Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
iOS 11 Makes it Easy to Share Your Wi-Fi Password With Nearby Friends
- Thread starter MacRumors
- Start date
- Sort by reaction score
And the relevance of that shouted comment to this thread is ?
I change my password a few times a year, and this will work awesome for me, so when my Son comes to visit from school or friends and family visit, I can just grant them access as opposed to trying to remember it and then typing it in on x amount of devices that come with them.
If my Brother visits with his family(of 4), that's at least 10 devices that I'm gonna get hit up for the WiFi password. Great solution.
If my Brother visits with his family(of 4), that's at least 10 devices that I'm gonna get hit up for the WiFi password. Great solution.
A hundred times this. I have to deal with people like this all day in 'IT departments'
This is exactly the situation I see this being useful for. If I update/change the WiFi password at home I have to change passwords on three iPhones and three to four iPads - that is excluding family who visit.
In terms of security breach, generally wouldn't people need physical access to your home to access your WiFi? My signal is not that strong outside the walls of the house. So if a nefarious person has access to connect to my wifi they are in my house which is a bigger security concern than access to my WiFi...
I was an early commenter on the 9-5 site story and had the exact same concern. Folks that type their p/w into another partie's Apple device probably have no clue that the WiFi Keychain is accessible and readable on the Mac.
Security-wise, I think this is a very bad feature, a close second to Windows IIRC abandoned automatic crowd sourced WiFi network p/w sharing scheme.
If Apple proceeds, they need to warn the sharing party that their p/w can be exposed via the Mac WiFi Keychain route. Otherwise they do a tremendous disservice to their customer's security.
Hopefully they realize this and there is some elegant unexplained solution they have impleme
I don't disagree, but there are certainly scenarios where this might be useful (i.e. to quickly share the password for a public Wifi, or even between your own devices if you don't want to use iCloud Keychain).
Just to be clear, the fundamental problem is not that you can view passwords in Keychain Access on a Mac. If you share a password with someone in a form that they can actually use it, they obviously have to be able to access it in some way, and thus they can also find ways to view it and share it. As someone else wrote, at best the password can be obfuscated on the receiver's device, but that is not real security. Even if Keychain Access didn't exist, there are other ways to extract a password that is stored on your own device (e.g. from an encrypted iTunes backup). If you don't want someone to be able to view and share your password, don't share it with them in the first place, be it manually or through some fancy sync feature.
Last edited:
The first thing my friend said: "So as long as I have access to your phone I can get your wi.." and I said: "if you have access to my phone, you basically have access to keychain, that's why I don't give people my phone until Apple puts a guest account in iOS"
I triple click home and use guided access if handing someone my phone to see something.
This, to me, is the big question. Otherwise it just saves a bit of time but has minimal security impact (other than allowing you to use complex passwords without having to worry about needing to enter them.
So, how do you give the photos app to someone who should just see a handful of pictures from one album, with guided access they have access to every album, actually .. all videos, memories, face recognition album, etc.
With a guest account, you can move from main account an album into guest, and they can view it in a limited setup. While still being able to take new pictures, browse the web, etc.. without using your cookies, or requiring you to turn off, and then turn on guided access for each app.
An iPad at home can be used by kids, why not have a guest account that's limited, so you can give the kids access to switch between games, or start them on their own, wihtout ruining your 3 year old game you worked so hard on, .. or accidentally remove all your calendar, notes, or pages documents, etc.
parental control also means, you're controlling yourself.
coming home from work, and switching to Your personal browsing habbits, your private conversations and all that, super handy, and exactly what the boss AND YOU want.. no need to leave an ipad on the ceo their desk who's contract grants them access to your work ipad data, .. only to go through your personal stuff just because it's there.
guided access does nothing in this case.
[doublepost=1496884509][/doublepost]
I haven't had 2 devices on iOS11 yet, because i rather want a 100% guarantee SOS emergency works just fine (and i dont want to find out after the fact haha)
What do you mean ‘permanently’? People tend to use this feature when something changes/goes wrong their their Network Configuration. It works exactly like it should.How about they actually make "Forget this Network?" last permanently, like it should?
[doublepost=1496885038][/doublepost]
Then don’t share it with whoever wants it
. This is more secure than writing it on a piece of paper because that person doesn’t actually see the password. If that person gives the paper to someone else, that’s your problem.
I wonder how this would work at a large conference (thousands of people). I'd quickly get annoyed if my iPhone were to offer to share the password every time someone new turned up.
My 5s is on ios 11, do only one device at the moment to test. But I have to believe Apple has some controls around this feature. But in the end it's no different than telling someone the password.
I'm also unable to test it, but the original article implies that the "joining" phone will automatically "ask" for the password without any user intervention. That's different from actually choosing to ask.
But you're probably right about Apple having some sort of conditions around it.
It would only be an issue if you were standing by the entrance and yours was the first phone the attendees' phones see, otherwise it'd just pick some other random person's phone.
You can kill the option by turning bluetooth off I guess.
If you "trust" a device, why should there be approval?... If u must prompt the user to allow or not, u are also not trusting it in the first place, because of the prompt, there is concern etc.. "trust" would imply trusting 2 factor verification based website like Gmail account for 30 days.. And for 30 days u will not need to enter a verify.
What? There is no trust. You're at home preparing for guests. People turn up and want to connect to your guest WiFi. Instead of telling them the password (or taking their phone and typing it in for them) you now enable bluetooth and wave your phone near theirs and wait for your phone to prompt you to send the password.
Difference is if a production release wigs out your device in renders it in operable and you're still under warranty Apple will swap it. If they are able to discern that you're using beta software you signed off that you get nothing therefore they be completely within their rights to tell you to kick rocks. They'll tell you to dfu it back to the latest public release
Thats why I wait 2 days on every release, especially when it comes to my AW2.