Why it is time to rethink Wi-Fi security

Image: Shutterstock / Sputanski

Can I have your Wi-Fi password? If you’re someone like me, you’ve asked this question many times. Not only in coffee shops, but also while visiting homes of friends and relatives. And if your friends and family are anything like mine, they probably started to hunt for that three-year-old Post-It note, or tried to spell out a cryptic letters-and-numbers password that was impossible to type with your smart phone’s onscreen keyboard.

Lately, I’ve been thinking there has to be a better way.

The reason that I’ve been wondering about the future of Wi-Fi security is that I’ve come to realize that the home network is increasingly not just about access to the internet, but about social interaction and collective media consumption.

Take Chromecast, for example. Google’s TV dongle is great for watching YouTube videos with your friends, who can use YouTube’s iOS and Android apps to queue up clips together and then beam them to the TV screen. It’s like one big, happy YouTube party — but it only works if everyone is on the same Wi-Fi network.

Chances are, that scenario won’t be the only one that requires you to share your Wi-Fi access with your friends for long. Pandora CTO Tom Conrad told me earlier this week that he would love to bring real-life social interaction to Pandora’s apps. This would enable Pandora to automatically mix a station based on who’s in the room and listening together, but it would once again require people to log into the same network as a kind of near-field authentication.

Router makers are completely unprepared for this kind of scenario. A few vendors have started to add guest networks to their consumer routers, but these are typically fenced off from your regular network, making any kind of device-to-device interaction impossible.

A handful of developers have started to fill the void with some clever apps that promise to make it easier to share the password of your Wi-Fi network. Some rely on QR codes, others even make it possible to share it with select friends on Facebook. But these solutions are generally still too cumbersome, and some have inherent security risks. Do you really want to save your Wi-Fi password in the cloud?

What we need instead is a different approach to Wi-Fi security: An acknowledgement that not all devices in a home network are created equal, and that some should have the power, as well as the tools, to easily grant temporary access to others.

What I want on my phone is an app that tells my router to open up the gates for my friend’s phone, with some level of basic session-based authentication. Think NFC, a simple six-digit code, or even audio. And once that device leaves the network for a predetermined amount of time, authentication is revoked.

Some of you may say that this doesn’t sound very secure, but I would argue that the status quo is just as unsafe: Consumers end up giving their password out without ever changing it, and possibly even opt for less secure but easier-to-type and easier-to-remember passwords simply because they don’t want to hunt for that Post-It note anymore.

Or, even worse, they don’t share their network at all — and become YouTube party poopers.

Image courtesy of Shutterstock user  Sputanski.


Comments have been disabled for this post