This'd basically be the same thing as using a key-derivation function to generate your WiFi password.Įxception: Protocol-specific hashes can be retained. You can hash the WiFi password if you like, but then the hashed password would be the new password. That doesn't apply here since Windows isn't the server. You're probably thinking of the thing where a server shouldn't remember plaintext passwords, but rather a hash of them. Note: The advice you're thinking of applies to servers, not clients. However, you'll still need to supply Windows with a network password in order to log into a network, much like you must supply an email portal with your email password to log in. If you're concerned about Windows storing your password, it'd seem like you can just stop using its password management function. Like any other password manager, it must store the passwords it manages.Ĭlient: Windows must convince the WiFi network that it knows your password. When it does this, it's acting as a password manager. Password manager: Windows can remember network passwords for you. Windows is serving two different roles here: Why is it that Windows would store credentials in a reversible format? Why is it not just storing the hash of the password that it sends access points to complete the handshake and establish connection? WPA2, then Windows could forget the original password in favor of the protocol-specific hash. You're probably thinking of the thing where servers are supposed to store hashes instead of passwords that strategy doesn't apply answer demonstrates a major caveat – that, if we assume a wireless network will always use a specific protocol that starts by hashing the password, e.g. Tl dr- Windows is acting as a password manager, and like all password managers, it must remember the passwords it manages.
0 Comments
Leave a Reply. |