WPA
Embed This Widget
Add the script tag and a data attribute to embed this widget.
Embed via iframe for maximum compatibility.
<iframe src="https://ipfyi.com/iframe/glossary/wpa/" width="420" height="400" frameborder="0" style="border:0;border-radius:10px;max-width:100%" loading="lazy"></iframe>
Paste this URL in WordPress, Medium, or any oEmbed-compatible platform.
https://ipfyi.com/glossary/wpa/
Add a dynamic SVG badge to your README or docs.
[](https://ipfyi.com/glossary/wpa/)
Use the native HTML custom element.
Definição
Wi-Fi Protected Access. Uma família de protocolos de segurança (WPA, WPA2, WPA3) que criptografam o tráfego de rede sem fio e autenticam dispositivos. WPA3 é o padrão atual, oferecendo criptografia mais forte e proteção contra ataques de dicionário offline.
Evolution from WEP
WPA (Wi-Fi Protected Access) was introduced in 2003 as an emergency patch for the catastrophically broken WEP protocol. WPA used TKIP (Temporal Key Integrity Protocol), which rotated encryption keys per-packet to address WEP static key vulnerabilities while remaining compatible with older hardware. WPA2, ratified in 2004, replaced TKIP with AES-CCMP — the same AES-128 EncryptionThe process of converting plaintext data into ciphertext using a cryptographic algorithm and key, making it unreadable without the corresponding decryption key. The foundation of secure communication on the internet. used in modern TLS — making brute-force attacks the primary threat rather than protocol weaknesses. WPA3, introduced in 2018, added Simultaneous Authentication of Equals (SAE) to replace the four-way handshake, eliminating offline dictionary attacks against captured handshakes.
Personal vs. Enterprise Modes
WPA-Personal (WPA-PSK) uses a pre-shared passphrase that all users know. WPA-Enterprise uses 802.1X with a RADIUS authentication server, issuing per-user, per-session keys derived from individual credentials or certificates. Enterprise mode prevents one compromised device from decrypting traffic from other devices — a property called forward secrecy — and integrates with Active Directory for centralized access management.
Common Attack Vectors
The PMKID attack against WPA2-Personal allows an attacker to capture a single frame during association and attempt offline dictionary attacks without staying near the network. WPA3-SAE closes this by making the handshake resistant to offline cracking. Regardless of WPA version, a weak SSIDService Set Identifier. The human-readable name of a Wi-Fi network that access points broadcast so nearby devices can discover and connect to it. SSIDs can be hidden to reduce casual visibility. passphrase remains the most exploitable weakness. Use DNS Leak Test after connecting to any unfamiliar Wi-FiA family of wireless networking protocols based on the IEEE 802.11 standards, enabling devices to connect to a local network without cables. Wi-Fi 6 (802.11ax) and Wi-Fi 7 (802.11be) are the latest generations. network to verify that your DNS queries are not being intercepted.