Connecting to secure wireless networks in Windows 10
Though they offer undeniable benefits of mobility, cost and convenience, wireless networks are less desirable from a security perspective. There is always a risk that signals can get intercepted as they traverse through the open air.
Unsecured or “open” wireless networks, like those found in public cafes and airports, offer cybercriminals an easy launching pad for attacks. Sensitive data can be compromised in many different ways on unsecured wireless networks through the use of malware, snooping or man-in-the-middle tactics.
Given a choice, it is always preferable to restrict your connectivity on Windows 10 devices to fully secured wireless networks. Such networks use various wireless security protocols to encrypt the connections and, more importantly, restrict access to authorized individuals and their devices.
Learn Windows 10 Host Security
Different types of wireless security protocols
There are four main types of wireless security protocols currently in existence: WEP, WPA, WPA2 and WPA3. Their evolution was the result of incremental upgrades to wireless network security over the last 22 years pioneered by the Wi-Fi Alliance.
Though primitive implementations of wireless data technology date back to the 1970s, Wi-Fi as we know it (the 802.11 protocol) first came about in 1997. The earliest Wi-Fi security protocol was also unveiled the same year.
WEP — Wired Equivalent Privacy
As the first generation of wireless network security, WEP has been outdated for almost two decades. Due to the simplistic nature of the RC4 Encryption Algorithm used in WEP, hackers could easily crack its security encryption using basic network analysis tools like AirCrack, AirSnort and Kismet.
When it comes to WPE and Windows 10, the protocol is no longer supported by default due to its deprecated status. This has been the case since at least Windows 7. You can still use the protocol while creating a new network on Windows 10; it’s just not at all recommended.
WPA — Wi-Fi Protected Access
Due to the discovery of numerous security vulnerabilities within the Cyclic Redundancy Check (CRC) used in WEP authentication, WPA was developed as a new standard in 2003. Instead of CRC, the new system used Temporal Key Integrity Protocol (TKIP).
TKIP-based WPA was considered more robust, as it used unique encryption keys for each data packet sent across the network. This results in more complex codes that can take longer to decrypt and hack.
But the system was far from secure, as it still employed the RC4 encryption used by its predecessor. WPA served largely as a stopgap measure for the Wi-Fi Alliance as it was developing a stronger, more secure Wi-Fi security standard. WPA was quickly replaced by WPA2 in 2006.
WPA2 — AES
Until the announcement of WPA3 in 2018, WPA2 was the most advanced form of wireless security. Two major things set it apart from its predecessor: the mandatory usage of Advanced Encryption Standard (AES) algorithms and the replacement of TKIP with Counter Cipher Mode with Block Chaining Message Authentication Code Protocol (CCMP).
While CCMP is a superior protocol with vastly improved security compared to other protocols, WPA2 is still vulnerable to brute-force attacks and rainbow table attacks which use vast databases of precomputed hash strings (rainbow tables).
Both WPA and WPA2 provide two separate authentication variants: Personal for individual and home use and Enterprise for use in an office context. In the former, there is just one single authentication key. In Enterprise, the system administrator can set multiple authentication keys for different users.
Connecting to a WPA or WPA2 network is a fairly straightforward process in Windows 10. The system automatically detects all available wireless networks in the vicinity. The user simply has to select the network from the list and provide the security key (Wi-Fi password) when prompted.
To check your current security protocol, go to the Taskbar and click the Wi-Fi Connection icon. Go to the Wi-Fi details found in Properties. Security Type is displayed prominently there.
WPA3 — The future
The next generation of wireless security is yet to reach widespread implementation. It aims to reduce the reliance on user-set passwords for security, which is a thing in WPA2 — the system is only secure if you use a 16-digit complex password.
In WPA3, this is no longer a necessity, as it uses a new protocol for key exchange called Simultaneous Authentication of Equals. As it reduces the reliance on hash string databases, attackers have to directly interact with the router/access point to crack the password.
Even if the security key is compromised, the protocol does not allow access to historic data transmitted through the network. WPA3 is also expected to make public or open wireless networks even more secure.
Different ways to connect to secure wireless networks
In Windows 10, users have multiple choices when it comes to connecting their PCs to a nearby secure Wi-Fi network. At least four options exist, with varying levels of convenience and complexity. They include:
Taskbar
The most straightforward option is using the taskbar. The wireless icon is usually located in the right corner. Clicking it displays a list of available connections. Select the appropriate network and provide the authentication key to connect.
Settings
Another option is to use the Network & Security page in the Settings menu. Head to the Wi-Fi section, select “Manage known networks” and opt for “Add a new network.” Provide the network name and select the appropriate security type. Input the security key (Wi-Fi password) and save the settings to connect.
Control panel
These steps mentioned above can also be initiated by heading to the control panel. The options are found in the Network and Internet page, or to be more precise, in the Network & Sharing Center. Select “Setup a New Connection or network” to get started.
Command prompt
The command prompt is another option available to advanced users who are comfortable in a text-only interface. Run command prompt as administrator and use the netsh scripting utility to view and connect to available wireless networks.
When configuring wireless security for a new connection, it is always a wise choice to select the latest protocol, i.e., WPA2-AES. If circumstances compel you to use WEP, make it a point not to use said network to access potentially sensitive personal or financial data sources, like email accounts, social media or internet banking.
Here is a quick and helpful ranking of all the network security protocols available at the moment, from best to worst:
- WPA3
- WPA2+AES
- WPA+AES
- WPA+TKIP
- WEP
- Open Wi-Fi
Conclusion
With the rollout of WPA3, wireless network security will get a long-awaited shot in the arm. But while we wait for future devices to become certified for the new security protocols, it is important to employ best practices when it comes to using WPA/WPA2 security for current wireless networks and devices.
Learn Windows 10 Host Security
Sources
- What Are WEP, WPA, and WPA2? Which Is Best?, Lifewire
- Introduction to Wi-Fi Network Security, Lifewire
- Wireless Network and Wi-Fi Security Issues to Look Out For in 2019, AT&T Cybersecurity
- Difference between WPA, WPA2 & WEP Wi-Fi Protocols, TheWindowsClub
- Wi-Fi Security: Should You Use WPA2-AES, WPA2-TKIP, or Both?, How-To Geek
- WPA3 - What does the replacement of WPA2 mean?, Advantio