> Should you trust this tool with your WiFi password?
> Of course not! You shouldn't trust anything on the internet ever — but if it
> makes you feel better, I promise none of the information you enter on this page
> is saved anywhere.
I saw a theory on Reddit that you could safely use a tool like this by disconnecting from your internet before entering the information, then reconnecting after saving the QR code and having deleted it (thereby theoretically preventing your information from ever being sent to the website).
That sounds plausible, and the tool does seem to work while offline, but I don't have the expertise to confidently state that this would 100% protect you. Anyone want to chime in with how hard this would make it for them to harvest your data (if they wanted to, which I'm inclined to believe they don't, but just in terms of best practices)?
You could always write code that saves the data temporarily until the user reconnects to the internet or even visits the website again.
I'm not certain how I would use people's wifi passwords without being at their home, but I'm certain somebody on Hacker News could tell me exactly why it is a bad idea to share your wifi password to the internet.
> I'm not certain how I would use people's wifi passwords without being at their home
Doesn't Google track router SSID names and MAC addresses? This definitely used to be a searchable database that was connected to Maps. I can't find any of the old websites but it looks like it might still be accessible via API.
> but I'm certain somebody on Hacker News could tell me exactly why it is a bad idea to share your wifi password to the internet.
Not a hacker but I'm going to give a easy but not critical example. If you have access to another device in range (say, because you run a botnet) you can jump into another neighboring network. I'm sure someone on HN could give us a much more worrisome example.
Well, if you connected to my service I can probably geolocate you. Or I can use a SSID=>lat/lon database to find where your wifi is assuming you have a unique name for your Wi-Fi network. Then I can go there and connect a laptop it and do nefarious stuff from there, and attribute it to you. Threaten the president, torrent Linux ISOs, etc.
If you're actually concerned about your data, find an offline QR generator. Encoding a WiFi network is just adding some extra plaintext to a normal QR code.
The irony it’s your infinitely better protected using a webpage in Incognito with network disconnected, than downloading an offline generator and running the binary on your computer.
one time i couldn't find _any_ other way, so I saved the page source to desktop, gave the javascript a once-over, disabled networking, opened the chrome inspector network tab, opened the saved copy of the page, did my thing, didnt see any network activity, closed the browser, then re-enabled networking
If you really want to overengineer things, take a look at https://kmanc.github.io/be_my_guest/! I only put in the effort to make this work for my own networking gear, but it could be pretty easily extended to work on other hardware :)
It’s also a feature in the AT&T Smart Home app. The printing from iOS is not ideal so I have an 8" square QR code taped to the wall for people who want to join my guest network.
Android gives you a QR code to share the network. Realistically you could just screenshot that, crop and print it out. Not have to rely on a third party QR service you aren't sure about.
Beware of "online QR code services", all of them insert some spam redirectons in the QR code.
After trying a dozen founds from Google, I finally found a decent one from a german university.
I made this one so I'm pretty sure it doesn't do that — but you just got me thinking of all the QR codes on tombstones and inked into people's skin that probably redirect to a pay day loan website or something.
The trick is to use whatever that is built into the system you are using. On iOS I use the Shortcuts app to create an action to generate QR codes. On desktop I just use Chrome's built-in QR code generator right from the address bar.
Assuming you already trust your OS and your browser, this means you do not need to trust any additional party for this simple task.
My Frtzbox router will generate QR codes so I can just pint those. You could also save the QR code from Android device as an image and them print it. The same from a KDE desktop with the additional step of a screenshot of the active Window.
Readit News
> Of course not! You shouldn't trust anything on the internet ever — but if it > makes you feel better, I promise none of the information you enter on this page > is saved anywhere.
I saw a theory on Reddit that you could safely use a tool like this by disconnecting from your internet before entering the information, then reconnecting after saving the QR code and having deleted it (thereby theoretically preventing your information from ever being sent to the website).
That sounds plausible, and the tool does seem to work while offline, but I don't have the expertise to confidently state that this would 100% protect you. Anyone want to chime in with how hard this would make it for them to harvest your data (if they wanted to, which I'm inclined to believe they don't, but just in terms of best practices)?
Doesn't Google track router SSID names and MAC addresses? This definitely used to be a searchable database that was connected to Maps. I can't find any of the old websites but it looks like it might still be accessible via API.
> but I'm certain somebody on Hacker News could tell me exactly why it is a bad idea to share your wifi password to the internet.
Not a hacker but I'm going to give a easy but not critical example. If you have access to another device in range (say, because you run a botnet) you can jump into another neighboring network. I'm sure someone on HN could give us a much more worrisome example.
Use private browsing?
One explanation is here:
https://pocketables.com/2022/01/how-to-format-that-wifi-qr-c...
hope that worked
On Android, go to "network details" for a wifi that you're logged into and click the "share" button and it will create a QR code for logging in.
i created one out of plastic beads the other year with my wife
this is what i used:
https://fukuchi.org/works/qrencode/Deleted Comment
I have used this many times without a problem.
NFC tag is the way. https://lifehacker.com/do-this-to-seamlessly-connect-guests-...
Sounds like a step backward to me (on ease of use, not security obviously).
Assuming you already trust your OS and your browser, this means you do not need to trust any additional party for this simple task.