Complete Guide – What does the WPS Button Do? (2023)

You might’ve seen the WPS button on your wireless router when you’re trying to get the internet to work. However, have you stopped to wonder; what on earth does that strange button do?

Well, you’re in luck, because in this article, we’re going to cover the ins-and-outs of WPS technology, what it does, and much more.

What is WPS?

WPS stands for Wi-Fi Protected Setup and it’s a feature that automatically deploys WPA/WPA 2 security configurations for home, small business environments with either a click of the WPS button (PBC – Push Button Configuration) located on the Wireless Access Point/Wireless Router/Wireless Modem, NFC or through a 8 digit PIN number.

This makes securing Wi-Fi networks easier as users won’t have to go through complex procedures to do so.

The most common way to deploy WPS is through the Push Button Configuration (PBC). This method has been adopted by most routers and router manufacturers.

How does WPS work?

WPS has 3 fundamental components that are as follows:

• Access Point: The Access Point (AP) is essentially your Wireless Modem or Wireless Router.

• Enrollee: An Enrollee is a new device seeking to join the wireless network. Once an Enrollee obtains valid credentials, it can gain access and become a member of a wireless network.

• Registrar: A Registrar would issue or revoke credentials to the Enrollee, to enable or disable them to join the wireless network. The Registrar is usually integrated into the Access Point (AP).

Diagram – Setting Up WPS

How do you set up WPS?

To set up WPS, you’ll need to:

1. Press the WPS button on both the Enrollee (End Device) and the Registrar (AP) within 2 minutes of each other to initiate the WPS Registration and Negotiation process.
   
   The time interval is called the Walk Time. Usually, the button will present itself as a physical button on your router or modem.
   
   If your router comes directly from your Internet Service Provider (ISP), you should be done with this process providing that your modem or router supports the WPS button, but if you don’t have the button on your modem, carry on with the steps below.

2. If you don’t have the WPS button on your modem or router, or if your WPS connection fails, you’ll need to log into the Graphical User Interface (GUI) of the AP to trigger the WPS enrollment process.

3. You’ll then need to monitor the WPS end device (Enrollee) to check for a successful completion or error. There should be a relatively clear indication as to whether it succeeds of fails based on the state of the LED.

   How To Set Up WPS With a PIN Number?

   Now, you can also set up WPS with a PIN number if you do not have a WPS button. Now, the maximum length of the PIN is 8 digits long; however, you can choose to use a shorter PIN, but we don’t recommend it as this compromises your security as the numerical permutations decrease.

   In WPS PIN Mode, the PIN must be configured manually on both Enrollee and Registrar devices. For example, if you want to connect your wireless printer to your wireless modem, you’ll need to set up the standard 8-digit PIN on the wireless modem and then set up the same 8 digits on your wireless printer.

What is WPS Registration Protocol?

WPS Registration Protocol is to troubleshoot basic Wi-Fi connection issues with the wireless channel.

This is done via establishing roles for all the devices involved: the AP, Enrollee, and Registrar. This enables the conveying of wireless settings and other configurations from the Registrar to the Enrollee in a secure way. The WPS Registration Protocol also establishes an Extended Master Session Key that is used to secure application-specific functions where applicable. Examples include, but are not limited to: smart homes, IoT devices etc.

How does the WPS Registration Protocol work?

WPS Registration Protocol works as follows:

First Phase

The first phase exchanges public keys and information about the Enrollee and Registrar, which enables presence discovery. During this phase, the Enrollee may be communicating with more than one AP/Registrar, as it gets to know its surrounding Wi-Fi networks. At this stage, the user is able to choose an AP.

Second Phase

The second phase is the phase where authentication and credential provisioning are completed. This establishes mutual authentication based on the Enrollee’s device password. If there are other external APs or Registrars present, your router or modem will communicate with both the Enrollee and External Registrar/APs during this phase to make sure that the Registration Protocol results in Wi-Fi credentials being delivered to the Enrollee.

How many modes run in WPS Registration Protocol?

WPS Registration Protocol can run on In-Band Configuration Mode and on Out-of-Band Configuration Mode, or perhaps a combination of both.

In-Band Configuration Mode

If the WPS Registration Protocol runs on In-Band Configuration Mode, a Diffie-Hellman WPS key exchange is performed to confirm that the Enrollee knows the password. This comes in the form of a device password.

The password can be derived from manual user input, certain NFC devices or USB flash drives. This is designed to protect against passive eavesdropping attacks, and also to protect against active or brute force attacks.

Out-of-band configuration mode

When the WPS Registration Protocol uses Out-of-Band Configuration Mode, there are 3 options that are specified by WPS, which are:

• Unencrypted Settings: Unencrypted settings that are stored on external media like NFC devices and USB Flash Drives. This is pretty vulnerable to any unauthorized external parties that may have obtained the device.

• Encrypted Settings: This is derived from the Diffie-Hellman public key of the Enrollee that was first obtained over the In-Band Channel with the Registrar. This enables the settings to be encrypted for the specific Enrollee.

• NFC Devices in Peer-to-Peer Mode: NFC transactions are protected by AES-128 encryption, and using a 1526-bit Diffie-Hellman key exchange to essentially exchange the encryption keys between the Enrollee and Registrar.

Is WPS Secure?

WPS is relatively secure, unless you are thinking of using WPS PIN mode (8-digit PIN).

The reason being that its relatively easy to brute force your way in using various tools such as Kali Linux. Successful brute force attacks should net the attacker the WPS PIN as well as the Wi-Fi Password.

The Wi-Fi Pre-Shared Key (PSK) also known as router password, can also be obtained by connecting to the Wi-Fi Network using the WPS PIN. If a successful attack occurs, the attacker can get the network password from there.

Fortunately, most modern-day wireless modems usually come with protection mechanisms, where there is a limited number of times you can input the wrong WPS-PIN before you are locked out.