What Is Wi-Fi Protected Access(WPA)?

WPA definition and explanation

WiFi App Icon

Jeffrey Coolidge/Getty Images

WPA stands for Wi-Fi Protected Access, and is a security technology for Wi-Fi networks. It was developed in response to the weaknesses of WEP (Wired Equivalent Privacy), and therefore improves on WEP's authentication and encryption features.

WPA2 is an upgraded form of WPA; every Wi-Fi certified product has had to use WPA2 since 2006. 

WPA Features

WPA provides stronger encryption than WEP through use of either of two standard technologies: Temporal Key Integrity Protocol (TKIP) and Advanced Encryption Standard (AES). WPA also includes built-in authentication support that WEP does not offer.

Some implementations of WPA allow for WEP clients to connect to the network too, but the security is then reduced to WEP-levels for all connected devices.

WPA includes support for authentication serves called Remote Authentication Dial-In User Service servers, or RADIUS servers. It's this server that has access to device credentials so that users can be authenticated before they connect to the network, and that can also hold EAP (Extensible Authentication Protocol) messages.

Once a device successfully connects to a WPA network, keys are generated via a four-way handshake that takes place with the access point (usually a router) and device.

When TKIP encryption is used, a message integrity code (MIC) is included to make sure that the data is not being spoofed. It replaces WEP's weaker packet guarantee called cyclic redundancy check (CRC).

What Is WPA-PSK?

A variation of WPA, designed for use on home networks, is called WPA Pre Shared Key, or WPA-PSK. It's a simplified but still powerful form of WPA.

With WPA-PSK, and similar to WEP, a static key or passphrase is set, but it uses TKIP. WPA-PSK automatically changes the keys at a preset time interval to make it much more difficult for hackers to find and exploit them.

Working With WPA

Options for using WPA are seen when connecting to a wireless network as well as when setting up a network for others to connect to.

WPA was designed to be supported on pre-WPA devices like those that are using WEP, but some only work with WPA after a firmware upgrade and others are simply incompatible.

WPA pre-shared keys are still vulnerable to attacks even though the protocol is more secure than WEP. It's important, then, to ensure that the passphrase is strong enough to circumvent brute force attacks.