WPA3

Stronger Security for Your Network

What is WPA3?

WPA3 is a security standard introduced by Wi-Fi Alliance in 2018, which is used to govern what happens when you connect to a closed Wi-Fi network using a password. The latest Wi-Fi security protocol, WPA3, brings new capabilities to improve cybersecurity in personal networks. More secure encryption of passwords and enhanced protection against brute-force attacks combine to safeguard your home Wi-Fi.

  • 1997
    Wired Equivalent Privacy

  • 1999
    Wireless Protected Access I

  • 2004
    Wireless Protected Access II

  • 2018
    Wireless Protected Access III

What Does WPA3 Give You?

WPA3 improves upon WPA2 in four main areas

  • More Secure Technologies

    • More Secure Technologies

    •  

      Protection against Brute-Force Attacks

      More secure handshakes when devices connect to access points, using the SAE protocol

    •  

      Advanced Enterprise Security

      Increased security for enterprise environments with 192-bit key-based encryption

  • More Secure Applications

    • More Secure Applications

    •  

      Improved System for Adding Wi-Fi Devices

      Simplify and secure the process of adding IoT devices with DPP

    •  

      Worry-Free Open Public Networks

      Enhance the security of open public networks using OWE

Protection Against Brute-Force Attacks

When connecting to a closed Wi-Fi network using a password, there will be a four-way handshake between the client and the access point. WPA3 uses the Simultaneous Authentication of Equals (SAE) protocol to protect the process, preventing attacks on your wireless connection even when your password is weak.

  • Hard to crack

    Advanced SAE eliminates the possibility of offline dictionary attacks while improving key exchange security

  • Forward Secrecy

    Ensures that crackers can’t decrypt any data captured even when a key is compromised

  • Separate Key Protection

    Reduces cracking risk by generating a separate new PMK between each client and AP

Advanced Enterprise Security

WPA3 is moving from the 128-bit security level of WPA2-Enterprise to 192-bit key-based encryption. Aligned with the Commercial National Security Algorithm (CNSA) suite, it will use a 48-bit initialization vector—as required by sensitive organizations—to ensure a maximum level of security.

Secure Applications
— Improved System for Adding Wi-Fi Devices

WPA3 features Easy Connect™, a new system designed to help you connect display-less and Internet of Things (IoT) devices to Wi-Fi. The traditional process of adding home devices without displays requires a third-party program or app. WPA3, however, enables you to simply add IoT devices using a QR code—both secure and convenient.

  • Step 1: Connect to the access point to establish the network

    Step 1
    Connect to the access point to establish the network

  • Step 2: Scan QR codes of client devices to provision and enroll devices

    Step 2
    Scan QR codes of client devices to provision and enroll devices

  • Step 3: Devices seamlessly connect to the network

    Step 3
    Devices seamlessly connect to the network

Note: Wi-Fi Easy Connect™ was released under the WPA3 general umbrella but is not part of the WPA3 mandatory certification process. Support for the function is not mandatory. As a result, Easy Connect™ may not be supported on certain devices.

Secure Applications—Worry-Free Open Public Networks

WPA3 features Enhanced Open™ to provide more data security when you use unsecure, open Wi-Fi hotspots. Each connection between a user and the access point will be encrypted with a unique key in order to avoid the most common Man-in-the-Middle attacks.

  • Man-in-the-Middle Attacks

    Man-in-the-Middle Attacks

  • WPA3 Enhanced Open™ eliminates Man-in-the-Middle attacks

    WPA3 Enhanced Open™ eliminates Man-in-the-Middle attacks

Note: Wi-Fi Enhanced Open was released under the WPA3 general umbrella but is not part of the WPA3 mandatory certification process. Support for the function is not mandatory. As a result, Enhanced Open may not be supported on certain devices.

TP-Link Becomes One of the First Vendors Supporting WPA3

To maximum the safety of your Wi-Fi, TP-Link is inserting WPA3 technology into Wi-Fi routers, range extenders,
the Deco whole home Mesh Wi-Fi system, Omada SDN business Wi-Fi, and more.

 

Please find all the WPA3 devices >>

  • Wi-Fi Routers

    Archer C6

  • Range Extenders

    RE505X

  • Whole Home Mesh Wi-Fi System

    Deco X60

  • Omada SDN Business Wi-Fi

    Omada EAP

  • Q1: Can I use WPA3 encryption if my router supports WPA3 while my phone only supports WPA2?

    A1: No. Both client and router need to support WPA3 to enjoy Wi-Fi protected by WPA3. We recommend setting the security mode of your router to WPA2-PSK on the setting interface in this case.

  • Q2: What should I do if my phone supports WPA3, while my laptop only supports WPA2/WPA/WEP?

    A2: Theoretically, routers and clients with different encryption methods cannot transfer data. As a result, TP-Link WPA3 products’ dedicated WPA3/WPA2-MIX security mode meets the encryption demands of simultaneous WPA2 and WPA3 transmission. You’ll need to set the security mode of TP-Link WPA3 products to WPA3/WPA2-MIX mode to simultaneously transfer data to WPA2 clients and WPA3 clients. If you are using routers from other brands, pay attention to whether they support WPA3/WPA2-MIX mode.

  • Q3: Must I purchase a new router to get WPA3 Wi-Fi?

    A3: TP-Link has successively released new products armed with WPA3, including Wi-Fi routers, the Deco whole home Mesh Wi-Fi system, and more. To see if your router supports WPA3, please check out our compatibility list: www.tp-link.com/wpa3/product-list/. If compatible, you only need to update the firmware to enjoy WPA3 Wi-Fi with WPA3-supported devices—no need to purchase a new router.