Wifi security: should use WPA2-AES, WPA2-TKIP or both?

Many routers provide WPA2-PSK (TKIP), WPA2-PSK (AES) and WPA2-PSK (TKIP / AES). So what is the best Wi-Fi security standard? Please read this article and find yourself the answer!

Many routers provide WPA2-PSK (TKIP), WPA2-PSK (AES) and WPA2-PSK (TKIP / AES). Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access II (WPA2) are the main security algorithms you'll see when setting up a wireless network. WEP is the oldest Wifi security algorithm, so it has more security holes. WPA has improved security, but is now also considered vulnerable. While WPA2 is not perfect, it is currently the safest option. Temporal Key Integrity Protocol (TKIP) and Advanced Encryption Standard (AES) are two different types of encryption used on WPA2 secured networks. Let's see how different they are and what's best for you.

  1. Secure WiFi from basic steps

Wifi security: should use WPA2-AES, WPA2-TKIP or both? Picture 1

Compare AES and TKIP

TKIP and AES are two different types of encryption used by Wifi networks. TKIP is actually an old encryption protocol introduced with WPA to replace very insecure WEP encryption at the time. TKIP is similar to WEP encryption. TKIP is no longer considered safe, so you should not use it.

AES is a more secure encryption protocol introduced by WPA2. AES is also not a special standard developed for Wifi networks. However, this is a global coding standard that has even been adopted by the US government. For example, when encrypting a hard drive with TrueCrypt, it can use AES encryption. AES is often considered quite safe, and its main weakness is Brute-force attack (which is prevented by using a strong Wifi password ).

Short version TKIP is an older encryption standard used under WPA standard. AES is a new Wifi encryption solution used by the new and safe WPA2 standard. However, depending on your router , selecting only WPA2 may not be enough.

While WPA2 is supposed to use AES for optimal security, it can also use TKIP for backward compatibility with older devices. In such a state, devices that support WPA2 will connect to WPA2 and devices that support WPA will connect to WPA. So "WPA2" does not always mean WPA2-AES. However, on devices without the "TKIP" or "AES" options, WPA2 is often synonymous with WPA2-AES.

'PSK' stands for 'pre-shared key - is an encrypted password. Differentiate it from WPA-Enterprise using a RADIUS server to generate passwords on large corporate or government Wifi networks .

Explain Wi f i security mode

Wifi security: should use WPA2-AES, WPA2-TKIP or both? Picture 2

Here are the options that users can see on their routers:

  1. Open (with risk) : Open Wifi network without password. Users should not set up an open Wifi network.
  2. WEP 64 ( at risk ) : The old WEP protocol standard is very vulnerable and you really should not use it.
  3. WEP 128 (with risk) : This is also WEP protocol, but with better encrypted encryption. However, it is not really better than WEP 64.
  4. WPA-PSK (TKIP) : Using the original version of WPA protocol (mainly WPA1). It has been replaced by WPA2 and is not secure.
  5. WPA-PSK (AES) : Use the original WPA protocol, but replace TKIP with more modern AES encryption. It is provided as a stopgap. However, devices that support AES almost always support WPA2, while devices that require WPA rarely support AES encryption. So this option doesn't make sense.
  6. WPA2-PSK (TKIP) : Use modern WPA2 standard with older TKIP encryption. This standard is also not safe and is ideal only if you have an older device that cannot connect to the WPA2-PSK (AES) network.
  7. WPA2-PSK (AES) : This is the safest option. It uses WPA2, Wifi encryption standard and the latest AES encryption protocol. You should use this option.
  8. WPAWPA2-PSK (TKIP / AES) : Some devices offer and even offer this mixed mode option. This option allows to use WPA and WPA2, with both TKIP and AES. This provides maximum compatibility for any old device, but also allows network attackers to hack through more vulnerable WPA and TKIP protocols.

WPA2 certification has been available since 2004, 10 years ago. In 2006, WPA2 certification became mandatory. Any device manufactured after 2006 with the "Wifi" icon must support WPA2 encryption.

Because your Wi-Fi-enabled device can be more than 8-10 years old, only WPA2-PSK (AES) is selected. Select that option and see if it works. If the device does not work, you can change it. In case of Wifi security is your concern, you should buy a new device manufactured since 2006.

WPA and TKIP will slow down W if i

WPA and TKIP compatibility options can also slow down Wifi networks. Many modern Wifi routers support 802.11n and newer standards, faster standards will reduce speed to 54mbps if you enable WPA or TKIP. This will ensure they are compatible with older devices.

802.11n standard supports up to 300mbps if using WPA2 with AES. Theoretically, 802.11ac provides a maximum speed of 3.46 Gbps in optimal conditions. On most routers we see, options are usually WEP, WPA (TKIP) and WPA2 (AES) - possibly WPA (TKIP) + WPA2 (AES).

If there is a router that provides WPA2 with TKIP or AES, select AES. Because almost all devices will definitely work with it, and it's faster and safer.

4.1 ★ | 13 Vote | 👨 3292 Views
« PREV POST
NEXT POST »