Weak Securirty warning on Apple iOS and Windows 10 or 11

KeithFrench — Tue, 21 Nov 2023 16:17:13 GMT

Some Apple products have recently had an upgrade that can show the WiFi connection as having weak security:-

iPad Software Version 14.01 - since the update to Version 14.0 it has shown Weak Security
iPhone SE Software Version 14.01 -since the update to Version 14.0 it has shown Weak Security

In addition to this, Windows 10 & 11 running Version 21H2 or later now has support for the security mode WPA3. In addition to that, if you also have if a WiFi adapter in that PC supports WPA3 authentication, then you may also get this warning message.

This is not really any problem at all, because when the device tries to connect to a router, it will always negotiate with the router to use the highest security settings available on both the router & the device. This would normally be WPA2 Personel with AES encryption. By default all TalkTalk routers allow WPA2 Personal & the older WPA2-TKIP to be in their list of available security modes.

This also means that whilst your phone, tablet & laptop are connected using WPA2 Personal with AES encryption; older devices that only support WPA2-TKIP can also connect simultaneously, but with the poorer security mode.

This upgrade is prompting you to remove the less secure mode from the router & this could mean that if you have some older devices, they may no longer be able to connect to your WiFi.

If you have done this ios14 upgrade and you want to restrict the available security modes available in your router please log into it & go to the WiFi settings and change:-

WiFi Security mode to: WPA2-PSK only

Encryption: AES

This can be found at the location given below for these routers:-

Huawei HG633/635

Home Network > Wireless Settings > Encryption

Huawei DG8041W (called WPA2 PreSharedKey on this router)

Dashboard > See Internet Settings > Manage advanced settings > Advanced Configuration > WLAN > 2.4G Basic Network Settings

Dashboard > See Internet Settings > Manage advanced settings > Advanced Configuration > WLAN > 5G Basic Network Settings

Sagemcom FAST5364 (Set Security to WPA2 Personal, this must also set the encryption to AES as no separate option for this)

Dashboard > See Wi-Fi Settings > Manage Advanced Settings > Wi-Fi 2.4Ghz gear icon > Basic

Dashboard > See Wi-Fi Settings > Manage Advanced Settings > Wi-Fi 5Ghz gear icon > Basic

DSL-3782

Settings > Wireless (Wi-Fi)

In the Security Settings set:-

Security: WPA2

WPA2 Type: PSK Value

Then go to Advanced settings & under the “Share Security” advanced settings, ensure that the “Cypher Type” is set to “AES”.

TalkTalk WiFi Extender DHP-W610AV

I have tested the security of the WiFi Extender in respect of this (although I do not have any Apple devices). The ios warning message will still be present, but as with all of the routers it can be safely ignored. The default settings do not allow for WPA2 Personnel only, the available options are:-

None

WPA/WPA2

So there is not much point in logging into the Extender's UI currently, but this setting can be found by going to:-

Set-up > Wireless Settings

When set to WPA/WPA2 the extender & it will offer both the older WPA2-TKIP and the more secure WPA2-PSK (WPA2-.

When trying to connect to the extender, the device will negotiate with the extender to use the highest security settings that are supported by them both.

It will allow a device to use WPA2-PSK with AES encryption if it supports it:-

A Windows PC using the Realtek RTL8821CE 802.11ac PCIe Adapter should be able to negotiate with the extender to use the most secure common settings of:-

WPA2-Personnel

AES Encryption

Partial output of netsh wlan show interface:-

Authentication : WPA2-Personal

Cipher : CCMP

CCMP is the same as AES encryption.

topic Weak Securirty warning on Apple iOS and Windows 10 or 11 in Full Fibre

Weak Securirty warning on Apple iOS and Windows 10 or 11