To the knowledge base

What is OWE (Opportunistic Wireless Encryption)?

OWE is a technology that allows wireless devices to establish encrypted connections to public Wi-Fi hotspots (for example from cafés, bars or the FRITZ!Box's guest access) even without Wi-Fi access information.

Without OWE, Wi-Fi connections to public Wi-Fi hotspots are established without encryption. This way, there is a risk that data could be read or manipulated by unauthorized persons unless the data is additionally encrypted via HTTPS or VPN.

With OWE, Wi-Fi connections to public Wi-Fi hotspots are automatically encrypted by the wireless device and access point. In this case, the devices negotiate a unique session key (PMK, Pairwise Master Key) that can only be used once. This session key is used instead of a network key to encrypt the Wi-Fi connection with WPA2 (CCMP).

Non-encrypted Wi-Fi connections and Wi-Fi connections encrypted with OWE can be established to the FRITZ!Box's public Wi-Fi hotspot at the same time. This means that wireless devices that do not support OWE can still establish non-encrypted connections to the Wi-Fi hotspot without using Wi-Fi access information.

Requirements for OWE

The wireless access point and wireless device must support OWE. OWE is sometimes referred to as "Wi-Fi Certified Enhanced Open" and is supported by:

  • Mobile devices with Android 10 or later.
  • Mobile devices with Android Apple iOS 16, iPadOS 16.1, or macOS 13 or later.
  • Computers with Windows 10 Version 2004 or later and a wireless adapter that supports OWE (for example INTEL AX200)

When setting up a public Wi-Fi hotspot, OWE is enabled in the FRITZ!Box by default. If you disabled OWE, you can re-enable it by selecting the option "Allow encrypted data transfer in a public hotspot (OWE)" under "Wi-Fi > Guest Access > Additional Settings".

The FRITZ!Box marks OWE connections in the Mesh Overview with a lock icon .