In pre-shared key mode, a passphrase should be at least ________ characters long?

In pre-shared key mode, the security of the wireless link hinges on the entropy of the passphrase used to derive the PSK. The passphrase is processed by a key-derivation function to produce the 256-bit PSK that protects the handshake. An attacker who captures a handshake can perform offline guesses against that PSK, so longer, high-entropy passphrases dramatically increase the effort required to crack it. Eight-character passphrases are easy to brute-force or guess from wordlists, while a longer passphrase dramatically expands the search space. Twenty characters strikes a practical balance, providing substantially more security than an 8-character passphrase without requiring an excessively long input. Therefore, twenty characters is the recommended minimum.