Wi-Fi Password Sharing Potential Risks
First introduced in Windows 8.1 phones, Wi-Fi Sense is now integrated into the Windows 10 desktop. This controversial feature allows you to share Wi-Fi access with your Outlook.com, Skype or Facebook friends, so they can automatically connect to selected networks. Likewise, you can automatically connect to networks shared by your friends as soon as you come into range of them.
Microsoft touts Wi-Fi Sense as a security feature, as you no longer need to manually hand over your password to house guests for them to access your network. Even once connected, users who connect via this shared system won’t have your password, because it’s instead encrypted on Microsoft servers. They have access to the Internet but not to any network resources. And to Microsoft’s credit, Windows 10 prevents users who connect to your network through Wi-Fi Sense from sharing the network with other friends, unless you also give them the password.
Although all that sounds good so far, this feature has several potential problems:
- You do hand over your password to Microsoft, and even if you trust Microsoft, the more people that know your password, the less secure your network. If a rogue employee or hacker gets access to your password, then there’s potential for a vast network of people to have automatic access to your wireless network.
- The system requires a great deal of trust that the Wi-Fi Sense security measures are unbeatable, which is a big leap of faith. For example, even if your network password is hidden from friends, their computer must still know the security key to have access; with that information, it’s at least theoretically possible to hack the system to acquire the password. Sure, you trust your closest friends, but do you trust all your online friends? Remember, you can’t selectively share access on a friend basis, only on a source basis. For instance, you share with all your Facebook friends or none at all. Additionally, someone with shared access could theoretically override the Internet-only access to infiltrate your own networked computers.
- If you give or previously gave friends your network password, you are at their mercy. If they share your network access, then it’s open to their entire network of friends. Disabling sharing on your end won’t prevent this, however, so Microsoft implemented a rudimentary fix: Add “_optout” to your wireless network’s SSID, and supposedly, it cannot be shared via Wi-Fi Sense. As an example, your “MyNetwork” name would then become “MyNetwork_optout” to prevent sharing.
- You might not want to automatically connect to any hotspot your friends are sharing. Imagine someone setting up a network honeypot to which your friend connects. Unbeknownst to you, you connect to that network without knowing it’s an untrusted source. You access online banking and the honeypot provider performs a man-in-the-middle attack to spoof your banking website and acquire your login credentials. It all goes downhill from there.
- Hackers might friend you on social networks simply to get access to your network to perform nefarious deeds for which you become liable.
If any of that sounds scary, disable Wi-Fi Sense sharing in Windows 10 and consider disabling automatic connections to open hotspots or shared networks.
Disabling Wi-Fi Sense Sharing
1. Click the Start button and select Settings.
2. Click Network & Internet from the Settings window.
3. Click the Wi-Fi tab and select Manage Wi-Fi Settings under the list of networks.
4. Move both Connect to… sliders to the Off position to disable sharing entirely. This also prevents you from connecting to open hotspots and shared networks.
Alternatively, if you want access to open or shared networks, move the appropriate slider to the On position. If Connect to Networks Shared by My Contacts is enabled, the option to share your own networks appears. Uncheck any source of friends with whom you do not want to share your networks: