Sergej Khackimullin - Fotolia
What is the issue with Wi-Fi Sense on Windows 10? I've read it shares encrypted Wi-Fi passwords. Is this true, and if so, how can enterprises disable it?
Making security simple is not easy, so it's great when a new feature makes security best practices straightforward. And that's what Microsoft's Wi-Fi Sense does. How many times do you have friends and family to visit and they want to connect to your Wi-Fi? Plenty, I'm sure. And each time you have to spell out your Wi-Fi password while they laboriously try to type it into their smart device using a soft keyboard; many people only use alphanumeric characters for their Wi-Fi passwords, as changing back and forth to the symbols keyboard is annoying. And since many people reuse their passwords, the Wi-Fi password may be the same password used for social media accounts and other online services. This is not a great scenario, particularly as families and friends fall out, in which case you wouldn't want to grant them access to your accounts.
The need to share and expose home networks' Wi-Fi passwords is a problem that Wi-Fi Sense aims to solve. If someone wants to share access to their Wi-Fi network with a visiting friend, it will send the password over an encrypted connection and store it in an encrypted file on Microsoft's servers. When that friend is in range of the Wi-Fi network -- it requires location services to work -- the encrypted file is sent over another secure connection to their Wi-Fi Sense-enabled device. The friend never sees the password and doesn't have the hassle of typing it in.
Wi-Fi Sense works with a user's Skype, Outlook and Facebook contacts, and although Wi-Fi Sense is on by default, networks are not shared by default. For every network you join, you'll be asked if you want to share it with your contacts. Shared networks can be unshared at any time and Wi-Fi Sense can be disabled under "Manage Wi-Fi Settings." Wi-Fi Sense only grants Internet access, so those connecting to your Wi-Fi network won't be able to access shared resources like files and printers within your home network. Also, contacts cannot share any granted access with other people, which they could if they knew the password. One annoying limitation of Wi-Fi Sense is you cannot pick and choose individual contacts from your address books.
Wi-Fi Sense will not work on enterprise networks that use the 802.1X standard, which forces users to be validated and authorized. Also, by including "_optout" in the Wi-Fi network name (SSID), Wi-Fi Sense will not use that Wi-Fi network at all. Wi-Fi Sense is more convenient and secure than sharing passwords. It's available on Windows Phone 8.1, as well as Windows 10. Microsoft has an extensive FAQ about Wi-Fi Sense if you want more information.
Read about the concerns around Windows 10 privacy settings
Discover tips for keeping Wi-Fi network passwords secure
Dig Deeper on Password management and policy
Related Q&A from Michael Cobb
Pirated software is still a major concern nowadays. Uncover how to prevent software piracy and protect your organization's intellectual property. Continue Reading
Port scans provide data on how networks operate. In the wrong hands, this info could be part of a larger malicious scheme. Learn how to detect and ... Continue Reading
By performing ongoing risk assessments, organizations can keep their SSH vulnerabilities at a minimum and ensure their remote access foundation is ... Continue Reading