The WPA Key is basically the passphrase or password used to connect to an encrypted wireless network employing a WiFi protected access (WPA or WPA2) protocol. On the other hand, WiFi protected access is a certification software specifically developed by the WiFi Alliance to indicate the compliance of WiFi service providers to the organization's high standards for wireless computer network security. The two WPA protocol types were devised as an answer to a number of critical vulnerabilities that security researchers had previously found in the earlier and outdated wired equivalent privacy (WEP) system.
In short, WPA and WPA2 are simply new and improved versions of the buggy and frequently abused WEP policy. As for the key itself, its features and attributes are resolved by the system utilizing it; i.e., some systems are designed to require keys in one format, while other systems necessitate another format. Moreover, the term also refers to WPA WiFi encryption password protection wherein all the clients and both the wireless access points (AP) share the same designated key.
Depending on the given requirements, you may need to create a password like "hart69i" for services requiring six alphanumeric characters in lower case, a nonsensical word-salad passhphrase like "Ham green sleep is wood," or a hexadecimal string like "1EEE 2286 655E 4E56". These necessities are implemented by all systems engaged in the cryptographic procedures utilized to secure the traffic between two parties. As in all instances of cryptographic systems depending on one or several keys to maintain privacy and confidentiality, the key or keys deployed should be sufficiently hard to crack open or attack.
One specific cyber assault that's commonly used against WPA Keys is the brute force key space search attack. Fortunately, a sufficiently long and randomly chosen WPA Key is enough to survive against any realistic brute force attack even when considering the amount of computing power that the average attacker has. In turn, a state-funded hacker with unlimited sources could still get through such long strings of passwords or passphrases, but more often not, implementing sufficient WPA Key password strength is less strenuous on the resources of a company than increasing the computing power of a brute force attack on the hacker's part.
Inevitably, pre-shared keys come with the "double jeopardy" risk of being compromised on one end without the knowledge of the other party simply because it's needed by both parties in order to secure the communication. Luckily, there are a number of programs available to help users make the right decisions when it comes to choosing passwords (although doing so over a WiFi network connection is innately hazardous as a person cannot know who, if anyone, may be spying on him and another party during an exchange).