Need that breakdown here somewhere - Wireless - GL.iNet Router Docs 4
What is best?
This right? Default was not WPA3-SAE
WPA2 and WPA3 are both fine.
WPA3 is currently the newest and most secure protocol.
If your device supports it, use it.
YES.
GL firmware supports WPA3-SAE which you can configure. But in mind of the best compatibility and relative security, default is WPA2-PSK, since some (few) of IoT devices or old WiFi clients supported only up to WPA2.
How do I know if the device doesn't support it?
It won't connect to the wifi? That it?
Yup, exactly.
Both are fine, also there isn't really a winner between wpa3 and wpa2 imo.
Wpa2 may suffer from krack, and kr00k, but wpa3 can suffer from dragonblood.
I won't worry to much about these vulns, openwrt is well aware of them and megitate most of these issues.
One of them is limiting the amount of eapol frames.
The other one is having hostapd on pecking or not pecking anyway it uses the correct setting so it is not vulnerable.
The only issue are evil twins which is probably is also soon not a issue hostapd is adding options for ssid_protection 