Just rolled out to my home network; also known as WPA2-EAP or 802.1x EAP, it’s the last “unhackable” wireless encryption protocol. The encryption key is handled by the access point (ultimately the RADIUS server) and the client device therefore there is no key to be compromised or changed regularly. Authentication is handled by the users credentials on the RADIUS (read Active Directory) server. Want to lock out a user? No problem; just disable their AD account.
As my wireless network just sits at the same physical address for years on-end, this prevents me from being brute-force attacked by a tech-savvy neighbor.