What is OWE (Opportunistic Wireless Encryption)?
OWE is a technology that allows wireless devices to establish encrypted connections to public Wi-Fi hotspots (for example from cafés, bars or the FRITZ!Box's guest access) even without Wi-Fi access information.
Without OWE, Wi-Fi connections to public Wi-Fi hotspots are established without encryption. This way, there is a risk that data could be read or manipulated by unauthorized persons unless the data is additionally encrypted via HTTPS or VPN.
With OWE, Wi-Fi connections to public Wi-Fi hotspots are automatically encrypted by the wireless device and access point. In this case, the devices negotiate a unique session key (PMK, Pairwise Master Key) that can only be used once. This session key is used instead of a network key to encrypt the Wi-Fi connection with WPA2 (CCMP).
Non-encrypted Wi-Fi connections and Wi-Fi connections encrypted with OWE can be established to the FRITZ!Box's public Wi-Fi hotspot at the same time. This means that wireless devices that do not support OWE can still establish non-encrypted connections to the Wi-Fi hotspot without using Wi-Fi access information.
The wireless access point and wireless device must support OWE. OWE is sometimes referred to as "Wi-Fi Certified Enhanced Open" and is supported by:
- Mobile devices with Android 10 or later (for example Google Pixel 2 and later, Samsung Galaxy S10). Mobile devices with Apple iOS do not support OWE
- Computers with Windows 10 Version 2004 or later and a wireless adapter that supports OWE (for example INTEL AX200)
When setting up a public Wi-Fi hotspot, OWE is enabled in the FRITZ!Box by default. If you disabled OWE, you can re-enable it by selecting the option "Allow encrypted data transfer in a public hotspot (OWE)" under "Wi-Fi > Guest Access > Additional Settings".
The FRITZ!Box marks OWE connections in the Mesh overview with a lock icon .
AVM Section Navigation