What is the difference between WPA2 and WPA3 security, and why is WPA3 considered more secure?

• A. WPA3 uses stronger encryption (SAE), simpler handshake, and better protection against offline dictionary attacks; WPA2 uses pre-shared keys and TKIP/AES.
• B. WPA3 uses SAE; WPA2 uses PSK only.
• C. WPA3 is less secure than WPA2.
• D. WPA3 requires no encryption.

Answer: (A)

The key idea here is how authentication and key exchange differ, and how that affects password security. WPA2 often uses a pre-shared key (PSK) for home networks, and the usual handshake derives session keys from that password. If the password is weak, an attacker who captures traffic can test guesses offline against the handshake to try to figure out the password—an offline dictionary attack. WPA3 changes the game by using Simultaneous Authentication of Equals (SAE), a password-based key exchange that verifies both sides and provides forward secrecy. With SAE, even if someone later learns the network password, past sessions remain protected, and offline guessing becomes impractical because the attacker can’t reliably test guesses without interacting with the network. That combination—stronger authentication and protection against offline password guessing—makes WPA3 more secure in practice. The other statements aren’t accurate: encryption is still used, WPA2 isn’t limited to PSK only (enterprise authentication exists), and saying WPA3 requires no encryption or that it’s less secure than WPA2 is not true.