The best way to secure your wireless network is to change the type of encryption that your computer uses to send data. The three most common choices for encrypting your data are WEP, WPA, and WPA2. This guide describes these different types of encryption so that you can decide which is the best choice for your network.
WEP (Wired Equivalent Privacy) was introduced in 1999 and at first, it was thought to be as secure as a wired network. WEP uses a password to create a static encryption key that it then uses to encrypt data sent over the web. This means that the same key is used for all of the information or "packets" you send over the air waves during a session. This static key becomes a big problem with security because a key that doesn't change is much easier to attack than one that is constantly changing. WEP is not a "wired equivalent," as it's name suggests; it can be cracked in less than a minute by a commonplace hacker. Unfortunately, a lot of older routers have WEP as their default choice.
WPA and WPA2
Due to the major inefficiencies of WEP, WPA (Wi-Fi Protected Access) became available. WPA was the intermediate step between WEP and WPA2 and was not intended to be used indefinitely. WPA uses a type of temporary encryption key that changes with each packet sent over the web. Also, WPA enables your router to automatically reject any packets that it receives out of order. This is good because it prevents hackers from injecting packets onto your network which is one of the primary means of getting in.
In 2006 WPA2 became mandatory in all new Wi-Fi devices. WPA2 replaced WPA's temporary key with a superior government level security encryption. This upgraded encryption uses AES ( Advanced Encryption Standard) thought to be uncrackable at this point. WPA2 is considered very secure.
WPA2 has several different versions to choose from:
- WPA2-Personal is sometimes referred to as WPA-PSK (Wi-Fi Protected Access Pre-Shared Key). With WPA2-Personal, you set up a password in your router which you share with those you want to have access to your network. This password is entered through the computer or device that is connecting to your Wi-Fi network. We recommend this security mode for home networks.
- WPA2-Enterprise is used for businesses only.
- WPA/WPA2 Mixed Mode may also be a choice in your particular router. This means your router uses WPA2 if possible but falls back on WPA when needed. Due to WPA2 being a much safer choice, we recommend not using this mode. If you have devices that are not compatible with WPA2, we recommend updating your equipment to better protect yourself against unwanted security attacks.
Both WPA and WPA2 require the use of a strong password, it is recommended that you use a password of at least 20 characters, including symbols and numbers. Check out this guide to learn more about how to create a strong password.
Recommended Wi-Fi Settings
The security of the information you send over the internet should be of top priority. We recommend using WPA2-Personal whenever possible since it has the strongest encryption. WPA should be a far second choice and WEP should not even be considered a choice. If you have a router newer than 2006 you should have a firmware upgrade that allows for WPA2-Personal, which we highly recommend upgrading to. If you have an older router, made before 2006, you may want to consider upgrading your device to a newer one that can be better secured.
Also note, that after changing your router to a different encryption type, you will need to re-configure all of your wireless devices to your network. Devices like wireless printers, phones, music players, gaming consoles, and wireless televisions may need to have their settings changed and be re-connected to you network.