WPA2-Personal is vulnerable to a standard dictionary attack using a captured successful “4-way handshake”. Recently, it was demonstrated that a similar dictionary style attack can be done with a captured Pairwise Master Key Identifier (PMKID) instead of a successful 4-way handshake (see: https://hashcat.net/forum/thread-7717.html). Public visibility of a PMKID is by design and is not considered a security risk/flaw in the protocol. The availability of the PMKID does not significantly affect the effort needed to perform the dictionary attack.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.