Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
So is it visible in keychain if you do it this way or is it hidden like a password provided by a profile would be?
 
I change my password a few times a year, and this will work awesome for me, so when my Son comes to visit from school or friends and family visit, I can just grant them access as opposed to trying to remember it and then typing it in on x amount of devices that come with them.

If my Brother visits with his family(of 4), that's at least 10 devices that I'm gonna get hit up for the WiFi password. Great solution.
 
  • Like
Reactions: s1m
Glad you're not in my 'server room fixing my tubes' if you are truly involved in corporate IT. Setting up an AP in your friends coffee shop doesn't count and neither does fixing your parents router.
A hundred times this. I have to deal with people like this all day in 'IT departments'
 
I change my password a few times a year, and this will work awesome for me, so when my Son comes to visit from school or friends and family visit, I can just grant them access as opposed to trying to remember it and then typing it in on x amount of devices that come with them.

If my Brother visits with his family(of 4), that's at least 10 devices that I'm gonna get hit up for the WiFi password. Great solution.

This is exactly the situation I see this being useful for. If I update/change the WiFi password at home I have to change passwords on three iPhones and three to four iPads - that is excluding family who visit.

In terms of security breach, generally wouldn't people need physical access to your home to access your WiFi? My signal is not that strong outside the walls of the house. So if a nefarious person has access to connect to my wifi they are in my house which is a bigger security concern than access to my WiFi...
 
  • Like
Reactions: Vin2015
This is not secure at all. For example, if the person has activated iCloud Keychain, the Wifi password may be synced to a Mac where it can simply be viewed in Keychain Access.
Yup.
I was an early commenter on the 9-5 site story and had the exact same concern. Folks that type their p/w into another partie's Apple device probably have no clue that the WiFi Keychain is accessible and readable on the Mac.

Security-wise, I think this is a very bad feature, a close second to Windows IIRC abandoned automatic crowd sourced WiFi network p/w sharing scheme.

If Apple proceeds, they need to warn the sharing party that their p/w can be exposed via the Mac WiFi Keychain route. Otherwise they do a tremendous disservice to their customer's security.

Hopefully they realize this and there is some elegant unexplained solution they have impleme
 
What about only allowing devices with same Apple ID (can be checked in the similar way) to share password? I mean, two devices surely can exchange data in close proximity. If both device do not have same ID, can’t share.
 
Security-wise, I think this is a very bad feature, a close second to Windows IIRC abandoned automatic crowd sourced WiFi network p/w sharing scheme.
I don't disagree, but there are certainly scenarios where this might be useful (i.e. to quickly share the password for a public Wifi, or even between your own devices if you don't want to use iCloud Keychain).
If Apple proceeds, they need to warn the sharing party that their p/w can be exposed via the Mac WiFi Keychain route. Otherwise they do a tremendous disservice to their customer's security.
Just to be clear, the fundamental problem is not that you can view passwords in Keychain Access on a Mac. If you share a password with someone in a form that they can actually use it, they obviously have to be able to access it in some way, and thus they can also find ways to view it and share it. As someone else wrote, at best the password can be obfuscated on the receiver's device, but that is not real security. Even if Keychain Access didn't exist, there are other ways to extract a password that is stored on your own device (e.g. from an encrypted iTunes backup). If you don't want someone to be able to view and share your password, don't share it with them in the first place, be it manually or through some fancy sync feature.
 
Last edited:
The first thing my friend said: "So as long as I have access to your phone I can get your wi.." and I said: "if you have access to my phone, you basically have access to keychain, that's why I don't give people my phone until Apple puts a guest account in iOS"
 
The first thing my friend said: "So as long as I have access to your phone I can get your wi.." and I said: "if you have access to my phone, you basically have access to keychain, that's why I don't give people my phone until Apple puts a guest account in iOS"
I triple click home and use guided access if handing someone my phone to see something.
 
So is it visible in keychain if you do it this way or is it hidden like a password provided by a profile would be?
This, to me, is the big question. Otherwise it just saves a bit of time but has minimal security impact (other than allowing you to use complex passwords without having to worry about needing to enter them.
 
I triple click home and use guided access if handing someone my phone to see something.
So, how do you give the photos app to someone who should just see a handful of pictures from one album, with guided access they have access to every album, actually .. all videos, memories, face recognition album, etc.

With a guest account, you can move from main account an album into guest, and they can view it in a limited setup. While still being able to take new pictures, browse the web, etc.. without using your cookies, or requiring you to turn off, and then turn on guided access for each app.

An iPad at home can be used by kids, why not have a guest account that's limited, so you can give the kids access to switch between games, or start them on their own, wihtout ruining your 3 year old game you worked so hard on, .. or accidentally remove all your calendar, notes, or pages documents, etc.

parental control also means, you're controlling yourself.

coming home from work, and switching to Your personal browsing habbits, your private conversations and all that, super handy, and exactly what the boss AND YOU want.. no need to leave an ipad on the ceo their desk who's contract grants them access to your work ipad data, .. only to go through your personal stuff just because it's there.

guided access does nothing in this case.
[doublepost=1496884509][/doublepost]
This, to me, is the big question. Otherwise it just saves a bit of time but has minimal security impact (other than allowing you to use complex passwords without having to worry about needing to enter them.
I haven't had 2 devices on iOS11 yet, because i rather want a 100% guarantee SOS emergency works just fine (and i dont want to find out after the fact haha)
 
How about they actually make "Forget this Network?" last permanently, like it should? :D
What do you mean ‘permanently’? People tend to use this feature when something changes/goes wrong their their Network Configuration. It works exactly like it should.
[doublepost=1496885038][/doublepost]
No thanks,the people that need my wifi password already know it. What's wrong with just write it on a piece of paper,or type it on their devices myself,as I usually do? I don't want my password spread to whoever want it.
Then don’t share it with whoever wants it :D. This is more secure than writing it on a piece of paper because that person doesn’t actually see the password.
If that person gives the paper to someone else, that’s your problem.
 
I wonder how this would work at a large conference (thousands of people). I'd quickly get annoyed if my iPhone were to offer to share the password every time someone new turned up.
 
I wonder how this would work at a large conference (thousands of people). I'd quickly get annoyed if my iPhone were to offer to share the password every time someone new turned up.
My 5s is on ios 11, do only one device at the moment to test. But I have to believe Apple has some controls around this feature. But in the end it's no different than telling someone the password.
 
My 5s is on ios 11, do only one device at the moment to test. But I have to believe Apple has some controls around this feature. But in the end it's no different than telling someone the password.
I'm also unable to test it, but the original article implies that the "joining" phone will automatically "ask" for the password without any user intervention. That's different from actually choosing to ask.

But you're probably right about Apple having some sort of conditions around it.
 
I wonder how this would work at a large conference (thousands of people). I'd quickly get annoyed if my iPhone were to offer to share the password every time someone new turned up.
It would only be an issue if you were standing by the entrance and yours was the first phone the attendees' phones see, otherwise it'd just pick some other random person's phone.

You can kill the option by turning bluetooth off I guess.
 
This reminds me of Windows 10 Wi-Fi sharing. Good addition to iOS 11..

Since this is done while holding it in close proximity, i'm gonna guess its done by Bluetooth
 
Last edited:
People apparently don't comprehend very well. If a iPhone request a password from another device, the owner of the other device must approve of sending the password.
 
People apparently don't comprehend very well. If a iPhone request a password from another device, the owner of the other device must approve of sending the password.

If you "trust" a device, why should there be approval?... If u must prompt the user to allow or not, u are also not trusting it in the first place, because of the prompt, there is concern etc.. "trust" would imply trusting 2 factor verification based website like Gmail account for 30 days.. And for 30 days u will not need to enter a verify.
 
If you "trust" a device, why should there be approval?... If u must prompt the user to allow or not, u are also not trusting it in the first place, because of the prompt, there is concern etc.. "trust" would imply trusting 2 factor verification based website like Gmail account for 30 days.. And for 30 days u will not need to enter a verify.
What? There is no trust. You're at home preparing for guests. People turn up and want to connect to your guest WiFi. Instead of telling them the password (or taking their phone and typing it in for them) you now enable bluetooth and wave your phone near theirs and wait for your phone to prompt you to send the password.
 
Even production releases can wig out your device. Not as likely, but it still can.
Difference is if a production release wigs out your device in renders it in operable and you're still under warranty Apple will swap it. If they are able to discern that you're using beta software you signed off that you get nothing therefore they be completely within their rights to tell you to kick rocks. They'll tell you to dfu it back to the latest public release
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.