Windows 10 contains a new feature that is "an accident waiting to happen," according to experts. The Wi-Fi Sense Password Share feature will allow all other Windows 10 users on an individual's contact list to access the user's Wi-Fi network.
Windows 10 has just been released, but already, experts are warning of a major security flaw that could allow unwanted access to user networks, and, more importantly, to private data and files. The new operating system contains a feature dubbed "Wi-Fi Sense," which is intended to allow users to easily access Wi-Fi networks on their devices.
"Wi-Fi Sense automatically connects you to Wi-Fi around you to help you save your cellular data and give you more Internet connectivity options," according to Microsoft.
The feature is meant to make it easier in situations, such as when a user is visiting a friend and wants to surf the Internet or send an email on a device. Normally, the visitor would have to ask the host for the Wi-Fi password, which is often a complicated combination of letters and numbers and may also not be readily available. Wi-Fi Sense would allow the visitor to automatically connect to the host's Wi-Fi, assuming they are in the host's Hotmail, Outlook or Skype contact list. Users can choose to opt to include Facebook friends as well.
The passwords remain encrypted, so the visitor theoretically never sees the actual password. But this is, according to KrebsonSecurity, where the vulnerability exists: "If a computer is connected to a protected Wi-Fi network, it must know the key. And if the computer knows the key, a determined user or hacker will be able to find it within the system and use it to log into the network with full access."
When downloading Windows 10, users who agree to Express Settings automatically receive the update with the Wi-Fi Sense feature active. Instead, to individually choose which contacts to share Wi-Fi with, users can go to Settings, then Network & Internet, then Wi-Fi and then Manage Wi-Fi Settings and check the appropriate boxes.