As the name implies, WiFi Protected Setup is supposed to be a secure alternative to UPnP for connecting devices to the WiFi router.
WPS is easily hacked, allowing connections to the WiFi router. Even if turned off, however, some WiFi routers will leave the service running anyway. It bypasses other security measures configured into the router, such as WPA / AES encryption, and more. It’s tantamount to a backdoor with a weak lock.
WPS is easily hacked. Vendors added some safety features to make it harder to hack (locking out suspected hacker devices), but hackers quickly figured out ways around this too. This is yet another example of providing ease-of-use at the cost of security.
As shown in the screen above, WPS uses an 8-digit PIN as the shared identifier for the device to use to authenticate itself. It authenticates it by first checking the first 4 digits. Once the device gets those right, it checks the second 4 digits. This means hackers don’t have millions of possible numbers to try, they really only have tens of thousands.
While a number of users consider turning WPS off as a security precaution (it’s really only saving a minute or two of manual configuration time), a WiFi router may actually leave the service on even after you turn it off through the administrative console.