How to Crack WPA PSK and WPA2 PSK 19 HOW TO CraCK Wpa psK anD Wpa2 psK Since WPA and WPA2 share the same key generation mechanism, the same attack on password selection works on both. When coWPAtty was first altered to add support for WPA2, it was only a few lines of code in the parser that needed to be changed; the rest of the code was fine as it was. The ability to crack a WPA key is based on two things: the quality and size of the dictionary used and the amount of time an attacker is willing to invest. If the passphrase used is not in the dictionary supplied to coWPAtty, there is no chance of recovering the key. However, if you use a huge dictionary or try to do an exhaustive search, you'll be sitting there somewhere on this side of forever waiting. Depending on your intentions, on a professional audit it may be easier and more feasible to simply ask for the passphrase and ensure it would not be in a dictionary likely to be used by an attacker. In the situation of a penetration test or an actual attack, manually testing the hashes is the next option. Your best expectation is to audit a network and make sure that the password is not (or is, depending on your intentions) in any reasonable-size dictionary available to an attacker.