It wouldn’t be a new version of Windows without at least a few entirely bewildering decisions on Microsoft’s part, but this one’s a high speed collision of face and palm even by the standards of the company behind Windows 8. In a nutshell, there’s this feature in Windows 10 which will automatically share your wifi passwords with any and all Outlook, Skype and Facebook contacts who also use Win 10. Or, were they to manually enter your password into their Win 10 device, it would by default be treated as ‘their’ network and shared with their contacts. In other words, be vigilant – otherwise you’ll end up with Kevin Bacon using your internet connection whenever he wardrives past your house.
I can entirely understand why someone thought this feature, known as WiFI Sense, was a good idea. How many times you done that awkward dance where you go to a friend’s house and want to use their wifi, so he’s upstairs with the router, trying to bend the cable further than it will go so he can see the sticker on the back, and shouting “X94 no sorry X49” down to you, then it takes twelve goes and you still don’t get anywhere?
WiFI Sense is intended to take the pain out of this: you go to your mate’s house and your Windows 10 laptop/tablet immediately hops online because the password’s been shared via MS’ servers. Your password won’t be shown to anyone – visitors’ PCs are invisibly sent it automatically, wreathed in encryption. Also, the only thing they get automatically is internet access: you’ll have to consciously intervene if you want them to have access to other devices and folders on the network too. In theory.
In theory, lovely. In practice – Microsoft have, somewhere, an enormous database full of people’s passwords. Sure it’s encrypted, but recent history shows that this isn’t the impediment to hackers that one would hope. Possibly even more worrying is that, in its current form, WiFI Sense offers no fine control over who passwords are shared with. So if you click the Facebook share option, it goes to everyone you have on Facebook. So that annoying guy you accepted the invite from because you didn’t want to upset him might in turn, unknowingly or otherwise, wind up sharing your password with his contacts from /r/makingpeoplesliveshellisfunnylol.
WiFi Sense doesn’t share your password with friends of friends, so it’s not going to be passed infinitely around the globe. However, if a visitor manually enters your password into their Windows 10 PC – maybe because you told them, maybe because they secretly wrote it down while you were having a wee – that will then be shared with their Facebook, Outlook and Sype contacts unless they’ve expressly said otherwise. This means that, abstractly, perfect strangers will have access to your network. Manually entering WiFi password is and will likely remain the default means of sharing networks for the forseeable, so this is hardly an unlikely scenario. Granted, said strangers finding your address – or even knowing to – is less plausible, but it does mean your password might end up out there on any number of unknown computers, which is an uncomfortable thought given the relative regularity with which big firms get hacked these days.
There’s also some handwringing about this system giving Microsoft some degree of access to your Facebook contacts, which isn’t info everyone wants other large corporations to have.
Insult to theoretical injury, Microsoft don’t exactly go out of their way to tell you that they’re doing this, so if you agree to Express Settings when installing or updating to Windows 10, WiFI sense is silently turned on for you. Realistically, the risks are small and yet to be proven, but this shouldn’t be something we all unknowingly agree to, or something that only tech-savvy PC users are aware of or understand.
How To Turn Wifi Sense Off
Basically, you should probably turn WiFI Sense off until you’re sure you’re 100% comfortable with it, or an update with more granular settings is released. To do that, go to Settings – Network & Internet – Manage WiFi Settings and turn off as much as concerns you. You can either wholesale block WiFi Sense, which means you won’t automatically connect to chums’ networks yourself, or just prevent Windows 10 from sharing your own networks with others. There’s also an option to automatically connect to suggested open networks, while also strikes me as something which could be abused were anyone to work out how to hack Microsoft.
What that won’t stop is friends who do have WiFi Sense turned on from sharing your password with the various thieves and murderers in their own Facebook contacts in the event they manually entered it into their PC. There is a convoluted means of preventing this, but it’s ridiculous that Microsoft don’t offer an option within Windows 10’s own WiFI Sense settings, to be honest. Let’s hope there’ll be an update to tighten up controls.
Here’s what you need to do for now, anyway: add ‘_optout’ to the end of your wifi network’s SSID/name. You’ll need to fiddle with your router settings for that, so refer to its manual if you don’t know how. Once that’s done, your friends’ Windows 10 devices won’t then share your network on with anyone else, regardless of WiFI Sense settings. You can also request that they uncheck the ‘Share network with my contacts’ box when they’re entering your password, but that requires both memory and trust.
Conversely, this official FAQ will tell you how to use WiFi Sense if all this sounds jolly hockeysticks to you.
Of course, Windows 10 isn’t actually released until tomorrow, so all is subject to change. However, the build available to anyone via Windows Insider is the one released to manufacturers, so WiFi Sense in its current form is a finished feature rather than a buggy one. We’ll just have to see if Microsoft update it as a result of the current web-wide palaver.