XZ

Xiao Z's blog

Learn, build, share

Be Careful When Using WiFi万能钥匙: Security Risks and Protection Tips

WiFi securityWiFi万能钥匙 risksrouter security settingsSSID broadcastMAC address filtering
Published·Modified·

While waiting at a station, I downloaded WiFi万能钥匙 to test its effectiveness. Sure enough, it successfully connected to the network. While this convenience helps passersby, it comes with significant risks that many router users fail to recognize.

wifi

After a brief analysis of how WiFi万能钥匙 works: when a user connects to a network and chooses to share it, the app's server records the SSID. When another user connects to the same SSID, the server checks if the password has been saved. If found, it returns the password to the new user; if not, it attempts a brute-force attack (though the app only tries common passwords, not a true brute-force attack, and usually fails). The actual mechanism might be more complex, but the bottom line is that using this app can easily leak your WiFi password, allowing others to piggyback on your network.

When I was at home, I used my phone to scan for my neighbor's WiFi. Opening WiFi万能钥匙, I was able to connect easily. This indicates that someone had previously connected to that SSID and entered the correct password, meaning my neighbor's WiFi password was likely leaked via the app. Consequently, I couldn't guarantee the safety of my own WiFi password, so I immediately logged into my router's configuration interface to make changes and prevent unauthorized access.

Here are a few recommendations:

1. Change the Router's Default Username and Password

By default, the username and password are usually both "admin," which is highly insecure. It is strongly recommended to change them. You can do this under System Tools > Change Login Password.

pass

Figure 1-1: Changing username and password

2. Disable SSID Broadcast

Routers typically have SSID broadcast enabled by default, allowing others to easily search for your WiFi signal, which increases the risk of password leakage. You can disable this feature and manually configure the wireless connection. Go to Wireless Settings > Basic Settings to make this change. This prevents others from connecting to your WiFi unless they know the SSID name.

ssid

Figure 2-1: Disabling SSID broadcast

3. Enable Wireless MAC Address Filtering

Enable this under Wireless Settings > Wireless MAC Address Filtering. "Deny" acts as a blacklist, while "Allow" acts as a whitelist. You can find your MAC address by running the command ipconfig /all.

mac

Figure 3-1: Wireless MAC address filtering

Of course, router security settings go far beyond these examples. The methods mentioned above are just common practices. While they may seem slightly troublesome, they significantly improve security. WiFi万能钥匙 is a useful tool, but it is also a dangerous one. Use it with extreme caution, and do not use it to connect to your own home network, as this could lead to password leakage.