academy
Security
Security
See all Security articles
Privacy
Privacy
See all Privacy articles
Performance
Performance
See all Performance articles
Select language
Select language
Avast Academy Privacy VPN Wi-Fi Security: WEP vs WPA or WPA2

Wi-Fi Security: WEP vs WPA or WPA2

WEP, WPA, and WPA2 are Wi-Fi security protocols that secure wireless connections. They keep your data hidden and protect your communications, while blocking hackers from your network. Generally, WPA2 is the best choice, even though it consumes more processing power to protect your network. Learn more about Wi-Fi security options and how encryption tools like VPNs can protect you even further.

Academy-Wi-Fi-security-WEP-vs-WPA-or-WPA2-which-is-best-Hero

What are Wi-Fi security protocols and are they encryption tools?

Wi-Fi security protocols use encryption technology to secure networks and protect the data of their clients. Wireless networks are often less secure than wired ones, so wireless security protocols are crucial for keeping you safe online. The most common Wi-Fi security protocols today are WEP, WPA, and WPA2.

Hamburguer menu icon

This article contains:

    Data encryption tools protect sensitive data by scrambling it until it’s unreadable. Wi-Fi security protocols use cryptographic keys to randomize data to make it undecipherable. Since Wi-Fi systems use symmetrical encryption, the same key is used to encrypt and decrypt data.

    All Wi-Fi security protocols are certified by the Wi-Fi Alliance, the non-profit organization that owns the Wi-Fi trademark. There are four wireless security protocols currently available:

    • Wired Equivalent Privacy (WEP)

    • Wi-Fi Protected Access (WPA)

    • Wi-Fi Protected Access 2 (WPA 2)

    • Wi-Fi Protected Access 3 (WPA 3)

    What is WEP (Wired Equivalent Privacy)?

    WEP (Wired Equivalent Privacy) is the oldest and most common Wi-Fi security protocol. It was the privacy component established in the IEEE 802.11, a set of technical standards that aimed to provide a wireless local area network (WLAN) with a comparable level of security to a wired local area network (LAN).

    The Wi-Fi Alliance ratified WEP as a security standard in 1999. Once touted to offer the same security benefits as a wired connection, WEP has been plagued over the years by many security flaws. And as computing power has increased, these vulnerabilities have worsened. Despite efforts to improve WEP, it’s still vulnerable to security breaches. The Wi-Fi Alliance officially retired WEP in 2004.

    Any systems still using WEP should be either upgraded or replaced.

    What is WPA (Wi-Fi Protected Access)?

    WPA (Wi-Fi Protected Access) is a wireless security protocol released in 2003 to address the growing vulnerabilities of its predecessor, WEP. The WPA Wi-Fi protocol is more secure than WEP, because it uses a 256-bit key for encryption, which is a major upgrade from the 64-bit and 128-bit keys used by the WEP system.

    WPA also uses the Temporal Key Integrity Protocol (TKIP), which dynamically generates a new key for each packet, or unit of data. TKIP is much more secure than the fixed-key system used by WEP.

    Still, WPA is not without flaws. TKIP, the core component of WPA, was designed to be implemented onto WEP-enabled systems via firmware updates. This resulted in WPA still relying on easily exploitable elements.

    What is WPA2?

    WPA2 (Wi-Fi Protected Access 2) is the second generation of the Wi-Fi Protected Access wireless security protocol. Like its predecessor, WPA2 was designed to secure and protect Wi-Fi networks. WPA2 ensures that data sent or received over your wireless network is encrypted, and only people with your network password have access to it.

    A benefit of the WPA2 system was that it introduced the Advanced Encryption System (AES) to replace the more vulnerable TKIP system used in the original WPA protocol. Used by the US government to protect classified data, AES provides strong encryption.

    Unfortunately, like it’s predecessor, WPA2-enabled access points (usually routers) are vulnerable to attacks through WEP. To eliminate this attack vector, disable WEP and, if possible, make sure your router’s firmware doesn’t rely on WEP.

    WPA vs WPA2

    WPA (Wi-Fi Protected Access) and WPA2 (Wi-Fi Protected Access 2) are two security standards that protect wireless networks. WPA2 is the second generation of the Wi-Fi Protected Access security standard and so is more secure than its predecessor, WPA.

    Your Wi-Fi router likely includes both WPA and WPA2 security protocol options. When turning on Wi-Fi encryption on your router, choose WPA2 for the most secure Wi-Fi protection.

    To check your Wi-Fi security protocol, open the Windows Start menu, then type Wi-Fi settings. Click the Wi-Fi network you’re connected to and scroll to Properties.

    Windows Wi-Fi settings show which type of wireless security protocol your Wi-Fi networks use.

    If you have an older computer, note that WPA2 requires more processing power to protect your network. But this only concerns older access points using WPA2 via a firmware upgrade. Most current access points are equipped with hardware capable of processing WPA2 without a problem.

    If your connection speed is slow even with modern hardware, learn how to speed up your internet connection or check out our guide to speeding up your computer.

    WEP vs WPA vs WPA2

    WPA2 is the more recent wireless security protocol protecting wireless networks, so it’s generally your best option when looking to secure your Wi-Fi network. Let’s take a look at the pros and cons of each security protocol, ordered from best to worst.

    WPA2

    Pros:

    • Addresses many security flaws of its predecessors

    • Uses the strongest encryption method: AES

    • Required by the Wi-Fi Alliance for use on all Wi-Fi certified products

    • 256-bit key for encryption

    Cons:

    • Still contains some security vulnerabilities

    • Requires the most processing power

    WPA

    Pros:

    • Addresses security vulnerabilities of the original wireless security standard, WEP

    • TKIP encryption method is better than the fixed-key encryption used by WEP

    • 256-bit key for encryption

    Cons:

    • When rolled out onto WEP devices, TKIP can be exploited

    • Similar security vulnerabilities to WEP

    WEP

    Pros:

    • Better than no security protocol — though not by much

    Cons:

    • Riddled with security vulnerabilities

    • Only 64-bit and 128-bit keys for encryption

    • Fixed-key encryption

    • Hard to configure

    WEP vs WPA vs WPA2: the technical specs

    Here’s a breakdown of the three most common Wi-Fi security types and their technical specifications:

     

    WEP

    WPA

    WPA2

    Year introduced

    1999

    2003

    2004

    Encryption protocol

    Fixed-key

    TKIP

    CCMP

    Session key size

    64-bit/128-bit

    256-bit

    256-bit

    Cipher type

    RC4 stream
    cipher

    TKIP (RC4-based)

    AES

    Data integrity

    Cyclic Redundancy
    Check

    Message
    Integrity Check

    CCMP

    Authentication method

    Open system/Shared
    key

    PSK

    PSK + PMK

    Key management

    Symmetric key
    encryption

    WPA + WPA-PSK

    PMK + PSK


    Note: Plain rows show standard specs; grey rows show advanced specs

    What about WPA3?

    WPA3 (Wi-Fi Protected Access 3) is the newest wireless security protocol designed to encrypt data using a frequent and automatic encryption type called Perfect Forward Secrecy. It’s more secure than its predecessor, WPA2, but it hasn’t been widely adopted yet. Not all hardware supports WPA3 automatically, and using this protocol often requires costly upgrades.

    What are Wi-Fi encryption tools?

    Wi-Fi encryption tools help defend your data and your device when you’re using Wi-Fi networks. Unsecured wireless networks can be riddled with potential security vulnerabilities that hackers and other cybercriminals can exploit for data breaches or malware attacks. Sp Wi-Fi security protocols, like WPA2, have become standard for wireless network protection.

    But online protection doesn't stop there. From VPNs to proxies to Tor, there are many tools available to help defend your network. Even your most trusted devices will benefit from privacy protections — even iPhones need extra privacy apps. But not all tools can encrypt your data.

    A Virtual Private Network (VPN) provides strong encryption protections to secure your Wi-Fi network. Normally, your web traffic is sent through your Internet Service Provider (ISP). But with a VPN, your traffic is first routed and encrypted through a VPN server.

    That means that your data and communications appear to come from the VPN server rather than your router. In other words, not only is your data encrypted, but all your communications appear to originate from the VPN server, which increases your privacy.

    If you use Wi-Fi security protocols, you may be wondering why you need a VPN. VPNs increase the standard protection provided by normal Wi-Fi security protocols. Because all your web traffic is diverted to a VPN server, your activity stays hidden from your ISP, government, hackers, and other snoops. Also, a VPN lets you safely browse on public Wi-Fi, and it helps you avoid geo-blocks so you can access your favorite content online.

    Wi-Fi security protocols and VPNs can work together to keep you safe online. Wi-Fi security protocols like WPA2 protect your local network from intrusions and breaches, while VPNs encrypt all your outgoing web traffic.

    Boost Wi-Fi security with Avast SecureLine VPN

    Wi-Fi security protocols are essential for blocking hackers from your local network. But keeping you and your family safe online is a multi-front battle. For comprehensive wireless network security, add Avast SecureLine VPN to your arsenal.

    Avast SecureLine VPN helps increase the security of your Wi-Fi network.

    Avast SecureLine VPN provides bank-grade encryption to help protect you from threats like hackers and scammers. Download Avast’s VPN to hide your activity from your ISP, government, and other snoops. When used along with strong standardized Wi-Fi security protocols, Avast SecureLine VPN will keep your network protected on all fronts.

    Get airtight privacy protections with Avast SecureLine VPN for Android

    FREE TRIAL

    Get airtight privacy protections with Avast SecureLine VPN for iPhone and iPad

    FREE TRIAL