In October 2017, security researcher Mathy Vanhoef published a paper describing Key Reinstallation Attacks — KRACK — against the WPA2 four-way handshake. The disclosure triggered emergency patches across every major operating system, router firmware, and WiFi chipset vendor simultaneously. It was the most significant WiFi security event between WEP’s collapse in the early 2000s and WPA3’s introduction in 2018. Understanding what KRACK was, and what it actually threatened, clarifies both the state of WPA2 security today and how the WiFi security ecosystem responds to structural vulnerabilities.

WPA3 has been the current WiFi security standard since 2018. WPA2, its predecessor, has been deployed since 2004 and remains the majority protocol on networks worldwide. The gap between them is not cosmetic — there are genuine security improvements in WPA3 — but the threat model that justifies urgency depends on who is operating the network and what data crosses it. What WPA2 Actually Provides and Where It Falls Short WPA2 introduced AES-CCMP encryption to WiFi, replacing the broken WEP and transitional TKIP protocols that preceded it.