No it's not, if this is the chink in your IT departments armor they are setting up enterprise WiFi wrong. They should be using something more advanced like certificates rather than passwords.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
iOS 16 Finally Lets You See Your WiFi Network Password
- Thread starter MacRumors
- Start date
- Sort by reaction score
But she didn't already know what the password was? That's the ludicrous part of this feature.
I might very well give someone access to my wifi, but that certainly doesn't mean I want them to know what the password is. It was broken enough when device A could share the password to device B without displaying what the password was.
No they are not legit. There are better ways to secure network than a shared password at the IT leave. Like enterprise grade with login and password.
The wifi showing password just makes it easier to show oj the phone. Anyone with a computer can easy see a wifi password by pulling it from the keychain or a spot on windows which I know is super easy it has just been 7 years for me on windows to pull it.
It is stored in plain text and not really encrypted beyond basic keychain encryption.
Sounds like your wifi setup has other issues. There are enterprise grade stuff that using account name and password for wifi.
If you are using a network key then yeah not the most secure thing and super key to get if a computer is on the network. Just knowing the right places to poke around and boom got it in plain text. Plus once one person gets it we’ll you have to change it all instead of just killing the single compromise account.
This needs to be a world wide change and certainly in all OS. The idea of hiding your password from your self was reasonable in a crowded computer lab but the number of places that hide your password from while requiring increasing password complexity is absurd. It should always let you see it if you want. A long over due change
I have no idea how the old sharing worked. It worked one time for me with no explanation, then never again.
Isn't there a more robust way to limit which devices can use it? Not MAC address whitelisting, but 802.1X.
Relying on the WIFI password as the sole security on a network is most definitely NOT best practices as there are so many ways to compromise that. It's not difficult to require additional authentication once connected to WIFI on pretty much every commercial solution out there. A little bit of a hassle to log in, but now you can control individual access vs letting everyone have the same key to the network.
What is REALLY frustrating though is that you STILL cannot see the list of remembered networks like you can on the Mac. If you've got an iOS device and you connect to a specific network, you can't 'forget' that network unless it's nearby or you are connected to it.
This is an avenue where someone could theoretically create a rogue WIFI network that someone's device would then automatically connect to when nearby without any interaction. This could be used, for example, for someone that wanted to track if someone entered a specific area. All they would need is access to the device to connect to the network once, then create a network with that name and password in the area they wanted to monitor and could then track when someone was there. There would be no visible trace on the device that you're doing this sort of tracking.
What is REALLY frustrating though is that you STILL cannot see the list of remembered networks like you can on the Mac. If you've got an iOS device and you connect to a specific network, you can't 'forget' that network unless it's nearby or you are connected to it.
This is an avenue where someone could theoretically create a rogue WIFI network that someone's device would then automatically connect to when nearby without any interaction. This could be used, for example, for someone that wanted to track if someone entered a specific area. All they would need is access to the device to connect to the network once, then create a network with that name and password in the area they wanted to monitor and could then track when someone was there. There would be no visible trace on the device that you're doing this sort of tracking.
Those with concerns read up on how to segment your network with VLAN and or creating a dedicated guest network. iOS aside its a great practice to do if you want to prevent other smart devices from discovering each other. Or exposing your NAS, server or computers.
If you have no interest then some ISP's like Xfinity will send you a push notification each time a new devices connects to your network if you have their newer routers.
If you have no interest then some ISP's like Xfinity will send you a push notification each time a new devices connects to your network if you have their newer routers.
They added that as well in iOS 16. If you tap the "Edit" on the Wi-Fi screen (see 1st screenshot in the article), it will show a list of all remembered network, you easily edit and delete them from there.
Oh didnt know about this, will help me with my Guest Network which i forgot the PW on my Router maybe this helps
Very small feature. But still it can prove to be useful sometimes.
The idea that the device is the authoritative source for the password is what's absurd.
Some are small schools. Do you expect K-3 to punch in username and passwords to access wifi?
do you expect k-3 to enter a wifi password?
One can easily pre set up the iPad with the IT admin doing the login or a master account username and password ahead of time and it lives forever just like how you do it putting in a pre set up key. On my work machine I entered the password really once and it updates more or less on its own as long as the account is valid and works threw password changes. It ties the machine and account to the wifi.
Not sure if you are trying to be empathetic or just abrasive.
MDMs are used a lot in education. And for years, people have been deploying devices because the MDM manages the key. Hopefully the WiFi restriction API has an option to masks the password.
Why?
MDM is fine. Showing the password should not be an issue even at the MDM level.
If the WiFi is using in this case a basic wifi key for internet access they have larger issues and I would question the IT department as being incompetent. Sorry but that is not a secure way of doing it at enterprise level.
children are not enterprise level. but schools and school system is.
Try working for a school district.
We have 3 people in our IT department supporting 1500 people and a mix of PCs, Macs, iPads, Chromebook's, Smartboards and phones.
I was brought on 6 months ago and Im still working to secure the environment with the limited time and resources at my disposal and more important items that need to be completed first.
802.1X is finally setup for everything except for the Macs and smartboards but now we have too scramble to get this completed while managing a 100 PC refresh and 350 new chromebooks for incoming students.
I fail to understand the need to see wifi password on your device thats already on the network.... if its such a pain, just leave your network opened with no password.
It’s not your phones password. It’s the password to access your WiFi. In the past, if someone wanted access to your WiFi and you insisted on typing it into their phone and didn’t allow them to watch while you did then your WiFi password would remain secret, but most people I know simply ask what the password is for the WiFi and you have to tell them.
Apple came up with a way to share a password from one iPhone to another that were on someone else’s network and it worked really great, about 30% of the time. The rest of the time you had to ask the homeowner what his password was and hoped that he remembered it, and type it in yourself on your phone. It’s amazing how many people don’t remember their own network password.
For home networks I don’t know what the secure answer is, but I know that all the complex password naming suggestions are one of the reasons 123456 is still popular. Use upper and lower case and symbols and make it 10+ characters long and don’t write it down and change it frequently. This is a recipe for getting locked out of a network, even your own. I don’t know how Android OS’s handle allowing you to share your network with friends and guests but Apple’s auto share with a trusted device sounds great but doesn’t work a lot of times, and since “expert” advice says don’t write your password down and you are supposed to have a lot of characters and numbers and symbols this usually bites the network owner more than it protects the network from being compromised. Even entry level hackers know where and how to look on a computer and if you leave your computer on and don’t require a password after wake-up then they have a better chance of finding your password than you yourself probably have.