<P> Wi - Fi Protected Access (WPA) is a software / firmware improvement over WEP . All regular WLAN - equipment that worked with WEP are able to be simply upgraded and no new equipment needs to be bought . WPA is a trimmed - down version of the 802.11 i security standard that was developed by the IEEE 802.11 to replace WEP . The TKIP encryption algorithm was developed for WPA to provide improvements to WEP that could be fielded as firmware upgrades to existing 802.11 devices . The WPA profile also provides optional support for the AES - CCMP algorithm that is the preferred algorithm in 802.11 i and WPA2 . </P> <P> WPA Enterprise provides RADIUS based authentication using 802.1 X . WPA Personal uses a pre-shared Shared Key (PSK) to establish the security using an 8 to 63 character passphrase . The PSK may also be entered as a 64 character hexadecimal string . Weak PSK passphrases can be broken using off - line dictionary attacks by capturing the messages in the four - way exchange when the client reconnects after being deauthenticated . Wireless suites such as aircrack - ng can crack a weak passphrase in less than a minute . Other WEP / WPA crackers are AirSnort and Auditor Security Collection . Still, WPA Personal is secure when used with' good' passphrases or a full 64 - character hexadecimal key . </P> <P> There was information, however, that Erik Tews (the man who created the fragmentation attack against WEP) was going to reveal a way of breaking the WPA TKIP implementation at Tokyo's PacSec security conference in November 2008, cracking the encryption on a packet in between 12--15 minutes . Still, the announcement of this' crack' was somewhat overblown by the media, because as of August, 2009, the best attack on WPA (the Beck - Tews attack) is only partially successful in that it only works on short data packets, it cannot decipher the WPA key, and it requires very specific WPA implementations in order to work . </P> <P> In addition to WPAv1, TKIP, WIDS and EAP may be added alongside . Also, VPN - networks (non-continuous secure network connections) may be set up under the 802.11 - standard . VPN implementations include PPTP, L2TP, IPsec and SSH . However, this extra layer of security may also be cracked with tools such as Anger, Deceit and Ettercap for PPTP; and ike - scan, IKEProbe, ipsectrace, and IKEcrack for IPsec - connections . </P>

Wi-fi protected access (wpa) a wireless security protocol to protect wi-fi networks