WPA2-PSK Wifi Protected Access 2

WPA2 (Wifi Protected Access 2) can use either the TKIP (Temporal Key Integrity Protocol) encryption cipher or the AES (Advanced Encryption Standard) encryption cipher. AES is recommended when using WPA2-PSK.

PSK (Pre-Shared Key) is a client authentication method that generates unique encryption keys based on the alphanumeric passphrase (up to 133 characters) and the network name (SSID).

For improved security it is better to use WPA2-PSK instead of WPA-PSK if your device supports it. TKIP is deprecated and no longer considered secure. Apple iPhones and iPads using iOS 10 are warned about insecure WiFi networks with the message ‘Configure your router to use WPA2 Personal (AES) security type for this network.’ If your router doesn’t specify TKIP or AES, the WPA2 option will usually use AES.

WPA-PSK and WPA2-PSK are vulnerable to brute force password cracking. To reduce this risk choose a passphrase of at least 20 characters and a network name (SSID) that doesn’t appear in the top 10,000 wifi network names (CSV).