WPA3 and Minimum Password Requirements
Modern routers using WPA3 are significantly more resistant to offline dictionary attacks than WPA2. However, the strength of your password still matters. WPA2 is vulnerable to PMKID attacks that allow offline cracking without connecting to your network. A password that's short or dictionary-based can be cracked in hours even against WPA2.
Recommended Wi-Fi Password Characteristics
For Wi-Fi passwords, aim for at least 16 characters of random alphanumeric characters. Special characters are supported by most devices but occasionally cause issues with older hardware. Avoid words, names, or addresses associated with your household. A randomly generated password is essentially immune to dictionary attacks regardless of WPA version.
Guest Network Isolation
Rather than sharing your main network password, set up a guest network for visitors and IoT devices. This isolates potentially vulnerable devices from your main computers while still providing internet access. The guest network should have its own strong password that you can change independently.
Changing Your Router's Default Credentials
The router admin password is separate from your Wi-Fi password and equally important. Routers shipped with default credentials are frequently compromised by automated attacks. Change both the Wi-Fi password and the router admin password during initial setup, and store them in your password manager.
Treat your Wi-Fi password with the same seriousness as your banking password. A randomly generated 16+ character password on a modern WPA3 router effectively prevents network intrusion.