Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

Wireless Features



WPS Logo

When I posted the How is WPS Supposed to Work? article, I expected to have the error of my ways shown to me in short order. But instead of a barrage of "You bonehead! This is how you do it..." comments, the article received only a few responses, most of which reported similar experiences.

The Wi-Fi Alliance provided no information, either, just an query via its PR agency asking which products had been tested. It turns out, however, that one reader, known only as "UTO", had the golden clue, which I'll share with you shortly.

So due to the scarcity of useful information on the workings of Wi-Fi Protected Setup, I'm going to use this Need To Know to flesh out the subject. I hope that it will save others the hassle of having to discover by experimentation information that should have been provided by the product manufacturers that are (so very) slowly incorporating WPS into their products.

As noted in the first article, WPS is a wireless security setup protocol announced in August 2006 that the Alliance brokered as a way to get Buffalo, Intel, Atheros, Broadcom and Microsoft to stop working at cross-purposes.

WPS combines elements of Broadcom's Secure Easy Setup, Buffalo's AOSS (AirStation One-Touch Secure System), Atheros' JumpStart, Intel’s Smart Wireless Technology and Microsoft's WCN (Windows Connect Now) into a single method for getting a wireless network securely set up quickly and easily.

We put both AOSS and Secure Easy Setup through their paces back in 2005. While both had their problems, both did succeed in automatically making a secure connection. But neither system would interoperate with the other; the problem that WPS set out to solve. Here we are three years later with the technology available to do what was done in 2005, but still not widely deployed for various reasons known only to the chip, product makers and Wi-Fi Alliance.

I suspect that part of the reason is that unlike WPA and WPA2 security, WPS is an optional certification. While many draft 11n routers are WPS certified, products introduced even as recently as last year, such as the Linksys WRT150N, still don't support it.

WPS support in client devices is even harder to find and must be supported in manufacturer-provided client applications. This is because Windows XP provides no WPS support and Windows Vista supports only the PIN method (more on that shortly). And even then, the router and client device must be initially connected via Ethernet (!) for Vista to support the WPS PIN session. (Subsequent client additions can be done via wireless connection, however.)

WPS Basics

The best source of WPS technical detail is the "Wi-Fi CERTIFIED™ for Wi-Fi Protected Setup" (PDF link) white paper—once you wade through the first 4 or 5 pages of marketing-ese.

WPS currently supports two methods: Personal Information Number (PIN) and Push Button Configuration (PBC). The spec also includes a third method, Near-Field Communication (NFC) but there are currently no products that support NFC. To quote from the white paper:

"The Wi-Fi Protected Setup specification mandates that all Wi-Fi CERTIFIED products that support Wi-Fi Protected Setup are tested and certified to include both PIN and PBC configurations in APs, and at a minimum, PIN in client devices."

The difference between the two methods is pretty much described in their names. The PIN method involves entering a client device PIN, obtained either from a client application GUI or a label on a device, into the appropriate admin screen on a Registrar device.

Quoting further:"A Registrar ... issues the credentials necessary to enroll new clients on the network. In order to enable users to add devices from multiple locations, the specification also supports having multiple Registrars on a single network. Registrar capability is mandatory in an AP."

The PBC method requires the user to push buttons on the Registrar and Client devices within a two-minute period to connect them. (The two-minute period also applies to the PIN method.) The buttons can be physical, as they typically are on AP / router devices or virtual, as is normal on client devices.

More Wireless

Featured Sponsors

Top Ranked Routers




Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

Hello all,I have seen similar threads but haven't come across my exact setup and hoping to shed some light on a setup.I currently have my main AC3100 ...
I have a Asus router for 3 years now. Worked great no problems.But for two weeks ago my wifi signal was gone and the router dead.The power adapter led...
Hello,I am looking to buy an AC-1750 router, and the TP-Link Archer C7 V2 and D-Link DIR-868l are the ones that fit in my budget, I will flash custom ...
Greetings! This is my first post here. Can anyone tell me if it possible to restrict IP cameras on the WLAN/LAN to the VPN exclusively for connections...
Good morning-I'm looking into adding a VPN service to my router (running 380.62_1), which seems easy enough. However, I'm a Time Warner Cable subscrib...

Don't Miss These

  • 1
  • 2
  • 3