The WPS protocol relies on an eight-digit personal identification number (PIN) to enable user authentication on the network. The protocol further relies on a session of eight Extensible Authentication Protocol (EAP) messages that are followed by a final message that identifies the success of the session. WPS automatically configures the network name (SSID) and WPA security key for the WPS-enabled access point and client. The advantage is that a user does not need to know the SSID, passcode or security key. Routers with WPS enabled will have an eight-digit PIN usually printed on their case, with portable mobile Wi-Fi devices such as 3G or 4G Wi-Fi routers this is often the last eight digits of the IMEI number. Devices such as printers or some game consoles will have their own 8-digit PIN which they present for entry into the Wi-Fi admin console. The technical architecture of WPS is defined by three device types able to access the network. These are: A registrar – the device that has the authority to issue or revoke credentials on the network. (Wi-Fi Alliance 2006) Although the registrar may be separate from the access point (e.g. the router), it is usually located inside the router. The subscriber – the device that searches to join the wireless network. Access point (AP): the device that can function as a proxy between the registrant and the registrar. There are broadly four methods that enable network access via Wi-Fi Protected Setup (WPS): Push Button Configuration (PBC): With this method, there is either a virtual/software or physical button through which a user can connect multiple devices by pressing the button...... middle of paper ...... A WPS attack is in progress. An example of this is a product known as Kismet-SVN which detects and alerts when an excessive number of WPS requests are made. A screenshot of Kismet is shown in Appendix A, Image 3.5) Purchase/Use a router that does not have WPS or can be successfully patched. As the saying goes, “Prevention is the best medicine.” Although many enterprise-level routers do not include WPS, these can be expensive and difficult for users with limited technical capabilities to configure. Therefore, the recommendations for those who want to ensure maximum security are to purchase a SOHO router without WPS. For those who already have a router in place, they should check via the openly available list that is regularly updated titled “Devices Vulnerable to WPS Flaws” (Jagermo, 2012) to ensure that the router they have can be patched to mitigate vulnerabilities..