[Wired] WPA3 Details - Saving Us from Ourselves?

EXCellR8

Diamond Member
Sep 1, 2010
4,025
859
136
Haven't read the whole thing, nor do I vouch for the quality or accuracy of the content. It seems that this may turn out to be a rather important update though.

A fundamental weakness of WPA2, the current wireless security protocol that dates back to 2004, is that it lets hackers deploy a so-called offline dictionary attack to guess your password. An attacker can take as many shots as they want at guessing your credentials without being on the same network, cycling through the entire dictionary—and beyond—in relatively short order.

Source
 

ch33zw1z

Lifer
Nov 4, 2004
38,784
19,372
146
Pretty good read.

On your quote, don't use an easy dictionary password. My wifi passwords are usually some off kilter phrase, mix in with a sequence of symbols, about 20 characters
 

VirtualLarry

No Lifer
Aug 25, 2001
56,570
10,200
126
I want to know, when are they going to implement a physical-layer equivalent to TLS, such that you can leave your hotspot "open" for connections, without a pre-shared password, but the actual connections will STILL be encrypted, preventing spoofing and eavesdropping / credential (cookie)-stealing?

YES! It does! Finally!
 
Last edited:

ch33zw1z

Lifer
Nov 4, 2004
38,784
19,372
146
I want to know, when are they going to implement a physical-layer equivalent to TLS, such that you can leave your hotspot "open" for connections, without a pre-shared password, but the actual connections will STILL be encrypted, preventing spoofing and eavesdropping / credential (cookie)-stealing?

YES! It does! Finally!

Yea, that's essentially a big change. IMO, this has taken way to long. WPA2 has been around for a very long time, ancient in tech years.

Since I run a separate router (er-x) and access point (uap-ac-lr), i may have to upgrade the AP for support.
 

razel

Platinum Member
May 14, 2002
2,337
90
101
Looks like WPA3's replacement for the 4 way handshake that was vulnerable to KRACK is add-able to existing WPA-2 routers. It's again all about whether the router brand is willing to it. Places more importance on software updates for routers. Nothing new... just another year. Link includes replies from 4 brands and all sounds encouraging for what I could call *partial* but important WPA-3 support.
 

ch33zw1z

Lifer
Nov 4, 2004
38,784
19,372
146
That's promising.

The devices I'm most concerned with are my thermostats. As they're pricey, I'm hoping nest can include the new security without a hardware upgrade.

To be honest, I wish the things were hardwired and PoE