WEP and WPA Security

SUMMARY: What are the differences between WEP and WPA security in a wireless network?

By default, most routers are configured to offer virtually no security features, allowing anyone to access your network. Unfortunately, this allows others to use packet sniffing software to record your traffic, potentially including the names of sites you visit, electronic mail texts, and the passwords used to access non-secure webpages.

If you are setting up a wireless network at your home or business, in your wireless router configuration you may have come across the option to use either WEP or WPA security to help encrypt your data. What are the basic differences between the two?

(Note this article covers only the basics and does not discuss enterprise implementations of these protocols.)

* WEP, or Wired Equivalent Privacy, is an older method for securing wireless networks from snoopers by encrypting information sent to and from the router from computers and other network devices. While WEP is supported by most all devices that support wireless security, this type of encryption is relatively easy to break. Thus, if you use WEP security, many hackers will still be able to see what websites you visit, what search terms you use, etc. Note that accessing HTTPS (HTTP Secure) websites over WEP will offer limited protection.

* WPA, or Wi-Fi Protected Access, is a much more secure method of encrypting information sent over wireless networks. Several different types of WPA security are available, the one most users will run across is called WPA-PSK. This uses a 8-63 character passphrase that must be stored on the router and sent by each device that wishes to access the network. The longer the passphrase, theoretically the stronger the protection, so if you implement this protocol, please do not use passphrases such as "computer" or your first name. These can easily be guessed by hackers.

While WPA offers more security, it is not supported by some older devices and operating systems.

* WPA2 is like WPA but offers a stronger encryption algorithm, among other features. As with WPA, some older operating systems and hardware do not support this standard. As with the WPA protocol, use a longer passphrase to increase your network security.