Apple

Whoops! Those iOS-Generated Hotspot Passwords Are Really Weak

Posted on June 19th, 2013 by

HotSpot

Accessing the Internet when you’re on the road can be a tricky thing. Using Wi-Fi can be a source of risk, especially if you’re in a well-populated area. So, you tether your iPhone to your laptop and surf the web that way instead. That’s safer, right? Well, if you didn’t change the Wi-Fi password from the one generated by iOS, it might not give you much more protection.

You probably know a thing or two about how not to create a good password, and that using simple words found in a dictionary is definitely not a great way to make a strong password. It looks like someone creating the automatically generated passwords for the WiFi hotspot option didn’t get that memo. Rather than using a more random assortment of characters, they opted to use a fairly limited list of dictionary words. It’s certainly better than no password at all, but not by a whole lot.

This isn’t the end of the world, though. You can still have strong protection for your hotspot; you just need to change the password to a more secure one of your own devising.

photo credit: CarbonNYC via photopin cc

  • http://www.bartbusschots.ie/blog/ Bart Busschots

    I’m disappointed that this post does not show any example passwords.

    Using dictionary words CAN actually be a way of generating secure and memorable passwords IF you generate long enough passwords, and pad the words with symbols and numbers. It would be very hard to argue that the following is not a strong password:

    ++65-Goodbye-Gibraltar-Wheels-Present-91++

    That is heck of a lot easier to call out to someone than a much shorter random string, and because it’s 42 characters long, mixed case, with numbers and symbols its got a lot more entropy going on than an 8 or 12 character random string.

    XKCD make this point very well: http://xkcd.com/936/

    • LysaMyers

      Thank you – You make a very good point! If their passwords had been several words long, interspersed with uppercase letters, numbers and symbols, this would not be an issue. In this case, it appears they are simply using a short dictionary word appended by numbers.

Join Our Awesome Email Newsletter

Enter your email address below to start receiving the best Mac Security Updates.

{"url":"\/marketo\/json\/add-to-newsletter","data":"list_name=Blog Roadblock"}