Bottom line: Wi-Fi Protected Access 2 was released over a decade ago and has had its share of flaws discovered. WPA3 will replace WPA2 as the new standard in securing Wi-Fi networks for years to come.
After announcing the WPA3 security protocol for Wi-Fi as CES 2018, the Wi-Fi Alliance has officially begun to certify devices for next-generation networking. Improved security measures will prevent offline bruteforce attempts against captured data and will also make it easier to connect IoT devices to networks.
One of the security enhancements offered by WPA3 is requiring Protected Management Frames by default. Using the WPA2 protocol, this option was not required and often limited to only enterprise or premium consumer devices. Without the feature enabled, deauthentication attacks were possible causing selected users to be disconnected from Wi-Fi with no way to remain connected until an attack was stopped.
Simultaneous Authentication of Equals (SAE) creates a secure method of transmitting sensitive password information and makes it vastly more difficult to bruteforce your way in. When using WPA3-Enterprise, all traffic is protected by a 192-bit encryption scheme. This helps allow for compliance in government and financial sectors, although can be used elsewhere as well.
For public places such as coffee shops and sporting events arenas, Wi-Fi Enhanced Open will bring encryption to Wi-Fi that is freely available without any login required. Opportunistic Wireless Encryption assigns each connected user a unique encryption scheme so that data cannot be intercepted.
WPA3 will remain fully backwards compatible with WPA2, thus allowing new devices to still make use of older networking equipment. A new Easy Connect feature is being added so that devices without screens or full human input devices attached can be added to Wi-Fi networks. The feature will allow for QR codes to be scanned using a smartphone, tablet, or other device to grant access to other users.
It is expected that WPA3 will roll out over the next year to early adopters and will take several years before the majority of devices support the new protocol. While it is possible for manufacturers to update existing firmware to support the new standard, previous track records of updates make this seem relatively unlikely.