What Types of WiFi Encryption Are Insecure and to Avoid

Why We Must Protect Wi-Fi Networks

Whenever we use a Wi-Fi network we must ensure that it is properly protected. Otherwise we would be leaving a door open to possible intruders who could attack all the devices that we have connected to that network.

What happens if we use a wireless network that is not protected ? We can have very different problems, but mainly we will find these two questions:

• Loss of speed : it is undoubtedly one of the causes that we can suffer if we have intruders in our Wi-Fi network. We will notice a notable decrease in performance, speed problems and even cuts when connecting. This could affect all the teams we have.
• Information theft : but we could also suffer worse consequences, such as information theft. Maintaining security on the network is very important and if we have intruders on our Wi-Fi they could be collecting information from our browsing, as well as infecting computers.

For this reason we must make sure that we are always using a protected Wi-Fi , but only the password that we put is not enough. We must take into account a fundamental factor that is often overlooked and is the type of security encryption. Not all of them are reliable today, as we will see.

Insecure Wi-Fi encryption types

The type of encryption that we choose for our Wi-Fi network will be decisive to prevent attacks. There are some ciphers that can be exploited and break the password. Something that could put security at risk.

WEP encryption (64 and 128 bit)

Without a doubt we are facing the most insecure and totally obsolete type of encryption. We have here two types of WEP encryption: 64-bit and 128-bit. The latter is superior, it has a greater cryptographic key, but this is really of little use today. It doesn’t matter if we are using 64 bit or 128 bit WEP encryption, it will be insecure.

This type of encryption was launched in 1999, so it is more than 20 years old. Since then, of course, everything has changed a lot. Today, a person with the necessary knowledge and tools can break a WEP encryption without much difficulty. You could even figure out the password in just a few minutes.

Today it is rare to find this type of encryption, although we could see it in older routers and old devices that are not compatible with the latest ones. Whenever we come across this option, whether it’s on our own connection or one we’re trying to access, we should walk away and not use it.

WPA (TKIP and AES)

Very few years after WEP encryption came WPA . It came as an update to avoid the problems with the old encryption. This was in 2004, so we are also facing something that has a long time.

Security researchers, over time, have found vulnerabilities that affect this Wi-Fi encryption protocol. For example, the reuse of the initialization vector, which would allow breaking a password.

In this case we can find two options: WPA TKIP and WPA AES . The former is totally unsafe and outdated. It is the standard, the one that appeared first. In the second case we are facing a later encryption, which uses AES. However, the latter is also insecure and it must also be borne in mind that the devices that are compatible with this update are also compatible with WPA2, which would come later, so it is not advisable to use it at all.

WPA2-PSK (TKIP)

The next encryption, which is also insecure today, was WPA2-PSK (TKIP) . It is not secure since although it uses a newer standard (WPA2) it combines it with an outdated, old and insecure encryption (TKIP).

Therefore, as was the case with WEP encryption, we are facing an option that is also insecure and that we should not use. It is true that today it is still used in many cases due to the greater compatibility with older devices.

Today’s safer Wi-Fi encryptions

We have seen that there are Wi-Fi ciphers that are insecure and could be exploited by intruders to access the network. Whenever possible we must avoid them in our router, but also avoid accessing networks that have these protocols. This way we would improve security and avoid problems. Now we are going to see some types of encryption that are more suitable.

WPA2-PSK (AES)

One of the types of encryption that is still reliable today is WPA2-PSK (AES) . Previously we saw that the one that uses TKIP is insecure, since it is an outdated encryption and today it can be broken with the necessary tools. However, the one that uses AES is more reliable.

This is undoubtedly the best option if we do not have devices compatible with WPA3, which is the latest standard that we will talk about next. Computers protected with WPA2-PSK (AES) will be adequately protected. It is a much more robust encryption option.

It should be noted that modern routers usually have this configuration as standard. In many cases, when they just put WPA2 or WPA2-PSK, they actually use AES and not TKIP. Hence we can be more sure.

WPA3

In this case we are facing the most reliable standard. It is the last one we have available. It comes as a successor to WPA2, mainly after the problems that occurred a few years ago with KRACK. It uses 128-bit encryption and also replaces the way keys were shared between devices, now providing greater reliability.

The problem with WPA3 is that nowadays it does not have great compatibility, although more and more devices that we can find that work correctly with this type of encryption. However, it will undoubtedly be the option that will accompany us for the next few years and that will keep our Wi-Fi networks safe.

In short, choosing correctly which Wi-Fi encryption we are going to use is very important. We must avoid all those that are obsolete and unsafe, like the ones we have been seeing. It is true that any encryption, no matter how old it is, is going to be better than nothing. But of course, we can always run into an intruder who has the necessary tools to attack us. Therefore, our advice is to generate keys that are totally reliable and, if possible, use WPA3 encryption or, failing that, WPA2-PSK (AES).