cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

NEED SOME HELP?

We’re here 24/7. 365 days a year.
Ask questions. Find your answers. Connect.

Weak Securirty warning on Apple iOS and Windows 10 or 11

KeithFrench
Community Star
Private Message TalkTalk
Message 1 of 1

Some Apple products have recently had an upgrade that can show the WiFi connection as having weak security:- 

 

  • iPad Software Version 14.01 - since the update to Version 14.0 it has shown Weak Security
  • iPhone SE Software Version 14.01 -since the update to Version 14.0 it has shown Weak Security

In addition to this, Windows 10 & 11 running Version 21H2 or later now has support for the security mode WPA3. In addition to that, if you also have if a WiFi adapter in that PC supports WPA3 authentication, then you may also get this warning message.

 

This is not really any problem at all, because when the device tries to connect to a router, it will always negotiate with the router to use the highest security settings available on both the router & the device. This would normally be WPA2 Personel with AES encryption. By default all TalkTalk routers allow WPA2 Personal & the older WPA2-TKIP to be in their list of available security modes.

 

This also means that whilst your phone, tablet & laptop are connected using WPA2 Personal with AES encryption; older devices that only support WPA2-TKIP can also connect simultaneously, but with the poorer security mode.

 

This upgrade is prompting you to remove the less secure mode from the router & this could mean that if you have some older devices, they may no longer be able to connect to your WiFi.

 

If you have done this ios14 upgrade and you want to restrict the available security modes available in your router please log into it & go to the WiFi settings and change:-

 

WiFi Security mode to: WPA2-PSK only

Encryption: AES

 

This can be found at the location given below for these routers:-

 

Huawei HG633/635

 

Home Network > Wireless Settings > Encryption

 

 

Huawei DG8041W (called WPA2 PreSharedKey on this router)

Dashboard > See Internet Settings > Manage advanced settings > Advanced Configuration > WLAN > 2.4G Basic Network Settings

 

Dashboard > See Internet Settings > Manage advanced settings > Advanced Configuration > WLAN > 5G Basic Network Settings

 

 

Sagemcom FAST5364 (Set Security to WPA2 Personal, this must also set the encryption to AES as no separate option for this)

 

Dashboard > See Wi-Fi Settings > Manage Advanced Settings > Wi-Fi 2.4Ghz gear icon > Basic

 

Dashboard > See Wi-Fi Settings > Manage Advanced Settings > Wi-Fi 5Ghz gear icon > Basic

 

 

DSL-3782

 

Settings > Wireless (Wi-Fi)

 

In the Security Settings set:-

 

Security: WPA2

WPA2 Type: PSK Value

 

Then go to Advanced settings & under the “Share Security” advanced settings, ensure that the “Cypher Type” is set to “AES”.

 

 

TalkTalk WiFi Extender DHP-W610AV

I have tested the security of the WiFi Extender in respect of this (although I do not have any Apple devices). The ios warning message will still be present, but as with all of the routers it can be safely ignored. The default settings do not allow for WPA2 Personnel only, the available options are:-

 

None

WPA/WPA2

So there is not much point in logging into the Extender's UI currently, but this setting can be found by going to:-

 

Set-up > Wireless Settings

 

When set to WPA/WPA2 the extender & it will offer both the older WPA2-TKIP and the more secure WPA2-PSK (WPA2-.

 

When trying to connect to the extender, the device will negotiate with the extender to use the highest security settings that are supported by them both.

 

It will allow a device to use WPA2-PSK with AES encryption if it supports it:-

 

A Windows PC using the Realtek RTL8821CE 802.11ac PCIe Adapter should be able to negotiate with the extender to use the most secure common settings of:-

 

WPA2-Personnel

AES Encryption

 

Partial output of netsh wlan show interface:-

 

Authentication : WPA2-Personal

Cipher : CCMP

 

CCMP is the same as AES encryption.

Keith
I am not employed by TalkTalk, I'm just a customer. If my post has fixed the issue, please set Accept as Solution from the 3 dot menu.
TalkTalk support and Community Stars - Who are they? 

0 REPLIES 0