countless thick books dedicated to it. Although we’ve only managed to scratch the surface here, the information we’ve provided covers all the basics you need to be aware of in order to stay safe online.

Check your encryption with NetSpot

Powerful advanced tool for multiple Wi-Fi networks Surveys, Analysis and Troubleshooting.

FAQ

Which security is best for WiFi?

You should always use the latest WiFi security standard supported by your router. Right now, the best WiFi security is provided by WPA3, but WPA2 with AES encryption is also fine.

How do I make sure my WiFi is safe?

To make sure your WiFi is safe, you need to enable a WiFi security standard like WPA3 and authenticate all clients using a strong password.

What is WiFi network security?

The term WiFi network security describes the various standards and processes that are used to make wireless connections secure.

What is the difference between WPA and WPA2?

The biggest difference between WPA and WPA2 is the fact that the former WiFi network security standard relies on the Temporal Key Integrity Protocol (TKIP), which is no longer considered secure.

Have more questions?
Submit a request or write a couple words.

Read next in All about Wi-Fi

If you want to dive deeper into this Wi-Fi thing, check out the following articles about Wi-Fi security, the best apps for wireless networking, inflight WiFi, etc.
Knowing How to Hack WiFi Can Secure Your Data
Learn more
What is WiFi RTT (round-trip time) and How it Works
Learn more
What does WiFi stand for and how it works
Learn more
Get NetSpot for Free
Wi-Fi Site Surveys, Analysis, Troubleshooting runs on a MacBook (macOS 10.12+) or any laptop (Windows 7/8/10/11) with a standard 802.11a/b/g/n/ac/ax wireless network adapter.
Get NetSpot
NetSpot
Free WiFi Analyzer
NetSpot for iOS
Heat Maps & Speed Test