BSides Buffalo 2026: Still Cracking: WPA2 Prevalence and Password Weakness in 2026

In 2021, a CyberArk researcher collected 5,000 network hashes across Tel Aviv using $50 in equipment and cracked over 70% of them via the clientless PMKID attack technique. Five years later, this talk revisits that methodology — this time closer to home. This session presents the results of a real-world WPA2 survey conducted locally in 2026, measuring how prevalent WPA2 remains, how password hygiene has (or hasn’t) improved, and how accessible this attack vector continues to be for any motivated adversary. No live cracking — just honest data, a reproducible methodology, and a candid look at whether the security community has meaningfully moved the needle on wireless security. Attendees will walk away with a clear understanding of the PMKID attack surface, what current data says about password practices in the wild, and actionable guidance for individuals and organizations looking to actually secure their wireless environments.

Join Today
BSides Buffalo 2026: Mapping Internal Networks - The Art of Finding Things
▶︎

BSides Buffalo 2026: Mapping Internal Networks - The Art of Finding Things

BSides Buffalo 2025: Sudo Confidence - Learning Cybersecurity the Hard Way & How AI Makes It Easier
▶︎

BSides Buffalo 2025: Sudo Confidence - Learning Cybersecurity the Hard Way & How AI Makes It Easier

BSides Buffalo 2026: But… Macs Don’t Get Viruses, Right? How to Start Learning macOS / iOS Security
▶︎

BSides Buffalo 2026: But… Macs Don’t Get Viruses, Right? How to Start Learning macOS / iOS Security

BSides Buffalo 2026: Secrets That Survive Everything: Finding Runtime Credentials in Web Apps
▶︎

BSides Buffalo 2026: Secrets That Survive Everything: Finding Runtime Credentials in Web Apps

Android 17 sucks. So I put Linux on a phone.
▶︎

Android 17 sucks. So I put Linux on a phone.

Passkeys Explained: Are They Actually Better Than Passwords?
▶︎

Passkeys Explained: Are They Actually Better Than Passwords?

Why Aliens Would NEVER Invade Africa
▶︎

Why Aliens Would NEVER Invade Africa

MIT Just Revealed the AI Bubble's Fatal Flaw
▶︎

MIT Just Revealed the AI Bubble's Fatal Flaw

I Hacked This Temu Router. What I Found Should Be Illegal.
▶︎

I Hacked This Temu Router. What I Found Should Be Illegal.

God Says:"TAKE THIS MESSAGE SERIOUSLY, BECAUSE ONLY YOU ARE SEEING IT"/God Message Now/God Message
▶︎

God Says:"TAKE THIS MESSAGE SERIOUSLY, BECAUSE ONLY YOU ARE SEEING IT"/God Message Now/God Message

How To Think SO CLEARLY People Assume You're A Genius
▶︎

How To Think SO CLEARLY People Assume You're A Genius

Do VPNs Really Protect Privacy? Data & Cybersecurity Insights
▶︎

Do VPNs Really Protect Privacy? Data & Cybersecurity Insights

Professor Jiang: World War 3 Is About To Begin, Let Me Explain!
▶︎

Professor Jiang: World War 3 Is About To Begin, Let Me Explain!

She Asks if I Know Coldplay and This Singer Shocks The Street
▶︎

She Asks if I Know Coldplay and This Singer Shocks The Street

This Johnny Depp Impression of Donald Trump Had Everyone Laughing
▶︎

This Johnny Depp Impression of Donald Trump Had Everyone Laughing

Young Men in Expensive Cars
▶︎

Young Men in Expensive Cars

TV ART SLIDESHOW 24/7 | Vintage Floral Gallery 🌼4K Framed Art Screensaver for Living Room
▶︎

TV ART SLIDESHOW 24/7 | Vintage Floral Gallery 🌼4K Framed Art Screensaver for Living Room

How US Air Force B 52 Pilot Performed an Emergency Takeoff at Full Speed
▶︎

How US Air Force B 52 Pilot Performed an Emergency Takeoff at Full Speed

People Who Messed With The Royal Guard and Regretted It!
▶︎

People Who Messed With The Royal Guard and Regretted It!

LAWYER: If Cops Say "I Smell Alcohol" - Say THESE WORDS
▶︎

LAWYER: If Cops Say "I Smell Alcohol" - Say THESE WORDS