WPA vs WPA2 vs WPA3 — What's the Difference?
WiFi Protected Access (WPA) is the security protocol that protects your wireless network. Understanding the differences matters for knowing your recovery options.
Quick Comparison
| Protocol | Year | Encryption | Recovery |
|---|---|---|---|
| WEP | 1997 | RC4 (broken) | Trivial (minutes) |
| WPA / TKIP | 2003 | RC4 + TKIP | Via handshake crack |
| WPA2 / CCMP | 2004 | AES-128 CCMP | Via handshake crack |
| WPA2 / TKIP | 2004 | RC4 + TKIP (legacy) | Via handshake crack |
| WPA3 / SAE | 2018 | AES-128 + SAE | Very hard |
Most home routers today use WPA2/CCMP. Handshake-based recovery applies to WPA, WPA2 (both TKIP and CCMP), and WPA2/WPA3 mixed mode.
WPA (2003)
WPA was introduced as an emergency replacement for the completely broken WEP protocol. It used TKIP (Temporal Key Integrity Protocol) with RC4 encryption — the same cipher as WEP but with per-packet key mixing to prevent the attacks that broke WEP.
WPA is rarely used on modern equipment but some older routers still support it in compatibility mode. Handshake capture and dictionary attack applies fully to WPA.
WPA2 (2004) — The Most Common
WPA2 replaced WPA and introduced CCMP (Counter Mode Cipher Block Chaining Message Authentication Code Protocol) based on AES-128. This became mandatory for all WiFi certified devices from 2006 onward.
WPA2 has two cipher modes:
WPA2-CCMP (AES)
The standard mode. Uses AES-128 in CCM mode. Strong cipher — the password is the only weak point. Most modern routers default to this.
Recovery: possible via handshake + dictionary attack
WPA2-TKIP (RC4)
Legacy compatibility mode. Uses the older RC4 cipher with TKIP key mixing. Enabled on some routers for compatibility with old devices.
Recovery: same as CCMP — via handshake
What makes WPA2 passwords crackable?
The WPA2 protocol itself is not broken. The vulnerability is in the 4-way handshake: it contains enough information to verify password guesses offline. An attacker (or recovery tool) captures the handshake and then tests password candidates against it at GPU speed — billions of guesses per second. The protocol is only as strong as the password.
WPA3 (2018) — Hard to Crack
WPA3 replaced the PSK (pre-shared key) handshake with SAE (Simultaneous Authentication of Equals), also known as Dragonfly. SAE is designed to prevent offline dictionary attacks entirely — each authentication requires interaction with the access point, so offline cracking is not possible with current techniques.
As of 2026, WPA3 is standard on most new routers and is required for Wi-Fi 6 (802.11ax) and Wi-Fi 7 (802.11be) certification. If your router uses WPA3-only mode, password recovery via handshake capture is not practical.
Note: Many WPA3 routers run in WPA2/WPA3 transition mode, which still supports WPA2 handshake capture for backwards compatibility.
What This Means for Recovery
WEP
Encryption is completely broken. Recovery is trivial regardless of password complexity.
WPA / WPA2 (TKIP or CCMP)
Recovery possible via handshake + GPU dictionary attack. Success depends on password complexity — 60-70% for human-chosen passwords.
WPA3 (SAE-only)
Offline dictionary attacks not feasible with current techniques. Recovery not offered.
WPA2/WPA3 mixed mode
WPA2 handshake can still be captured. Same recovery process as pure WPA2.
Have a WPA/WPA2 capture file?
Submit it for GPU dictionary recovery. 60-70% success rate, pay only if found.