Downside to WPA2/WPA3?

JHZR2

JHZR2

Staff member
Joined
Dec 14, 2002
Messages
52,795
Location
New Jersey
As many know, I was tracking issues with my old netgear router. For kicks, I decided to get an Asus RT-AX56U, since it claims its ideal for more users (we dont necessarily use a ton of bandwidth, but have a lot of simultaneous connections), and a number of other benefits. I figured since returns were free on Amazon, the worst that could happen is that it doesnt make anything better, and we return it.

Set it up, including using new WPA3 security. Seems to work for a lot of things, including the 2013 MBP running 10.15.4 currently. But other items (a kid tablet, my old 2010 MBA, etc) dont.

While it doesnt seem like I have a choice, Id still like to understand - what's the downside to using WPA2/WPA3 versus just WPA3? Is there a reason Id want to avoid this? For example, I could put the old devices on either the 2.4GHz network that is segregated, or just use a guest network for those devices... Something like that.

Thoughts?

Thanks!
 
No downside to using WPA2/WPA3 at all. Once the connection is established, there is nothing else that could be considered extra overhead.

As you found out some older devices don't support WPA3, so you probably don't even have a choice at this point. For home security, I'd probably just run WPA2 personal and be done with it, but either way will work. You could make a list of what devices connect with WPA2 and have a timetable of what needs replaced over time.

As far as the a second network ID, I don't thin the extra config would be worth it. Run WPA2/WPA3 and you'll be fine.
 
WPA2 is fine if you use a password/phrase that's sufficiently long and complex, but it is vulnerable to dictionary attacks. With WPA2, you can just keep brute force guessing passwords until you hit the right one. This is bad if your password/phrase is your initial and your favorite brand of oil, but if your password is over 16 characters and is a mix of words, numbers, symbols, etc, it's still pretty safe.
 
There is a recently discovered flaw in WPA2 called "Kr00k" that a lot of router companies are releasing patches for. It was found by researchers and supposedly there's no evidence that it was being used by hackers, BTW. I checked and there was even a patch for my old Trendnet router.
 
You can't use WPA3 if a client doesn't support it, right ? You mention (2) devices that don't work with it. I just bought a new router and didn't pay attention to the wireless security it uses although I'm 100% confident it's using WPA2 by default. Just use a proper passphrase, not password, and you will be fine.

My old SSID was "Echo Base Hoth" and I'm not afraid to post it now, the password was "Luke's Rogue Squadron". One of those password strength checkers says it would take 596 quintillion years to crack that password. I'm fine with that....
 
As it turns out, they removed the WPA3 capability in the latest firmware flash. Not sure why?
 
Originally Posted by JHZR2
As it turns out, they removed the WPA3 capability in the latest firmware flash. Not sure why?

Interesting. Probably causing more headaches with support than they wanted to deal with.
 
Originally Posted by HangFire
Originally Posted by mattwithcats
WPA2 is fine if you turn off SSID broadcast, and turn on Mac Address filtering...


SSID broadcast buys you NOTHING in terms of security, as a moment's snooping will still reveal the SSD to a casual hacker. It only keeps away the noobs.

MAC filtering buys you very little, as you can see here:
https://www.howtogeek.com/192173/how-and-why-to-change-your-mac-address-on-windows-linux-and-mac/


Yes, I've told him all this before, but he ignores it
21.gif
 
You must log in or register to reply here.

Similar threads

JHZR2
Connection to AX capable router?
Replies
12
Views
1K
Quattro Pete
JHZR2
Mesh Router System - 160MHz Backhaul?
2
Replies
29
Views
5K
PandaBear
OVERKILL
  • Locked
Meraki MX64 Firewall - Review
Replies
2
Views
2K
OVERKILL
S
  • Locked
LM17: Unable to wireless connect!
Replies
6
Views
2K
sleddriver
Back
Top