Finally, a new security protocol for Wi-Fi is coming out. It has been 15 years since the last major update to Wi-Fi security. As weaknesses are becoming more prevalent in WPA-2 there is a big need to increase security. Almost 10% of Wi-Fi is still using WEP and now with KRACK becoming more accessible, we need a change. While WPA-3 will be backward compatible with WPA-2 through a transitional period. Although I suspect it will be a long transition time.
WPA3 is providing big improvements to authentication, cryptography, and even resiliency. Simultaneous Authentication of Equals (SAE) will prevent password guessing attempts.
Some key enhancements to WPA-3 enterprise are 192-bit security mode, GCMP-256 key derivation, HMAC-384 authentication, ECDH key exchange, and BIP-GMAC-256 frame protection.
With all of these security improvements coming it is still important to teach your users about Wi-Fi safety. They are still susceptible to Fake Wi-Fi AP’s, evil twins and MITM attacks, and using open Wi-Fi networks.