• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

Wireless network passwords stored as plain text???

J

JoeSchmoe007

Well-Known Member
Was browsing my phone via Root Explorer and found

/data/misc/wifi/wpa_supplicant.conf

To my surprise it contains wireless network passwords in clear text.

Is this file required or is this some kind of temp storage that can be deleted?
 
JoeSchmoe007 said:
Was browsing my phone via Root Explorer and found

/data/misc/wifi/wpa_supplicant.conf

To my surprise it contains wireless network passwords in clear text.

Is this file required or is this some kind of temp storage that can be deleted?
Click to expand...

That file is required. Yes, it's stored in plain text (As it is in every OS out there).
 
I don't have that file on my phone, in fact I show the data folder as empty. I use wifi at home & work. My phone isn't rooted, so am I just not able to see the contents of that folder as a result? I'm using Astro file browser.
 
salguod said:
I don't have that file on my phone, in fact I show the data folder as empty. I use wifi at home & work. My phone isn't rooted, so am I just not able to see the contents of that folder as a result? I'm using Astro file browser.
Click to expand...


You need to be rooted and use root explorer to see the contents.
 
It is an interesting find, I wasn't aware of that. That should encourage me to change my wi-fi passwords more often I suppose. Hopefully there isn't other information stored in plain text like this lurking around. Thanks for the heads up.
 
allambition said:
It is an interesting find, I wasn't aware of that. That should encourage me to change my wi-fi passwords more often I suppose. Hopefully there isn't other information stored in plain text like this lurking around. Thanks for the heads up.
Click to expand...

there are easier ways of cracking wireless encryption than getting access to your device, rooting it, then finding that file and copying it down.
But yes changing your encryption keys is a good practice, but remember if someone really wants access to your wi-fi network they can get it no matter what you do.
 
sdrawkcab25 said:
there are easier ways of cracking wireless encryption than getting access to your device, rooting it, then finding that file and copying it down.
But yes changing your encryption keys is a good practice, but remember if someone really wants access to your wi-fi network they can get it no matter what you do.
Click to expand...

Agreed...if somebody wants to get on my Wifi badly enough to get my phone, install root explorer, trackdown this file, find my network, uninstall root explorer, return my phone...I say let them use your bandwidth. It's ridiculous to think of this as a security risk for your network, considering the only way you can exploit this is to have access to the phone for an extended period of time. If I was an evildoer and had access to your phone for that long, there are dozens of vulerablities I'd target before this (email, calendar, bank apps, maps, etc). Not to mention just taking the phone itself and selling it.
 
I'm having a problem with my android tablet. I've had passwords stored for sometime on my internet browser and my email with Google is asking for a verification of my password & I don't know it. I don't want to reset anything that's just to much. So can someone tell me how I can find it!!!!
 
You must log in or register to reply here.
Back
Top Bottom