In recent months, manufacturers of routers and Wi-Fi access points have been integrating the new WPA3 security protocol into their firmwares , a protocol much more secure than the previous WPA2. Today we are at a time of transition from WPA2 to WPA3, and it is possible that many Wi-Fi wireless clients are not compatible with the new protocol, but there is the possibility of configuring a WPA2 / WPA3-Personal mode in the computers, in such a way that, the old computers will connect as usual with WPA2, and the clients compatible with WPA3. Do you want to know how to configure your Wi-Fi router with WPA3 and connect with your devices?
Before starting with our complete tutorial to configure WPA3 in the home router, and how to connect with our computer, smartphone or tablet, we must know that there are currently several types of WPA3, and the firmwares of the routers incorporate all these options to select them. Depending on the chosen security mode, we will have to fill in more or less information in the router and also in the wireless client, therefore, it is very important to keep it in mind.
- WPA3-Personal : this method is the typical one that we will use at home, we will put a unique password and with this key all wireless devices will be connected. It is what is known as PSK (Pre-Shared Key), or pre-shared password. In this configuration mode the router will only use WPA3-Personal, devices not compatible with WPA3 will not be able to connect to the router or AP.
- WPA3-Enterprise : this method is when we have a RADIUS server for the authentication of the different users with username / password and with a digital certificate. This connection method will be available especially in companies, since normally a home user will not install a RADIUS server at home.
- WPA2 / WPA3-Personal : this method is a transition option, it allows the router to accept connections with WPA2-Personal (with pre-shared key) and WPA3-Personal security simultaneously. Wireless clients always select the most secure option by default, but this option allows unsupported wireless clients to connect successfully without problems.
Configure WPA3-Personal on the Wi-Fi router
At this time, the main brands of home wireless routers such as ASUS and AVM FRITZ! Box, have incorporated the possibility of configuring the new protocol to provide their customers with the best possible wireless security. Other manufacturers such as Aruba or D-Link have also incorporated this WPA3 protocol in their professional access points managed from the cloud.
The first thing we have to do is check if my Wi-Fi wireless router supports this new protocol, most ASUS routers have incorporated this function for a few months, in the case of the AVM FRITZ! Box, they are currently in an update process of all its models, but devices such as the FRITZ! Box 7590 and 7530 already support this protocol.
To check if the router supports this type of security, we must enter its configuration web menu, through its default gateway, normally it will be 192.168.0.1 or 192.168.1.1, although in the case of ASUS, we can Put router.asus.com and it will take us directly to the router’s administration website. In the case of the AVM FRITZ! Box, just put “fritz.box” in the navigation bar and we will enter.
Once inside, we have to go to the ” Wireless / Security ” section, in the case of ASUS, we can change the configuration directly from the main menu, in the “System Status” section and clicking on each of the two frequency bands, we can easily change the security.
If we want to see in more detail the options available globally, we must go to the “Wireless” section, and here we will also see everything related to the security of the Wi-Fi wireless network. A very important aspect is that this router supports WPA2 / WPA3-Personal, to support equipment that is not compatible.
In the case of ASUS, if we have a Wi-Fi AiMesh network, we will have to select yes or yes the WPA2-Personal mode or the WPA2 / WPA3-Personal mode, since this Wi-Fi Mesh system does not currently support WPA3-Personal only. The firmware itself will warn us of this, if we want AiMesh it is necessary to activate backward compatibility, selecting WPA2 / WPA3-Personal.
In the case of AVM routers, they only support WPA2 / WPA3-Personal, they do not support only WPA3-Personal, so we will have backwards compatibility. This is essential because we are in a moment of transition between one protocol and another, and we will always have to support older equipment that is not compatible.
To configure the WPA3 protocol, we must go to the ” Wi-Fi / Security / Encryption ” section, as you can see here:
If you have another brand of routers, WPA3 security must be available in the security section, if we do not have a drop-down where to select this option, it means that it is simply not compatible (yet) with this protocol, and you have to wait for a new one to be launched firmware where it does support it.
On D-Link Mesh Wi-Fi systems, like the COVR-1102 and the recently released COVR-1103, the WPA2 / WPA3-Personal menu looks like this:
In the case of the D-Link, it does not support WPA3 only like the ASUS, it is exactly the same as the FRITZ! Box, it allows both protocols.
Connect to the Wi-Fi router with WPA3 and the computer
In order to use WPA3 in our wireless client, either with Windows PCs or with mobile devices, we must do two actions:
- Forget the Wi-Fi network to which we have previously connected, this step is necessary because internally it has been saved with WPA2 security, and it will continue to use this protocol. If we select WPA2 / WPA3 it will not give us an error because it will connect with WPA2, but if we select WPA3 only, it will give us an error.
- Reconnect to the Wi-Fi network again by entering the usual password.
In addition to this, we must meet a total of three fundamental requirements to connect with WPA3-Personal:
- We must have an operating system compatible with WPA3, the latest versions of Windows 10, Mac and Linux are supported. If you have older versions, it may not be compatible, you should read the official WPA3 compatibility documentation to find out.
- The Wi-Fi card must be compatible with the WPA3 protocol, there are old cards that are not compatible. We must investigate the technical specifications of the card, and if there is no information, we can always try ourselves.
- We must have the latest available drivers installed on our computer, this will ensure that, if the card supports it, we can connect to WPA3 networks without problems.
Once we meet these three requirements on the PCs, we can try to connect to the Wi-Fi wireless network with the WPA3 security protocol.
In Windows operating systems, in the Wi-Fi section we can see that we are perfectly connected to a Wi-Fi network with the usual WPA2-Personal protocol:
We have to go to the section “Manage known networks” to delete the remembered Wi-Fi network, we proceed to click on our Wi-Fi network and click on “Stop remembering.” Now we will have to connect again to the Wi-Fi wireless network.
Once we have connected, if everything has gone correctly, we will have connectivity without problems and in the state of the Wi-Fi wireless network we will be able to see that we are effectively using WPA3-Personal without problems.
As you have seen, we have been able to connect without problems.
Connect to the Wi-Fi router with WPA3 and the smartphone or tablet
In the case of mobile phones or tablets, everything is simpler, our smartphone or tablet must have the latest version of the Android or iOS operating system, and we will try to connect to the Wi-Fi wireless network with WPA3.
- If we have selected WPA3-Personal only and we cannot connect, it means that it is not supported, either by the internal chipset of the device, or by the version of the operating system. In this case, we would recommend you try another more current smartphone, either at the hardware level with the latest Snapdragon 888 or with the latest version of Android and iOS. We must bear in mind that when activating WPA3-Personal only, we will have the administration frames protected obligatorily, and for this reason, it is possible that not all mobile phones can be connected, especially the oldest ones.
- If we have selected WPA2 / WPA3-Personal, and you can connect, you will have to verify if you are connected in WPA2 mode or in WPA3 mode. This can be seen from the status of the Wi-Fi network of the smartphone or tablet, and also from the wireless registration in the router, since it will indicate whether the client has connected via WPA2 or via WPA3. If you can connect in this configuration mode, it is most likely that you are using WPA2 without the protected administration frames, so you will not have the additional security that WPA3 provides, you will have the same security as always with WPA2- Personal, since this transition mode allows to connect old and new equipment, having the administration frames protected in “capable” mode.
As you have seen in this tutorial, nowadays having WPA3 security in our home is very simple to better protect our wireless communications, but we must take into account a series of very important aspects to be able to connect without problems.