But if the friend who got the password via Wi-Fi Sense has access to the network, that means that at some point, the password had to be in clear text on their computer (since otherwise it wouldn't be able to authenticate to the network). This means that at best, they use reversible encryption, and at worst, it's just stored in cleartext somewhere (this being Microsoft, my guess would be in the registry).
I guarantee that someone will create a tool to get wi-fi passwords shared to them if there isn't one already.
> This means that at best, they use reversible encryption, and at worst, it's just stored in cleartext somewhere (this being Microsoft, my guess would be in the registry).
The status quo is that your password is already stored on their computer with nothing better than reversible encryption.
The status quo is that random business acquaintances and whoever gets automatically added to contact lists via some vulnerability (just wait, it'll happen) do not have my wifi password. Not on their machine, not to share, not access at all. I like it that way. We have something-guest as a SSID for a reason, after all.
You'd need to look up the details, but I think the key derivation for WPA allows you to store a hash of the password. It's almost just as valuable, but technically means you don't have the plain password.
Hmm, interesting. It sounds from your comment like you would still be able to replay the hash in order to connect though, unless there's a bigger system at play that I don't know about.
Perhaps, but as I understand it if I do or have in the past given my friend the wifi password, it will then be automatically shared with his/her friends?
And what if I don't want my password to be stored on Microsoft servers where it can be accidentally leaked, stolen, handed to security agencies, and so on?
You know, you can always ask your friend to let you enter the password on his computer yourself without telling them. It will be stored on their computer in both cases anyway.
If you are already doing that, then you also don't have to worry about WifiSense as the checkbox to enable it for that SSID is right there (and only there) and you can make sure that you don't check it when you type in your password.
- Added option to remember key sources (key file paths, provider names, ...); it's enabled by default.
- New locking timer (using a timeout instead of a countdown).
- Lock files are now hidden.
- On Windows 7 and higher, the main window peek preview is now disabled when the KeePass workspace is locked.
- File transactions: the NTFS/EFS encryption flag is now also preserved when the containing directory isn't encrypted.
- {FIREFOX} placeholder: added support for registry-redirected 32-bit Firefox installations on 64-bit Windows systems.
- Relative database paths on the command line are now evaluated relatively to the initial working directory (specified by the parent process) instead of the last used directory.
- Improved user-friendliness in UAC dialogs.
Improved help (moved placeholders to separate page, ...).
- Installer: the KeePass start menu shortcut is now created directly in the programs folder; the other shortcuts have been removed (use the Control Panel for uninstalling and the 'Help' menu in KeePass to access the help).
