Over the last 10 years the Wi-Fi security protocol that offered the highest level of security was WPA2, This protocol was considered “un crackable” until a serious exploit was discovered that lead to an attackers ability to exploit this weakness using “Key reinstallation attack” (KRACKs) which basically meant that an attacker was able to read information that was considered safe (such as credit card numbers, passwords etc.).
Updates were released to overcome this exploit but the majority of people failed to upgrade their routers or were aware of that exploit and to the fact that there data was not as safe as they thought. As a response the “Wi-Fi Alliance” (an organisation that is in charge of adopting Wi-Fi standards) has announced the WPA3 as a successor.
What’s going to change? on the user front, not much, you will still use a password as you used in WPA2 (which is a good thing as we want to keep it simple).
The big change introduced is called “Simultaneous Authentication of Equals (SAE)” – a key establishment protocol that makes it harder to guess passwords. Guessing passwords was a big part of the exploit discovered in WPA2 where the attacker would capture an amount of data broadcasted over the air, take it offline and start guessing passwords until they found a match (That could take quite awhile, but it was doable). in WPA3 the attacker will only have 1 go at it before the data becomes useless.
Another cool feature that makes Wi-Fi more complaint to the IOT world is “Easy Connect” which is meant to simplify the process of connecting IOT and smart home devices to your Wi-Fi network by scanning a QR code on your mobile and get the Wi-Fi credentials sent to your device (which can be a challenge as most of these devices do not have any screens or visible controls).
We can except WPA3 devices to be introduced to the market starting next year and having WPA3 to become the market standard.