WiFi Protected Access (WPA) improves over the much weaker Wired Equivalent Privacy (WEP). Of the two versions, WPA2 is much stronger.
WPA improves on WEP in many respects. Instead of using the same pre-shared key throughout a session, WPA uses a rotating temporal key - implemented through Temporal Key Integrity Protocol (TKIP). Also, WPA's Message Integrity Check (MIC), provides stronger data validation than WEP's CRC-32 integrity check. However, for backward compatiblity with legacy hardware, WPA (version 1) maintains the use of the cryptographically weak RC4 stream cipher.
WPA2 strengthens all cryptographic standards in relation to WPA. Most notably, WPA2 allows for the implementation of block ciphers such as AES. WPA2 improves over WPA's TKIP by employing the stronger Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP). CCMP addresses some known vulnerabilities with TKIP, and it is considered practically secure when used with sufficiently lengthy keys. The overhead of WPA2's block ciphers as compared to RC4 requires implementation in hardware. Most recent WiFi equipment supports WPA2, however, so WPA2 should be preferred to WAP or WEP, reserving the earlier standards for legacy equipment, and then only when security requirements are not critical.
With respect to authentication, both WPA and WPA2 support 802.1X and related protocols. WPA2 implements the full IEEE 802.11i security standard. WPA implements a subset of this standard.
References:
http://documentation.netgear.com/reference/fra/wireless/WirelessNetworkingBasics-3-14.html