Router Charts

Router Charts

Router Ranker

Router Ranker

Router Chooser

Router Chooser

NAS Charts

NAS Charts

NAS Ranker

NAS Ranker

More Tools

More Tools

Wireless Features

Introduction

WPS Logo

When I posted the How is WPS Supposed to Work? article, I expected to have the error of my ways shown to me in short order. But instead of a barrage of "You bonehead! This is how you do it..." comments, the article received only a few responses, most of which reported similar experiences.

The Wi-Fi Alliance provided no information, either, just an query via its PR agency asking which products had been tested. It turns out, however, that one reader, known only as "UTO", had the golden clue, which I'll share with you shortly.

So due to the scarcity of useful information on the workings of Wi-Fi Protected Setup, I'm going to use this Need To Know to flesh out the subject. I hope that it will save others the hassle of having to discover by experimentation information that should have been provided by the product manufacturers that are (so very) slowly incorporating WPS into their products.

As noted in the first article, WPS is a wireless security setup protocol announced in August 2006 that the Alliance brokered as a way to get Buffalo, Intel, Atheros, Broadcom and Microsoft to stop working at cross-purposes.

WPS combines elements of Broadcom's Secure Easy Setup, Buffalo's AOSS (AirStation One-Touch Secure System), Atheros' JumpStart, Intel’s Smart Wireless Technology and Microsoft's WCN (Windows Connect Now) into a single method for getting a wireless network securely set up quickly and easily.

We put both AOSS and Secure Easy Setup through their paces back in 2005. While both had their problems, both did succeed in automatically making a secure connection. But neither system would interoperate with the other; the problem that WPS set out to solve. Here we are three years later with the technology available to do what was done in 2005, but still not widely deployed for various reasons known only to the chip, product makers and Wi-Fi Alliance.

I suspect that part of the reason is that unlike WPA and WPA2 security, WPS is an optional certification. While many draft 11n routers are WPS certified, products introduced even as recently as last year, such as the Linksys WRT150N, still don't support it.

WPS support in client devices is even harder to find and must be supported in manufacturer-provided client applications. This is because Windows XP provides no WPS support and Windows Vista supports only the PIN method (more on that shortly). And even then, the router and client device must be initially connected via Ethernet (!) for Vista to support the WPS PIN session. (Subsequent client additions can be done via wireless connection, however.)

WPS Basics

The best source of WPS technical detail is the "Wi-Fi CERTIFIED™ for Wi-Fi Protected Setup" (PDF link) white paper—once you wade through the first 4 or 5 pages of marketing-ese.

WPS currently supports two methods: Personal Information Number (PIN) and Push Button Configuration (PBC). The spec also includes a third method, Near-Field Communication (NFC) but there are currently no products that support NFC. To quote from the white paper:

"The Wi-Fi Protected Setup specification mandates that all Wi-Fi CERTIFIED products that support Wi-Fi Protected Setup are tested and certified to include both PIN and PBC configurations in APs, and at a minimum, PIN in client devices."

The difference between the two methods is pretty much described in their names. The PIN method involves entering a client device PIN, obtained either from a client application GUI or a label on a device, into the appropriate admin screen on a Registrar device.

Quoting further:"A Registrar ... issues the credentials necessary to enroll new clients on the network. In order to enable users to add devices from multiple locations, the specification also supports having multiple Registrars on a single network. Registrar capability is mandatory in an AP."

The PBC method requires the user to push buttons on the Registrar and Client devices within a two-minute period to connect them. (The two-minute period also applies to the PIN method.) The buttons can be physical, as they typically are on AP / router devices or virtual, as is normal on client devices.

More Wireless

Amazon Top-Selling Wireless Routers

Top Performing Routers

AC2350
AC1900
AC1750
AC1200
N600

Top Performing NASes

1 drive
2 drives
4 drives
6 drives
8 drives

Over In The Forums

  • Asus RT-87R 5ghz is... "unstable" at best

    Speeds are fine, everything acts fine, i can download things and it will never "disconnect" but streaming video? just stops out of nowhere, online...

  • Reboot after power loss

    I have noticed that my RT N66U does not reboot when lost power is restored. I have my phones on the router and this is not a good thing. Is there...

  • DDNS problem Alpha build2

    I have problem to get DDNS working, something happen with GUI and it's impossible to save any settings.Yepp I have reset nvram and configured by...

  • Netgear R7500 Firmware V1.0.0.76 Released

    Netgear released a significant firmware update for the R7500.This adds new features and fixed some of the performance issues some experienced.The...

  • Strange issue: UPNP and IPv6

    The short story...I had no issues with IPv6 until I swapped my Comcast rented SB6120 for a Technicolor TC8305C gateway.I did this to remove an old...