Wireless Protected Setup (WPS) was introduced in 2006 to help users without wireless knowledge to have secure networks. The idea was that their Wi-Fi device would have a single hidden hardcoded value that would allow access with key memorization. New devices would be authenticated through a button press on the Wi-Fi router. Individuals outside the house without access to the device would not be able to have access, thus reducing the issues surrounding remembering WPA keys or setting short ones.

In late 2011, a security vulnerability was disclosed enabling brute force attacks on the WPS authentication system. The traffic required to negotiate a WPS exchange was spoofable, and the WPS pin itself is only eight characters between 0-9. To start with, this provides only 100,000,000 possibilities in comparison with an eight character azAZ09 password having 218,340,105,584,896 combinations.

However, there are further vulnerabilities: