What is the issue with Wi-Fi Sense on Windows 10? I've read it shares encrypted Wi-Fi passwords. Is this true,...
and if so, how can enterprises disable it?
Making security simple is not easy, so it's great when a new feature makes security best practices straightforward. And that's what Microsoft's Wi-Fi Sense does. How many times do you have friends and family to visit and they want to connect to your Wi-Fi? Plenty, I'm sure. And each time you have to spell out your Wi-Fi password while they laboriously try to type it into their smart device using a soft keyboard; many people only use alphanumeric characters for their Wi-Fi passwords, as changing back and forth to the symbols keyboard is annoying. And since many people reuse their passwords, the Wi-Fi password may be the same password used for social media accounts and other online services. This is not a great scenario, particularly as families and friends fall out, in which case you wouldn't want to grant them access to your accounts.
The need to share and expose home networks' Wi-Fi passwords is a problem that Wi-Fi Sense aims to solve. If someone wants to share access to their Wi-Fi network with a visiting friend, it will send the password over an encrypted connection and store it in an encrypted file on Microsoft's servers. When that friend is in range of the Wi-Fi network -- it requires location services to work -- the encrypted file is sent over another secure connection to their Wi-Fi Sense-enabled device. The friend never sees the password and doesn't have the hassle of typing it in.
Wi-Fi Sense works with a user's Skype, Outlook and Facebook contacts, and although Wi-Fi Sense is on by default, networks are not shared by default. For every network you join, you'll be asked if you want to share it with your contacts. Shared networks can be unshared at any time and Wi-Fi Sense can be disabled under "Manage Wi-Fi Settings." Wi-Fi Sense only grants Internet access, so those connecting to your Wi-Fi network won't be able to access shared resources like files and printers within your home network. Also, contacts cannot share any granted access with other people, which they could if they knew the password. One annoying limitation of Wi-Fi Sense is you cannot pick and choose individual contacts from your address books.
Wi-Fi Sense will not work on enterprise networks that use the 802.1X standard, which forces users to be validated and authorized. Also, by including "_optout" in the Wi-Fi network name (SSID), Wi-Fi Sense will not use that Wi-Fi network at all. Wi-Fi Sense is more convenient and secure than sharing passwords. It's available on Windows Phone 8.1, as well as Windows 10. Microsoft has an extensive FAQ about Wi-Fi Sense if you want more information.
Read about the concerns around Windows 10 privacy settings
Dig Deeper on Password management and policy
Related Q&A from Michael Cobb
Researchers developed a tool to help prevent improper certificate pinning that causes security issues. Expert Michael Cobb reviews the issue and the ...continue reading
Google Project Zero discovered a WPAD attack that could target systems running Windows 10. Expert Michael Cobb explains how the attack works and how ...continue reading
App trackers were found in hundreds of Google Play apps. Expert Michael Cobb explains the threat they pose and how GDPR has the potential to reduce ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.