The security of WPA2 PSK-protected networks depends mainly on the complexity of the chosen PSK itself. Most attacks with the goal of getting unauthorized access to a WPA2 PSK WIFI network somehow do Offline Wordlist or Brute-Force attacks to retrieve the key either from a Handshake or PMKID. We at r-tec recommend companies to not use WPA2 PSK - even when a strong/complex PSK is chosen. On the one hand side, a complex PSK can easily be phished over Evil-Twin attacks.
WIFI Credential Dumping - Techniques to retrieve the PSK from a workstation post-compromise
This blog post was written and published on my employer’s website, where it can be found here: