When to expect WPA3 availability on Peplink devices?


#1

Good morning Peplinkers,

With the news that WPA3 should be available in 2018, can we expect Peplink to implement the new feature on the APs and other devices like the Balance One?


#2

Since It was only announced 4 days ago (and hasn’t been released yet) it won’t be on any Peplink Development Road Map currently.

Peplink will do an engineering review of the requirements in due course I’m sure (once released), and then advise when it will become available - but I wouldn’t expect them to be able to respond to this for a few months yet.


#3

I know it’s early days, but for those of us with planned purchases later in 2018 it would be helpful to have an idea of Peplink’s general plan and timeline for WPA3 support.

Also, as a company who’s entire purpose is providing network and connectivity devices to security aware businesses and consumers, I’m sure Peplink won’t be silent for too long.

Failing to plan is planning to fail.


#4

Dear friends,

WPA3 is definitely an important new standard in the industry and Peplink is watching this closely. There is no doubt that we will work hard to adopt it as early as possible for our products.

Right now, it’s hard for anybody to come up with a firm schedule but I think it’s fair to say it will appear sometime this year (given it’s JAN now) :slight_smile:


#5

Me right now:


#6

Hack WiFi Password WPA/WPA2


#7

The new attack on WPA2, which originally posted in the hashcat forum (https://hashcat.net/forum/thread-7717.html), is based on PMKID from the AP which is extracted from EAPOL frame.

That means, to exploit this vulnerability, getting PMKID from the AP is a must, and by default, 802.11r is disabled on Pepwave AP and in this case PMKID doesn’t exist in the EAPOL frames.

So this should be fine for Pepwave users, while this could be a good chance for all of us to review our Wi-Fi security settings.

Here are the suggestions for you if you are still worrying about the new attack:

  • Always use a complicated (A-Z + a-z + 0-9) and long enough (as long as you can, at least 12 characters long) passphrase, and change them periodically, so even the hacker is using this new attack on you, it will take years to crack your passphrase. If it takes years for them, then in practical you are safe from the attack.

  • Change your Wi-Fi SSID to something unique, don’t use common names, this will help you to prevent hackers from cracking your passphrase by looking up precomputed hash (i.e. rainbow table) to speedup their process.

  • Use WPA2 Enterprise with a Radius server for authentication, then you’ll be completely safe from this new attack.


#9

Will WPA3 be available on Pepwave Surf SOHO or if not yet purchased do consumers need to wait till the “next model?”


#10

I believe it will be released in a future firmware release so should be compatible with the current models which can be upgraded.