Generate a WPA PSK (pre-shared key)

Security in pre-shared key mode

Pre-shared key mode (PSK, also known as personal mode) is designed for home and small office networks that cannot afford the cost and complexity of an 802.1X authentication server. Each user must enter a passphrase to access the network. The passphrase may be from 8 to 63 ASCII characters or 64 hexadecimal digits (256 bits). If you choose to use the ASCII characters, a hash function reduces it from 504 bits (63 characters * 8 bits/character) to 256 bits (using also the SSID). The passphrase may be stored on the user's computer at their discretion under most operating systems to avoid re-entry. The passphrase must remain stored in the Wi-Fi access point.

Security is strengthened by employing a PBKDF2 key derivation function. However, the weak passphrases users typically employ are vulnerable to password cracking attack. The threat of password cracking can be mitigated by using a passphrase of at least 5 Diceware words or 14 completely random letters with WPA and WPA2.

Maximum WPA-PSK protection (256 bit) requires a key consisting of 54 random letters or 39 random ascii characters.

Source: http://en.wikipedia.org/wiki/Wi-Fi_Protected_Access

Source

This tool was made possible by the Linux WPA Supplicant Project: http://hostap.epitest.fi/wpa_supplicant/. The wpa_passphrase command line tool is available here.

Another good reference of passphrase->key source code is coWPAtty (WPA-PSK cracker): http://sourceforge.net/projects/cowpatty

Related