Home > Products > Network passwords > Wireless Password Recovery > Screenshots > Recovering WPA hashes > Brute-force recovery
Recovering WPA hashes using brute-force recovery
24.06.2019
Reset Windows Password v9.3
Support for Windows 10 1903, Trusted Boot Auto-Logon, Microsoft Edge Dev ...
11.06.2019
New article
DPAPI security flaw in Windows 10
10.06.2019
Windows Password Recovery 11.7
Support for Windows 10 1903, Trusted Boot Auto-Logon, etc.
24.05.2019
Wireless Password Recovery v6.0.1
New GPU engine and automated multi-mode for recovery

Articles and video

You may find it helpful to read our articles on Windows security and password recovery examples. Video section contains a number of movies about our programs in action

Wireless Password Recovery - brute-force recovery


To put it in simple words, brute-force recovery guesses a password by trying all probable variants by given character set. Eg. checking all combination in lower Latin character set, that is 'abcdefghijklmnopqrstuvwxyz'. Brute-force recovery is very slow. For example, once you set lower Latin charset for your brute-force attack, you'll have to look through 208 827 064 576 variants for 8 symbol password. It is rarely used for now because WPA password recovery speed is extremely low compared to other algorithms.

Brute-force recovery

The brute-force attack options consist of two tabs.

The first tab is for setting the range of characters to be searched. You can use the predefined sets or create your own ones. To define your own character set, activate 'Custom charset'. This will enable two fields for defining a custom character set: the first one - for entering ASCII characters, the second one - for entering non-printable characters. The program comes with several custom-defined character sets.

On the second tab, set the minimum and maximum length of the passwords to be searched. Set a starting password is allowed as well.

Don't forget about 8-character limit in WPA-PSK password specification!