WiFi security types: What do WEP, WPA, WPA2 & WPA3 mean?

Picture this: Your power goes out while you’re working from home, so you pop over to a coffee shop to use the WiFi. Once you connect to the public WiFi network, it’s business as usual — you send some emails, log in and out of important accounts, and message with coworkers.

Your biggest concern might be internet speed. But what you might not realize is that free, open WiFi has lower digital privacy standards than your home or work network. And when you send sensitive information, it’s likely more vulnerable to cyber attacks. 

Understanding WiFi security types and how they work can help you use different networks wisely, whether you’re connecting to public WiFi or choosing a new network type for your home. Here’s a guide to security types, how to tell which one you have, and which are safest.

What is WiFi security, and how does it work?   

WiFi networks run on radio waves, which wirelessly transmit digital data from place to place. If you connect to an open, unsecured network and a cyber criminal connects to the same one, they could intercept those waves to steal whatever information you’re transmitting.

WiFi security is what protects your data from interception. It usually comes in two forms: encryption and authentication. Encryption jumbles data so only the sender and receiver can read it, and it looks like gibberish to anyone else. Authentication ensures only people with the right password can access the network in the first place.

Most types of WiFi security use both of these forms to protect your online activity. When you log into a network, you use a password for authentication, and when you browse the internet, the system automatically encrypts your data. Open public networks — those with no password and no security — usually lack these measures and expose your data, which is why it’s best to avoid them.

4 types of Wi-Fi security protocols

Wired Equivalent Privacy (WEP) and Wi-Fi Protected Access (WPA) models both encrypt wireless data for secure network use, but they do differ. Here’s how each WiFi encryption protocol works:

1. What is WEP?

WEP is a now obsolete technology that originally encrypted traffic on a network using a single key. All devices on that network could send and receive information and decode it using that key. However, WEP technology proved vulnerable to security breaches, pushing WiFi security to evolve.

2. What is WPA?

WPA arose in response to WEP's security vulnerabilities. It uses advanced key technology called temporal key integrity protocol (TKIP). With TKIPs, the network still shares a key, but the key changes. The logic is similar to changing the lock on your front door. Even if a criminal has a copy of the original key, they won’t have a copy of the one that goes to the new lock. 

3. What is WPA2?

WPA2 is a later version of WPA. It stopped using TKIPs in favor of stronger security protocols, like the robust security network (RSN) mechanism, which adapts to personal or business use. The personal network, also known as a Pre-Shared Key (WPA2-PSK) network, requires a password for connection. Enterprise mode (WPA2-EAP) handles more extensive networks and allows users to have their own credentials, like unique passwords. 

4. What is WPA3?

WPA3 is the third version of the WPA technology. WPA3 offers individualized data encryption, meaning that users can sign on through other methods than plugging in a password — for example, by using a QR code. This iteration of WPA also has better security protection, only giving offline users one chance at correctly guessing a password. Overall, WPA3 has the most secure authentication and encryption.

WEP versus WPA versus WPA2 versus WPA3: Pros and cons

WEP security protocols have been obsolete since the early 2000s because of their relative lack of safety — so it’s unlikely that you’ll ever have to assess whether to use a WEP. But to their credit, WEP protocols are safer than nothing at all. 

Individuals and businesses alike regularly use WPA, WPA2, and WPA3 protocols, though WPA2 is most common. Here’s what makes each type unique.

WPA 

Thanks to TKIP encryption, WPA is a safer option than its predecessor (WEP). However, it’s the oldest and least secure of the WPA models, making WPA2 and WPA3 better options. Plus, WPA is nearly obsolete. 

WPA2

WPA2 is the minimum requirement from the WiFi Alliance for use on WiFi-certified devices, as it uses robust encryption methods. It uses more processing power than WPA, but that’s because it’s working harder. 

WPA3

Thanks to enhanced encryption methods and its ability to block repeated offline password guesses, WPA3 reigns for safety. However, older devices may not be compatible with this technology, so you should check for WPA3 capability before pairing devices to one of these networks.

Which wireless network security protocol should I choose?

A good rule of thumb for choosing a network security protocol is always to select the safest option compatible with your devices. For many with newer routers, computers, and phones, the security protocol that fits this bill is WPA3. 

If the safest option isn’t available for your router and devices, move to the next secure down the list. So, if you can’t use a WPA3, use a WPA2. You probably won’t have to move further down the list because most networks and devices support WPA2 security protocols and up.

This rule of thumb only works where you have a choice in the first place. If you’re connecting to a WiFi network in a cafe or the airport, that network might have weak security — or none at all. You’ll have to put security precautions in place for yourself, and IronVest is the best place to start. You’ll access bank-grade security that protects you from fraud, wherever you are. With biometric authentication, safe autofill, and masked contact information, you don’t have to worry about making your data vulnerable in public. IronVest will protect it. 

What security type is my WiFi?

You can check the security type of any WiFi network you’re connected to with these steps, depending on your device.

Windows 10

Here’s how to see your WiFi security in Windows 10:

1. Click on the WiFi icon in the taskbar. 

2. Click on the network you want to check, then Properties. 

3. Scroll to Security Type under Wi-Fi details to see the security protocol information.

Mac OS

You can check a security protocol in MacOS with these steps:

1. Hold down the Option key while you click on the WiFi icon in the toolbar at the top of the screen.

2. Under the WiFi name, you’ll see a list of network details. Look for Security, which will show the protocol type.

Android

Use the following steps — which may vary slightly by device — to determine which security protocol you’re using on an Android:

1. Go to settings and open WiFi.

2. Tap on the network you’re connected to. 

3. You can now see the type of security protocol the network uses. 

iPhone

You can’t see what type of security protocol a network uses on an iPhone, but you can see which ones require a password by opening the WiFi connection options and noting those that have a lock icon next to them. The lock image means that a network is password-protected. If you want to check a network before connecting on your iPhone and have your computer with you, use it to view the safety protocol information of the WiFi connection in question.

How to secure your WiFi network

Safeguard your at-home network by taking extra steps to keep unwanted third parties out. These quick tips can make your WiFi harder to access.

1. Set a new password: Routers come with a password, which usually appears somewhere on the device. Not only could anyone who steps foot in your home copy down this password, but a hacker could guess the login credentials using nefarious websites that list admin credentials by router type. Set a new password whenever you install a router.

2. Use a challenging password: Create a unique password that contains no words or numbers an unwanted third party could guess. Avoid identifying elements like your birthday or name (or your cat’s), and use a mix of random uppercase and lowercase letters, numbers, and symbols. 

3. Change your network name (SSID): Change your network name so a stranger who sees it can’t guess the router type. Some router models are right in the SSID name, making it easier for a hacker to look up the default admin login credentials. Take a minute to personalize it with something unique but unidentifiable.

Enjoy a safer WiFi experience with IronVest

There’s no such thing as a 100% safe network. But with the right protocols, you can get pretty close. 

It starts with IronVest. With this security super app, you can amp up your internet safety by making your personal information more challenging for hackers to view. Even someone who gains access to your login credentials or device won’t be able to get into your accounts if you use biometric authentication, masked contact information, and protected virtual credit cards. No matter where you are, you’ll browse with ease.