Most of us connect our mobile devices to a Wi-Fi router for internet access, but this connection can leave our network and data vulnerable to cyber threats. To protect against those threats, a Wi-Fi Protected Access (WPA) encryption protocol is recommended. And even though it’s been around since 2004, WPA2 remains the Wi-Fi security standard.
WPA2 is a security protocol that secures wireless networks using the advanced encryption standard (AES). The protocol protects your incoming and outgoing internet traffic and makes it difficult for cyber criminals to intercept your data or hack your device. If implemented and configured properly, WPA2 is stronger and more resistant to potential attacks than predecessor technologies like WEP (Wired Equivalent Privacy) and WPA.
Although WPA3 has been around for five years, its uptake remains less than 1%. WEP and WPA are both under 4%, while WPA2 commands a 73% share of known wireless encryption connections.
Older routers and devices may not support WPA2, but if your devices support it, upgrading to WPA2 is a fairly simple process.
7 Steps to Configure Your Router for WPA2
- Log Into Your Router Console
- Navigate to the Router Security Panel
- Select Encryption Option
- Set Your Network Password
- Save Changes
- Reboot
- Log In
Also read: Wireless Security: WEP, WPA, WPA2 and WPA3 Explained
Step 1: Log Into Your Router Console
Using the browser of your choice, log into the admin console of your home router. The exact method for doing this may vary depending on your router manufacturer. You can refer to your Router Manual for more details. However, the most common method is to enter http://192.168.1.1 into the browser address bar and press ENTER; http://10.0.0.1/ is another common router IP address.
If those don’t work, you can type “cmd” into the search bar of your Windows machine to call up the command line interface, then type “ipconfig” and hit enter; the address will be under Default Gateway. On a Mac, you might find it in the TCP/IP tab of Advanced Network settings in System Preferences, while in Linux you’ll find it under Connection Information after clicking on the network icon.
The typical username and password for Wi-Fi routers is “admin” for both, but you may need to search online or contact your ISP if that doesn’t work. And while you’re in there, update that password to something a little less hackable, possibly saving the new one in a password manager.
As long as you’re in there, you should look around and address any security warnings; perhaps your firewall security setting is too low, for example.
Step 2: Navigate to the Router Security Panel
The next step is to navigate to the Wireless > Security menu option, which may vary depending on the router. Check your router manufacturer’s website or manual for specific instructions, or just navigate your way around until you find it. Here’s a screenshot of one route and settings:
Step 3: Select Encryption Option
Select the encryption option WPA2-PSK. If this option is not available, you may need to upgrade the router firmware.
Note that some routers also offer a WPA2-Enterprise setting, which is designed for corporate environments. Your router may not offer WPA3, and even if it does, all your devices might not be compatible.
Step 4: Set Your Network Password
Create a strong network password that meets the following requirements:
- Must be at least eight characters long
- It should have a combination of uppercase and lowercase letters
- It should contain a mix of letters, numbers, and symbols
Step 5: Save Changes
Click Save or Apply to confirm the changes.
Step 6: Reboot
Reboot your router, if necessary, to apply the changes.
Step 7: Log In
Connect all your wireless devices, select your new Wi-Fi SSID, and enter your new Wi-Fi password to complete the process.
Consider Upgrading From WPA2 to WPA3
WPA3 is the latest wireless security protocol that is designed to address some of the security weaknesses of WPA2. It includes features such as Simultaneous Authentication of Equal (SAE), the Dragonfly handshake, simplified setup, better IoT device security, and future proofing.
Even though WPA3 is the upgraded version of WPA2, this doesn’t mean that you have to immediately implement this upgrade. This will depend on your devices’ and network’s compatibility. You’ll have to check the documentation of your devices to see if they’re compatible. But in the meantime, WPA2 with a good firewall setting and antivirus software on your devices is pretty good security.
See the Best Antivirus Software
6 Differences Between WPA2 and WPA3
WPA3 provides improved security features compared to WPA2. However, it is important to note that not all devices and networks support WPA3, and upgrading can be unnecessary or impractical for all situations. Here are the differences between WPA2 and WPA3:
- Stronger encryption: WPA3 uses a stronger encryption algorithm (256-bit encryption) compared to WPA2 (128-bit encryption). This makes it more difficult for attackers to intercept and decrypt wireless traffic.
- Protection against brute force attacks: WPA3 uses SAE, a new authentication method that protects against attacks on the Wi-Fi network’s password. This makes it more difficult for attackers or anyone to guess or crack the password.
- Protection against offline dictionary attacks: A new key exchange protocol called Dragonfly is used in WPA3, which protects against offline dictionary attacks, a password guessing attack. That’s a significant improvement over WPA2.
- Better IoT device security: WPA3 introduced Protected Management Frames (PMF), which provides better protection for IoT devices. PMF ensures that these devices are authenticated and encrypted even if they don’t support WPA3.
- Simplified setup: WPA3 includes a feature called Wi-Fi Easy Connect, which makes it easier to set up devices on a Wi-Fi network with the need for a password. This features QR code or Near Field Communications (NFC) to securely connect devices to the network.
- Improved security for public Wi-Fi: WPA3 introduces a feature called Opportunistic Wireless Encryption (OWE), which encrypts wireless traffic even if the user doesn’t enter a password or if the password is insecure.
Bottom Line: Configuring a Router to Use WPA2
WPA2 has been in use for about 20 years, which means that there are very few devices and routers left that don’t support the protocol. That’s pretty convenient, because it remains the default Wi-Fi security standard.
And if you’ve never done it, it’s kind of fun going into your Wi-Fi router admin panel, so even if you’re already on WPA2, it’s good to check the security settings in there anyway. You may find something that needs to be addressed.
If your devices and router support WPA3, by all means upgrade to that protocol. If not, WPA2 will do for now.
Read next: The Best Wi-Fi 6 Routers Secure and Fast Enough for Business
This updates a 2011 article by Eric Geier