Everything you need to know about WPA3

We built eero hardware and software together to ensure that we can control and improve digital security. We’re excited about the security benefits WPA3 provides and will implement these new features to all eero networks through an eventual over-the-air software update.

As soon as we have more to share, we will post an update to this article and our various channels.

What is WPA3?

WPA3 is the latest security standard from the Wi-Fi Alliance. It follows WPA2, which has been around since 2004. It stands for “Wi-Fi Protected Access” and is how your network ensures that only authorized devices can connect and that hackers cannot view your network activity.

With WPA3, end users can expect various security enhancements that will further improve the overall protection of their network as well as for their personal devices. For more information, head on over to The Verge.

Is my eero network secure with WPA2?

The short answer is “yes”. Security is a scale more than a “yes or no” question, and WPA3 certainly brings some welcome improvements to wireless security, but if you have a strong password on your existing WPA2 network, there’s no reason to worry, and the WPA3 news doesn’t make your WPA2 network any less secure than it used to be.

WPA2 is not considered to be “broken” unlike some older authentication protocols like WEP (which eero does not support). WPA2 was briefly broken by the KRACK attack, but eero resolved this issue for all customers within a week of that attack being announced and will continue to add security fixes for any new issues discovered with WPA2. In the future, someone may also discover issues with WPA3, and eero will respond in the same way.

Where WPA3 will provide improvements over WPA2 is in defending against attackers who are able to monitor activity on your wireless network, and who one day also learn your network password. In that case, using WPA2, an attacker is able to retrospectively inspect the traffic on your network; this has always been the case with WPA2 networks. With WPA3, an attacker must know your password before monitoring your network traffic in order to ever access any of that data.

In both cases, all of your activity on your most sensitive websites, such as social networks, banks, online shopping, and e-mail should still be safe. That data will – in almost all cases – still be encrypted using HTTPS. The difference between WPA2 and WPA3 will primarily affect older, insecure websites that you might visit, or older, insecure Internet of Things devices on your home network.

For now, the best defences against hackers continue to be:

  1. Use a strong network password that is long and difficult to guess.
  2. Only conduct sensitive online transactions using websites that you trust.
  3. When installing apps or buying new internet-connected devices for your home, look for those that have a reputation for being secure.

With our automatic software updates, as well as many of our built-in security features, we continue to make eero networks safe and secure. This attention to your network security is what makes eero one of the safest routers on the market.

For more on eero how ensures networks stay protected, visit the eero blog.