WPA3 SAE vs WPA2-PSK — Recovery Comparison
TL;DR — WPA3-Personal replaced PSK (Pre-Shared Key) with SAE (Simultaneous Authentication of Equals, sometimes called Dragonfly). The critical difference: WPA2 captured handshakes leak material that enables offline password attacks. WPA3 handshakes do not. This makes WPA3 networks fundamentally resistant to the recovery techniques that work against WPA2.
How WPA2-PSK leaks information
WPA2-Personal uses a Pre-Shared Key derived from password+SSID via PBKDF2. During the 4-way handshake, both parties prove knowledge of the PMK by exchanging messages that include encrypted material. An eavesdropper who captures the handshake can verify candidate passwords offline by computing PMK = PBKDF2(password, SSID), running the handshake math, and checking if outputs match.
This is what makes WPA2 vulnerable to offline dictionary and brute-force attacks once a handshake is captured. The cryptography is sound; the protocol design accidentally enables offline verification.
How WPA3 SAE prevents this
SAE is a Password-Authenticated Key Exchange (PAKE) protocol. Both parties derive a shared secret from the password using elliptic curve operations that don't leak password material to passive observers.
Critically: a captured SAE handshake does not contain enough information to verify candidate passwords offline. Each verification attempt requires an active interaction with the AP — and the AP can rate-limit or refuse repeated attempts.
This shifts the attack from offline (unlimited compute, no rate limit) to online (network round-trip per attempt, AP can block). Online attacks against WPA3 are limited by network speed and AP cooperation, making brute force practically infeasible.
What recovery looks like for WPA3
If you forget your own WPA3 network password, captured-handshake recovery doesn't apply. Your options are: (1) reset router to factory defaults and reconfigure (printed default password on router label); (2) access router admin interface from a wired connection or a still-connected device; (3) check device-stored saved networks (Windows wifi profiles, macOS Keychain, iOS settings).
Recovery services that work against WPA2 typically can't help with pure WPA3 networks. The protocol design eliminates the technique.
Mixed WPA2/WPA3 networks
Most consumer routers in 2026 still run WPA2/WPA3 transition mode (advertising both PSK and SAE). Clients that support WPA3 use SAE; older clients fall back to WPA2-PSK. The same password is shared across both modes.
If a transition-mode network has any WPA2 client capable of producing a handshake, the WPA2 path can be attacked offline using the same password. So mixed networks aren't fully WPA3-protected — they're as weak as the weakest enabled mode.
WPA3 attack surface in 2026
Academic research has identified some implementation weaknesses in early WPA3 (Dragonblood attacks, side-channel leaks in early SAE implementations). Modern firmware fixes these. The protocol itself remains sound for password recovery resistance.
For owners: if you want recovery resistance for your own network, run WPA3-only mode if all your devices support it. Disable WPA2 fallback. This makes captured-handshake recovery infeasible.
Frequently Asked Questions
Can hashcat crack WPA3?
Is my home network WPA2 or WPA3?
If I forgot my WPA3 password, can I still get back in?
Is WPA3 safe against quantum computers?
Why don't all networks use WPA3?
Related references
Have a handshake to recover?
Upload your .hc22000 (or .pcap/.cap/.hccapx and we'll convert) for a free analysis. Pay only if recovery succeeds.
Run a free WPA analysis