The nature of devices that connect to the internet has changed. When routers first became mainstream, only phones and desktops were connecting to them. Both these devices have a screen and a proper input panel that allows them to communicate with the router. Specifically, both these types of devices can select a network, enter a name for said network if needed, and give the password for it. Devices have changed over time. Now, there are devices, IoT ones specifically, that need to connect to the internet but have neither a screen nor an input panel. In order to allow these devices to connect to a router, WPS WiFI Protected Setup is used.
WPS WiFi Protected Setup
WPS is a way of connecting devices that do not have a proper input panel to your home router. The objective is to allow the connection but to make sure no unauthorized devices can connect to the network.
In order to accomplish this, WPS uses device and network discoverability on two devices; one on the router, and one on the device itself. When you initiate a connection, you need to press the WPS button on your router. This tells the router to actively look for new devices. If the device you’re trying to connect to doesn’t have an input panel/screen of any sort, it ought to have a WPS button of its own. Press that button right after you press the WPS button on your router. This two way authentication will establish the connection.
WPS isn’t always initiated via a button on the router. This is because while most, if not all, routers can support WPS, not all of them have a dedicated button for it. In such cases, you have to either enable WPS through a PIN on your router’s admin panel.
WPS is an easy way for IoT devices to connect to a router but this method isn’t exclusive to IoT devices. Almost all modern devices support WPS and can connect through it. WPS is basically enabled on the router, and the connection that’s established from the device can be established either by pressing the WPS button on the device or by selecting the network from an input panel on the device. This means your phone and your smart thermostat can both use WPS to connect to your router.
Recent models of routers from the more popular manufacturers of the device have a dedicated WPS button. It’s normally marked as such or indicated on the box.
Other routers may use a single button for multiple purposes including enabling WPS. Normally, they might pair the On/Off functionality with WPS in which case you ought to refer to your router’s manual or online help page to see how you can enable WPS. In some cases, you might have to hold the button down for a while, or press it a few times in quick succession.
WPS Security Problems
WPS doesn’t always require you to press a physical button on your router to enable it. It can be enabled with a PIN which is 8 digits long and easy to crack with a brute force attack. A physical button protects you from this particular threat but if you’re using a PIN to enable it, your network isn’t safe.
When you enable WPS, any device that is in range can connect to it. Since most desktops and phones can use WPS, anyone who is within range of your network can connect to it when you enable it and you wouldn’t know. If you don’t use WPS, it’s probably a good idea to disable it on your router.
A Better Method
WPS is necessary because the nature of devices that need to connect to a network has changed however, there is no denying that a better, more secure way is needed to enable a connection between these devices. There is a method in the works called Easy Connect that will be part of WPA3, the newest security protocol that will be used on routers in the next few years.
Easy Connect enables a connection by authenticating it via a device that is already connected to the network. For example, if you have a new thermostat that needs to connect to your WiFi network, you will use your phone which is already connected to the network, to scan a QR code on the router and the device. The phone will serve as an intermediary to make sure that no unauthorized devices are connecting to the network.
The method isn’t going to be available on all routers that will support WPA3 because it isn’t compulsory to support it. You will need to get the right router and the right device is you plan on using it.