Menu
What's new
By:
Filters Better Search

Selecting to use the new WPA3 encryption option?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

I

itsjustme999

Occasional Visitor
I have my iPhone 13 mini and a MacBook that supports WPA3 Personal and of course, the AX86U does as well.

When selecting WPA3 PERSONAL on my AX86U router, should I enable the Protected Management Framework?

Will this slow down my internet connection if I enable it?

Does the PMF also provide more security?
 
PMF is mandatory with WPA3. I think you can set the field to "Capable" if you like but it won't make any difference compared to "Required". I don't know what happens if you set it to "Disable" alongside requiring WPA3, but it's unlikely to be good.
 
Another question.

With WPA3 Personal, can I set a less shorter WiFi password as long as it is complex?

In other words, I can make it shorter but still leaving it complex.

On my AX86U router I don’t see the selection to enable Simultaneous Authentication of Equals (SAE) which allows to set passwords that would be easier to remember because SAE is much harder to crack the password.
 
Last edited:
I'm not an expert in this, but I don't see how SAE could protect at all against brute-force guessing of the password. What it seems to be claimed to do is prevent after-the-fact decrypting of your wireless traffic, even for an attacker who has guessed the password. That's certainly worth something, but if you're worried at all about attacks on your network, you shouldn't think SAE makes it okay to use a weak password.

Besides which, what's the benefit of using a weak wireless password? There's no system I know of where you'd need to key that in on a regular basis.
 
Thanks so much for the explanation.
I’ll stick to my strong password.

Your right, I don’t have to remember the WiFi password, but if I forget my router admin password, now that would be an issue.
 
Finally, should I still switch to using WPA3 PERSONAL or it would not make it any more secure?

If the answer is yes, then I’ll have to set my older devices which are on the 2.4Ghz band to leave those only on the WPA2 and for the devices which supports WPA3, those will be on the 5Ghz band.
 
WPA3 is more secure than WPA2, but I'm not sure that there's all that much gain in being WPA3-only on one band if your setup still allows WPA2 connections on the other band --- unless you have additional security layers in place, such as the other band being a "guest net" setup with restricted access to the network. So it might not be worth troubling over until you've retired the WPA2-only devices. I'm not an expert on this stuff though, so somebody else might have a different opinion.
 
In my experience with WPA3 - if the clients do it, then yes...

WAP2/3-mixed - depends, this is where most of the trouble is there...
 
My experience too @sfx2000.

I don't know/join any networks (and none that I created) that use WPA3 exclusively.
 
itsjustme999 said:
I have my iPhone 13 mini and a MacBook that supports WPA3 Personal and of course, the AX86U does as well.

When selecting WPA3 PERSONAL on my AX86U router, should I enable the Protected Management Framework?

Will this slow down my internet connection if I enable it?

Does the PMF also provide more security?
Click to expand...

Apologies for topic necro but I am asking a similar question.

I recently got an AX86U Pro and have a number of clients which support wifi 6 and WPA3. With the previous router which was a Fritzbox, it recently had a firmware update which enabled WPA3. When I activated this my WLAN seemed to function as before, except that in Windows and similar it would show that security type as WPA3.

This doesn’t seem the case with the Asus. Firstly, setting WPA2/WPA3 mixed mode sees the same clients which before we’re connecting with 3, connecting as WPA2. Selecting WPA3 exclusive mode stops a couple of the clients connecting altogether.

The path of least resistance here is for me to bite the bullet and just use WPA2, but the Asus router is significantly more expensive, advanced (because the Fritzbox was wifi 5) and it is annoying me that the old box seemed to manage this more effectively than the “superior” product does.

Is there something which I can do so that when using mixed mode, capable clients are forced to use WPA3? If not, isn’t that kinda crappy?
 
SteevieWeevie said:
Apologies for topic necro but I am asking a similar question.

I recently got an AX86U Pro and have a number of clients which support wifi 6 and WPA3. With the previous router which was a Fritzbox, it recently had a firmware update which enabled WPA3. When I activated this my WLAN seemed to function as before, except that in Windows and similar it would show that security type as WPA3.

This doesn’t seem the case with the Asus. Firstly, setting WPA2/WPA3 mixed mode sees the same clients which before we’re connecting with 3, connecting as WPA2. Selecting WPA3 exclusive mode stops a couple of the clients connecting altogether.

The path of least resistance here is for me to bite the bullet and just use WPA2, but the Asus router is significantly more expensive, advanced (because the Fritzbox was wifi 5) and it is annoying me that the old box seemed to manage this more effectively than the “superior” product does.

Is there something which I can do so that when using mixed mode, capable clients are forced to use WPA3? If not, isn’t that kinda crappy?
Click to expand...
The WPA2/WPA3-Personal is usable on Asus routers. I've had to disconnect the client and reconnect to the WIFI then clients that can use WPA3 do use it.
With that said there are some older clients that do not like WPA2/WPA3 and will refuse to connect. My work around is to set up a guest WIFI with just WPA2 for those old clients Use Guest 2 or 3 if you want the clients to have access to other devices on your LAN. Use the same SSID for both bands and the clients can choose to use 2.4 or 5 GHz.
 
bbunge said:
The WPA2/WPA3-Personal is usable on Asus routers. I've had to disconnect the client and reconnect to the WIFI then clients that can use WPA3 do use it.
With that said there are some older clients that do not like WPA2/WPA3 and will refuse to connect. My work around is to set up a guest WIFI with just WPA2 for those old clients Use Guest 2 or 3 if you want the clients to have access to other devices on your LAN. Use the same SSID for both bands and the clients can choose to use 2.4 or 5 GHz.
Click to expand...
Thank you. That’s a good idea. A bit fiddly but I can see that working and it’s a fire and forget as it’s only needed for the older clients.

I’ll try it and see how I get on. Ta.
 
You must log in or register to reply here.

Similar threads

I
Asus AX86u WPA3?
Replies
2
Views
3K
OzarkEdge
OzarkEdge
T
About to pull my hair out - RT-AX88U Pro 2.4 Wireless clients dropping
2
Replies
32
Views
2K
The_Bishop
T
splendid_koi
Gigabit Tx/Rx rates yet slow transfer speeds over wifi
2 3
Replies
53
Views
2K
TheLostSwede
TheLostSwede
G
NAT type option gone after updating GT-AX11000 to firmware 3.0.0.4.388_23285, and other issues
Replies
1
Views
908
RMerlin
RMerlin
H
Temporary Loss Of WiFi And Log Full Of "acs_start eth7 cannot select chanspec with the wrong info"
2
Replies
22
Views
1K
Qbcd
Q

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 1,091 (members: 38, guests: 1,053)
Top