WPA Encryption Explained


Recommended Posts

When you have a wireless network, it is your responsibility to make it as difficult as possible for someone else to gain access to it. After all, if someone does get in they can find out what your surfing, gain access to your computers and mess with router settings...or just use your internet connection.

Disabling SSID broadcasting and using MAC filtering is great, but can't stop someone from sniffing your traffic. WEP encryption provies a basic level of encryption, but can be cracked in under 10min.

So if you want a secure wireless network, there isn't a way around it, you need to use WPA.

Requirements

You need hardware and/or firmware/drivers that allow the use of WPA. Every wireless-G hardware out there has some form of WPA on it, but a firmware or driver update can get WPA on your older wireless-b equipment as well. Hardware that has been sold before 2003 generally need to be replaced.

Different Types

WPA Radius Authentication - Your typical home user wont use this, unless you want to setup a radius server. This server works with WPA to pass different keys to each user. I'm not going to go into how to set this up.

WPA PSK - PSK stands for Pre-Shared Key and is most commonly used by home users. The user must have a certain password to enter the network. PSK can be used with either AES or TKIP, depending on what your hardware can support. It is important that you choose a strong password to prevent against dictionary attacks.

AES - An algorithm that requires special hardware support to use. It is stronger, but a firmware/driver update won't get you AES.

TKIP - This system changes the key every specified amount of time to prevent cracking attempts. You can usually adjust how often it changes in the router/AP settings. This does not mean it changes your password, just the key.

WPA2 - The new WPA standard that uses a stronger algorithm, but is not backwards compatable with older hardware.

Making sure you got the software

Being that WinXP is the only OS that officially supports WPA2, you need to rely on 3rd party vendors for support, which is usually delivered.

Most of the time, when you install a driver for the wireless card, a special WPA driver will be installed with it. You can see it by going into the network/dialup connections in the control panel and looking at the properties of the card. It might be called something like "AEGIS WPA Protocol" or "WPA Security Protocol". Note that you cannot install updates to these protocols seperately from the drivers, your card requires specific WPA protocols to work.

post-38325-1117752184.jpg

Your router should have options for WPA in it's settings. If it does not, a firmware update could allow WPA to be enabled. Check the router's webpage to see if there is one.

If you do get a firmware update that enables WPA, I highly recommend that you restore your router's settings to factory default after upgrading the firmware. If I had known to do that I woulda saved myself a lot of trouble. :pinch:

Setting it up

First connect to the router with a patch cable rather than wirelessly. Setting up the router is easier that way. Login the router, go to the wireless security part. WPA-PSK is the type of encryption you want to use. After selecting PSK, you might get an option to either use AES or TKIP. If you had to upgrade any software to get WPA, then you probably have to use TKIP since AES requires hardware that natively supports WPA. After the selections have been made, you must choose a passphrase. Try to have it in the range of 10 to 25 characters. Once the passphrase is set, enter the same information in the wireless network card and you should be set.

post-38325-1117752250_thumb.jpg

Troubleshooting...

If WPA wont work:

1) Make sure that you have all the types and the passphrases matched exactly.

2) Try turning off/on the router or restarting.

3) If you are using the wireless config utility that comes with WinXP, try using the one that came with the card instead. You can set it by going into the properties of the network connection and unchecking "use windows to configure my wireless settings"

post-38325-1117752267.jpg

4) Sometimes using obscure characters like ąĈ??? can work against you in the passphrase.

5) If signal strength is lower than 9dB, then the connection is flaky with WPA.

6) Check to make sure the router is on fire. Fires usually interfere with the router's function.

7) If there are other wireless networks on the same channel in your area, change the channel to some different value.

8) Avoid generic drivers and firmware.

Link to comment
https://www.neowin.net/forum/topic/327471-wpa-encryption-explained/
Share on other sites

  Relativity_17 said:
Is there any software available for Windows that can tell whether you've successfully disabled SSID broadcasting on your router?

586007665[/snapback]

No, that requires the wireless utility that comes with your wireless card. All utilties come with a thing that views available wireless networks. Good adapters can show all the wireless networks in the area, if they have encryption, their signal strengh and their network name (or lack thereof). I think you can trust that SSID broadcasting is disabled and as long as you didn't leave it at "netgear" or "linksys", you're fine.

Considering that 3 of my neighbours have unencrypted networks, I'm not all too worried about someone getting into my network. The computers themselves are only open to each other, since their IPs are statically assigned from the router.

I'll look into it later on during the summer though... just for kicks.

Just a quick tip if your card does not support WPA look for the chipset that the card is and look on the internet for a company (like Dlink or Netgear) that uses the same chipset that does support WPA in there driver, install there driver over your card and you now have all there features.

My card an Asus 802.11G with only WEP 128bit encryption is convinced its a D-Link card and I now have WPA WPA-PSK WEP and so on.

  WinMacLin said:
Just a quick tip if your card does not support WPA look for the chipset that the card is and look on the internet for a company (like Dlink or Netgear) that uses the same chipset that does support WPA in there driver, install there driver over your card and you now have all there features.

My card an Asus 802.11G with only WEP 128bit encryption is convinced its a D-Link card and I now have WPA WPA-PSK WEP and so on.

586030693[/snapback]

Indeed :) Here's a link that might be useful to some. i.e. Toshiba Wireless LAN Adapter users can simply download the latest Agere driver.

  • 2 weeks later...
  kaffra said:
nice guide, i just got my netgear wireless router today. So wpa is better to have then wep?

586081494[/snapback]

Tons better. Wep can be cracked in like 15min tops. WPA is a lot stronger so long as you have a good password.

  Quote
Does the user have to always key in a password to access the network(if wpa is used?)

No.

Thanks for this guide, but I was wondering if you knew anything about steps to fix another (seemingly common) problem.

I recently set up a home wireless network in my fiance's parents' house, and set up with WPA-PSK. The router was a Linksys, I can't recall the exact model off the top of my head, but it was 802.11b only. (The notebook is capable of G, but for their purposes, that isn't really necessary, and the B router was $5 after rebate at Best Buy.)

The notebook is a Toshiba Satellite (don't remember the model either, sorry) with integrated B/G wireless, and was purchased in July of 2004. The notebook has successfully logged onto other WPA-PSK networks without having this problem. (There is a small coffee house with wi-fi that uses PSK we have connected in)

Logging in itself isn't the problem, however, every so often (probably when the key is reset), the connection is dropped, and we have to manually reconnect. Right now, the network is set to WEP, but they would really prefer to have WPA, and we cannot figure out how to correct this issue.

Just wondered if anyone had any ideas of how to start troubleshooting this, thanks!

Edit: Used TKIP when setting up

Edited by marshallbanana
  marshallbanana said:
Logging in itself isn't the problem, however, every so often (probably when the key is reset), the connection is dropped, and we have to manually reconnect. Right now, the network is set to WEP, but they would really prefer to have WPA, and we cannot figure out how to correct this issue.

586093189[/snapback]

Well your in luck because I had just about the exact same problem, with almost the same hardware (linksys router + toshiba satellite). After upgrading the firmware of the router itself, I switched to WPA, but the connection keeped dropping. I found out, after much difficulty, that it was caused by the router switching between WPA and WEP. Resetting the router settings fixed the problem. Hopefully it will fix it for you as well.

Well, WPA-PSK was available on the router without a firmware update, so I haven't done so. Would it be a good idea to try this first?

I'm not sure that resetting the router settings will do much, since the only settings changed out of the box were those concerning the SSID and setting up the encryption. I suppose it's worth a try :D

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Posts

    • It's more of snark and rhetorical question, I highly doubt KDE will have this for a while.
    • Interesting for sure, I'd like to see 3rd party benchmarks in due time. I just hope Intel can do more in the dGPU space as well.
    • Not going to connect my PC to MS just for a few months extra support,
    • Microsoft Weekly: Windows 11 version 25H2 is official, free updates for Windows 10, and more by Taras Buria This week's news recap is here, and it is full of interesting and important stories. We have Windows 11 version 25H2 announcement, free extended security updates for Windows 10, redesigned BSOD, non-security updates with new features, and more. Quick links: Windows 10 and 11 Windows Insider Program Updates are available Reviews are in Gaming news Great deals to check Windows 11 and Windows 10 Here, we talk about everything happening around Microsoft's latest operating system in the Stable channel and preview builds: new features, removed features, controversies, bugs, interesting findings, and more. And, of course, you may find a word or two about older versions. The biggest Windows story of this week was undoubtedly the launch of the Extended Security Update program for Windows 10, which will soon be out of support (governments are now issuing warnings to Windows 10 users). What is interesting is that Microsoft is giving away free security updates—all users need to do is back up their PCs with the Windows Backup tool. Other options include paying with 1,000 Microsoft Rewards points or $30, so pick your poison. If you are thinking about staying on Windows 10, perhaps this article will convince you to switch. Microsoft published a few reasons why Windows 11 is a better choice than the outgoing Windows 10. Another post compares the performance of the two operating systems in another attempt to make you ditch Windows 10. There is also a new ESU guide for office PCs that do not support Windows 11. Another major story is about the Blue Screen of Death, which will soon become the Black Screen of Death and lose its iconic smiley face. Microsoft revealed that the redesign is coming later this summer, alongside Quick Machine Recovery. This new tool can fix PCs that cannot boot due to outages, malware, or other software nastiness. We are not done with big news just yet. Microsoft confirmed that Windows 11 version 25H2 is coming later this year. This year's feature update is coming soon, and the first officially marked preview builds are now available for testing. Microsoft also released the June 2025 non-security updates for Windows 10 and 11 users. It all started with Windows 10, which received KB5061087 with build number 19045.6036. Windows 11 version 24H2 received KB5060829, and Windows 11 versions 22H2 and 23H2 received KB5060826. Also, Windows 11 received a new configuration update to resolve the stuck Windows Update (and new setup updates), Windows Server 2025 got a new security baseline, and the Media Creation Tool now downloads the latest Windows 11 images with the June 2025 Patch Tuesday fixes. Another important story is about Secure Boot, one of Windows 11's hardware requirements. Microsoft published a lengthy blog post warning that its first certificates will soon expire, and users should prepare to update them if they want their PCs to be secure and compatible with third-party apps going forward. No week goes by without some Windows issues. This time, Dell acknowledged a problem with Night Light on certain Windows on ARM PCs. The bug breaks Night Light on the secondary display, but Dell says you should blame Qualcomm and its Oryon chipset. Microsoft, on the other hand, confirmed more issues with Chrome on Windows. This week's Windows trivia includes an interesting story from Microsoft veteran Raymond Chen. He published a new blog post where he recalled how PC manufacturers used to trick BIOS copyright strings to get full editions of trial versions of various apps. To finish this week's Windows section, here is a small tip for those who want to make Windows 11 feel a little snappier. A hidden accessibility feature can make the user interface much more responsive and fast, so check it out here. Windows Insider Program Here is what Microsoft released for Windows Insiders this week: Builds Canary Channel Nothing in Canary this week Dev Channel Build 26200.5661 This build introduced a new home page for Recall, a single place where you can access your recent snapshots, recommended documents, and other useful information. The update also lets you change where system indicators appear on the screen. Build 26200.5670 This build introduces 1Password integration for Passkeys, Settings improvements, version 25H2 marking, and more. It also fixes the Windows Vista startup sound after the previously failed attempt. Beta Channel Build 26120.4452 This is the same build as 26120.4452 Build 26120.4520 This build is the same as 26200.5670 from the Dev Channel, minus the version 25H2 part. Release Preview Channel Nothing in Release Preview this week Additionally, Microsoft released new screen-recording capabilities for the Snipping Tool app for more Windows Insiders (Beta and Release Preview). Updates are available This section covers software, firmware, and other notable updates (released and coming soon) delivering new features, security fixes, improvements, patches, and more from Microsoft and third parties. This week's browser updates include some major releases and plenty of Firefox updates. Mozilla released Firefox 140 with custom search engine support, a new ESR release, and more changes. Shortly after, it released version 140.0.1 with fixes for dark theme issues and crashes and version 140.0.2 with fixes for crashes on certain Windows devices. Microsoft released Edge 138 with AI-powered history search and a warning for IT admins, and Google released Chrome 138. Office updates include the new Outlook for Windows coming to Microsoft 365 Education in early next year. Speaking of the new Outlook, Microsoft also published a story that explained why the app is actually great and why haters are wrong. Oh, Microsoft... Teams is getting a new health dashboard feature, PowerPoint can generate presentations from PDFs or text files, and Modern Page Templates are coming to SharePoint. Microsoft also published detailed guides about fixing Office 2024 activation issues. Finally, here is this week's recap of the new features coming soon to the Microsoft 365 productivity suite and a recap of everything new in Excel in June 2025. Here are other updates and releases you may find interesting: Microsoft announced Mu, an on-device small language model for Windows 11. The Comet AI browser is coming to Windows, now in private beta. Discord for Windows on ARM is now in development. Surface Copilot+ PCs are coming to classrooms on July 22. Raycast for Windows is now in closed beta; here is the first look. Visual Studio is now even smarter, thanks to more AI models and billing updates. France's third-largest city is ditching Windows and Office in favor of Linux and FOSS. Here are five things that people want in Microsoft Teams. Here are the latest drivers and firmware updates released this week: Intel 32.0.101.6913 WHQL graphics driver with Mecha BREAK support and more. Reviews are in Here is the hardware and software we reviewed this week Steven Parker reviewed the TerraMaster F4 SSD, an extremely lightweight and quiet all-SSD NAS with some good connectivity, a decent price tag, and good design. It is not flawless, but it still managed to score 8.5 out of 10 on Steven's NAS scale. Robbie Khan reviewed the Keychron Lemokey G2 8K Wireless mouse. It is lightweight, has onboard memory, supports Keychron Launcher, and includes a good cable and an adapter. However, with an 8/10 rating at Robbie's scale, it has some cons that you should consider before buying. On the gaming side Learn about upcoming game releases, Xbox rumors, new hardware, software updates, freebies, deals, discounts, and more. Microsoft finally announced the long-rumored Xbox app launcher for Windows PCs and handhelds. The Xbox app will soon work as a single place for all your games, regardless of their origin, be it Steam, Epic Games Store, Origin, or something else. As of right now, the updated app is being tested in the Xbox Insider Program. Also, Microsoft announced the June 2025 update for Xbox, bringing users unsynced save management, the ability to browse games by publishers, the option to hide system apps on the Dashboard on Xbox consoles, and more. Microsoft finally has its official Xbox-branded VR helmet. However, it is not an entirely Xbox VR per se. It was made in collaboration with Meta, and its stocks are "extremely limited." Sadly, not all Xbox news was positive this week. A new report hit out of the blue, revealing Microsoft's plans to lay off a lot of workers in the Xbox division. Microsoft Flight Simulator received a new city update with upgraded visuals of New York, New Jersey, Massachusetts, and other parts of the state to give you a more realistic experience when flying the sim. City Update 11 is now available on consoles and PCs. Deals and freebies The Epic Games Store is giving away Sable, an interesting-looking exploration game with an open world and a unique art style. If that is not enough, be sure to check out the Steam Summer Sale 2025, which is now in full swing, offering gamers a horde of discounts on various games. More deals are available in this week's edition of Weekend PC Game Deals. Other gaming news includes the following: Senua's Saga: Hellblade II is getting 60 FPS mode, dev commentary, and more. DayZ is getting a desert map with the new Badlands expansion, set to be its biggest yet. Great deals to check Every week, we cover many deals on different hardware and software. The following discounts are still available, so check them out. You might find something you want or need. ASUS NUC 14 Pro+ Core Ultra 9 185H, 32GB RAM, 1TB SSD - $799.99 | 27% off 75" Hisense U7 Series Google Smart TV - $799.99 | 11% off Sony BRAVIA Theater System 6 - $668 | 13% off 6TB WD Blue PC Internal HDD - $99.99 | 17% off 14TB WD Elements Desktop External HDD - $199.99 | 31% off Corsair iCUE 4000D RGB Airflow Mid-Tower Case - $89.99 | 40% off Samsung Galaxy S25+ 512GB - $899 | 20% off This link will take you to other issues of the Microsoft Weekly series. You can also support Neowin by registering a free member account or subscribing for extra member benefits, along with an ad-free tier option. Microsoft Weekly image background by jhenning on Pixabay
    • UniGetUI 3.2.1 Beta 2 by Razvan Serea UniGetUI is an application whose main goal is to create an intuitive GUI for the most common CLI package managers for Windows 10 and Windows 11, such as Winget, Scoop and Chocolatey. With UniGetUI, you'll be able to download, install, update and uninstall any software that's published on the supported package managers — and so much more. UniGetUI features Install, update and remove software from your system easily at one click: UniGetUI combines the packages from the most used package managers for windows: WinGet, Chocolatey, Scoop, Pip, Npm and .NET Tool. Discover new packages and filter them to easily find the package you want. View detailed metadata about any package before installing it. Get the direct download URL or the name of the publisher, as well as the size of the download. Easily bulk-install, update or uninstall multiple packages at once selecting multiple packages before performing an operation Automatically update packages, or be notified when updates become available. Skip versions or completely ignore updates in a per-package basis. Manage your available updates at the touch of a button from the Widgets pane or from Dev Home pane with UniGetUI Widgets. The system tray icon will also show the available updates and installed package, to efficiently update a program or remove a package from your system. Easily customize how and where packages are installed. Select different installation options and switches for each package. Install an older version or force to install a 32bit architecture. [But don't worry, those options will be saved for future updates for this package] Share packages with your friends to show them off that program you found. Here is an example: Hey @friend, Check out this program! Export custom lists of packages to then import them to another machine and install those packages with previously-specified, custom installation parameters. Setting up machines or configuring a specific software setup has never been easier. Backup your packages to a local file to easily recover your setup in a matter of seconds when migrating to a new machine UniGetUI 3.2.1 Beta 2 changelog: Elevator command generation has been improved to Not throw NullReference Exceptions Be less vulnerable to command injection Icons from the database can now target a custom package (via id=ManagerName.ExactPackageId) Scoop will use PowerShell7 when possible Fix a crash related to UniGetUI Elevator finding Fixed issues with downloading package installers Fixed issues with PowerShell7 package uninstallation New signing certificate Other minor changes and improvements Download: UniGetUI 3.2.1 Beta 2 | 52.2 MB (Open Source) Links: WingetUI Home Page | GitHub | Screenshot Get alerted to all of our Software updates on Twitter at @NeowinSoftware
  • Recent Achievements

    • Week One Done
      Hartej earned a badge
      Week One Done
    • One Year In
      TsunadeMama earned a badge
      One Year In
    • Week One Done
      shaheen earned a badge
      Week One Done
    • Dedicated
      Cole Multipass earned a badge
      Dedicated
    • Week One Done
      Alexander 001 earned a badge
      Week One Done
  • Popular Contributors

    1. 1
      +primortal
      551
    2. 2
      +FloatingFatMan
      182
    3. 3
      ATLien_0
      169
    4. 4
      Skyfrog
      108
    5. 5
      Som
      106
  • Tell a friend

    Love Neowin? Tell a friend!