Wireless Security and Wi-Fi Attacks — WEP to WPA3, and Why Captive Portals Lie
Manish GargAssociate of (ISC)² · RingSafe
Apr 26, 202611 min read
Read as
Last updated: May 1, 2026
Wi-Fi has gone through five generations of security: WEP (broken, do not deploy), WPA/WPA2 (still common, still attackable via offline cracking and KRACK), WPA3 (the modern default with SAE replacing PSK), and 802.1X / WPA3-Enterprise for managed environments. This module covers the protocol differences, the attacks (deauth, evil twin, KRACK, FragAttacks, PMKID, KARMA), and the practical wireless security baseline an Indian enterprise should run in 2026.
Wi-Fi is the default network for almost every laptop and phone in India in 2026. WPA2-PSK is still the most-deployed mode and is well-attacked; WPA3 is the proper modern default but adoption is uneven; enterprise networks should be 802.1X with EAP-TLS, but most are not. This module is the practitioner walk-through of the protocols, the attacks, and the deployment patterns that actually defend wireless networks.
A brief history of Wi-Fi security — and why most "WPA2" deployments are still attacked
WEP
1997— broken since 2001, full keystream recovery in minutes, never deploy. WPA
2003— interim TKIP-based fix; do not deploy. WPA2
2004— AES-CCMP-based, still ubiquitous in 2026. The 4-way handshake using a Pre-Shared Key (PSK) gave us PMK, then PTK. Attacker captures the handshake passively, cracks PSK offline with hashcat. WPA3
2018— SAE (Simultaneous Authentication of Equals, “Dragonfly”) replaces PSK handshake with a forward-secret password-authenticated key exchange. Offline crack of captured handshake is no longer feasible. WPA3-Enterprise mandates 192-bit suites for high-security mode. OWE (Opportunistic Wireless Encryption) brings encryption to “open” Wi-Fi without authentication. Reality 2026: most home and small-office Wi-Fi is still WPA2-PSK; most managed enterprise SSIDs are WPA2-Enterprise (PEAP-MSCHAPv2 or EAP-TLS); WPA3 transition mode is widely deployed but mixed-clients still fall back to WPA2.
Need a real pentest?
Get a VAPT scoping call
Senior practitioner-led VAPT — not a checklist run by juniors. CVSS-scored findings, free retest, attestation letter. India's SMBs and SaaS teams.