What is WPA3

WPA3 (Wi-Fi Protected Access 3) is the wireless-network security standard ratified by the Wi-Fi Alliance in June 2018. It is the successor to WPA2, which had been the default since 2004. WPA3 certification is mandatory for any device branded "Wi-Fi 6" or later.

The motivation was a chain of weaknesses in WPA2 that became impractical to patch. The 2017 KRACK attack against the WPA2 4-way handshake forced every Wi-Fi vendor to issue firmware updates and demonstrated that the protocol's integrity rested on assumptions clients did not always honour. Offline dictionary attacks against captured WPA2 handshakes had become trivial with consumer GPUs.

What WPA3 changes

SAE replaces PSK. WPA2-Personal used a Pre-Shared Key (PSK) with a 4-way handshake. An attacker who captured the handshake could try every dictionary password offline, no further interaction with the network needed. WPA3-Personal replaces this with Simultaneous Authentication of Equals (SAE), defined in RFC 7664 and based on Dragonfly key exchange. SAE is a balanced password-authenticated key exchange: each guess at the password requires a fresh interaction with the access point. Offline brute-force is no longer possible.

Forward secrecy. WPA2 derived all session keys from the PSK, so an attacker who later learned the password could decrypt every previously captured session. SAE produces ephemeral session keys that the long-term password cannot reconstruct. Past traffic stays protected even if the password leaks.

OWE for open networks. Open Wi-Fi (no password) sent every packet in the clear. Opportunistic Wireless Encryption (OWE), defined in RFC 8110, encrypts traffic on password-free networks using an unauthenticated Diffie-Hellman exchange. It does not authenticate the access point, so an attacker can still impersonate the SSID, but passive eavesdropping no longer works.

192-bit enterprise mode. WPA3-Enterprise has an optional 192-bit security suite using GCMP-256 for encryption, HMAC-SHA384 for integrity, and ECDH/ECDSA over the P-384 curve for key exchange. It is intended for government and finance networks aligned with CNSA Suite requirements.

What WPA3 does not change

WPA3 still operates at layer 2. It authenticates the radio link between your device and the access point. It does nothing about the rest of the path: the operator's router, their ISP, and every network in between still see your traffic as if you were on a wired connection. End-to-end encryption (HTTPS, TLS, VPNs) is what protects content beyond the access point.

WPA3 also does not authenticate the access point's identity to the client in WPA3-Personal mode. An attacker running a rogue AP with the same SSID and password can still get clients to associate. SAE prevents the attacker from learning the password, but the rogue AP can still mount an active man-in-the-middle attack against any unencrypted traffic.

Adoption status (2026)

Most enterprise access points sold since 2020 support WPA3. Consumer router uptake is mid-stage: routers from 2021 onward typically support it, but many networks run mixed-mode (WPA2/WPA3 transition mode) for compatibility with older clients. iPhones support WPA3 since iOS 13, Android since 10, Windows since the May 2019 update, macOS since 10.15.

Mixed-mode networks are weaker than WPA3-only because they accept the WPA2 handshake from any client that asks. Setting your home router to WPA3-only mode forces every device to use the new protocol, but breaks devices that predate 2019.