Laptop Reads WiFi Password from Phone?

Sparky5 · December 13, 2020, 7:48pm

My wife’s MacBookPro can swipe the password for my WiFi Network and log itself on automatically? I’ve never typed the WiFi password into the Laptop, but it seems that it can connect by itself. I changed the password, turned off the phones and the MacBook’s wifi message is,

“The wifi network xxxx requires a WPA2/WPA3 password. You can access this wifi network by bringing your laptop near any iphone, ipad or other Mac which has already connected to this network and has you in their contacts”.

Actually, my wife’s phone is a Samsung Galaxy 10, but that’s beside the point. The laptop, after it has logged in, has correctly been given a unique address that is within my wifi network VLAN 3 ip range. The 2 phones are also in the same VLAN (3) also with unique ip addresses. Neither phone can “see” the other phone, but apparently the laptop and the Galaxy 10 can exchange information even before the laptop has logged into the wifi network. Information exchange does not take place using my older Samsung Galaxy 6.

I wonder if someone has an explanation for this type of password swiping? Did I make a mistake in my router setup? It seems that anyone walking by with my wife’s name in their contact list can log on to my wifi network…? Will the MacBookPro constantly be trying to swipe passwords from other phones and laptops?

Some specifics:
SOHO Mk3 firmware v.8.0.2
Band: 5G “force”
VLAN 3 set up for wifi clients
inter VLAN routing “unchecked”
Security WPA2/WPA3
Galaxy 10 phone has WPA3

Thank You!
Sparky5

jmjones · December 14, 2020, 2:41am

If you have keychain sync enabled on the Apple account it synchronizes WiFi network passwords too. It can also exchange this information over Bluetooth between devices.

I had the same experience with my new MacBook as well. Transferring my Apple account to an Apple TV (just with proximity and code verification) seemed a bit suss to me as well.

Sam_Norris · December 14, 2020, 2:12pm

Hi @Sparky5
What you are referring to is a Apple function which occurs between Apple devices and happens regardless of the wifi/network vendor.

It uses AirDrop/Bluetooth so doesn’t need to be connected to the wifi SSID to swipe the wifi SSID passwords.

Peplink has no way of allowing or blocking this functionality.

Sparky5 · December 14, 2020, 8:43pm

Thank you! I wondered how this trick was done. This apple feature seems to invite trouble, but at least the traffic can be contained inside one VLAN.

-S5

stego · December 14, 2020, 11:46pm

My nephew was over with his cheap Android phone and connected to my guest network with a QR code I generated.

He showed me his QR code app which had my wifi password stored in plain text.

Nothing really secure about a QR code, it just never occurred to me an app could store it in plain text.

Granted it’s a unique password and only valid to access my guest. But still.