The new Windows 10 is being released for free, and many people are jumping onboard. However, it appears that a certain feature of the new version of the popular OS could potentially share your WiFi password with all of your contacts. The feature – WiFi Sense – is designed to help your friends connect to the net – basically if you store a WiFi password in your computer, it will be shared with your contacts so they can connect to the internet while visiting your house. And if any of your friends have connected to and saved a WiFi password somewhere–say, the local coffee shop–you will be able to connect to that network as well. It seems nice in practice, but there could potentially be some downsides to this features.
Although Microsoft claims that these passwords will be encrypted before being shared, and will be stored on Microsoft’s centralized secure servers, we know from past experience that where there’s a will there’s a way. If a password is stored on a computer, a determined hacker could indeed find the password and manage to extract it. Although not easy, it is certainly in the realm of possibility.
Users can opt out of this feature, and you will be asked with each WiFi password if you would like to share it with your friends and contacts.
Another potential security hazard with this feature is the fact that office and business network passwords may be shared, and adept hackers could potentially gain access to the network and wreak havoc.
Krebsonsecurity.com points out that people also seem to use the same password for everything, even though it’s widely frowned upon. This means that hackers could potentially gain access to your bank and email passwords if they are the same. (We highly recommend the use of LastPass in order to ensure that you can easily use and remember different and complex passwords for all of your internet accounts.
Although there are potential pitfalls with this new Windows feature, ARS Technica seems to be less concerned about it. They ask the question of how sacred your WiFi password is anyway, and people share these freely for the most part. Users should be smart enough not to share business network passwords with friends anyway. However, we all know that people make mistakes and hackers are insidious.
If people don’t want their network to be shared via WiFi Sense, they must add “_optout” to their network ID. So if the network was named “CoffeeBar” you would have to rename it to “CoffeeBar_optout”. This prevents people connecting with WiFi Sense enabled computers and devices from sharing the password with the service.
Although there seems to be a bit of a kerfuffle over the new feature, we are sure it will become part of common use in most computers and devices. It’s easy enough to opt out or turn it off. However, people should definitely be aware of the risks involved and be aware that it could potentially be a hazard.