Microsoft is going to stop sharing your passwords through Wi-Fi Sense

Microsoft is getting rid of a feature in Windows 10 that raised privacy concerns when it was introduced last year.

Wi-Fi Sense was intended to “get you on the internet more quickly in more places,” by automatically connecting to any in-range open Wi-Fi network.

But it also granted access to your password-protected Wi-Fi network by automatically sharing your Wi-Fi password with your Outlook.com, Skype and (optionally) Facebook contacts.

Wi-Fi Sense only shared passwords via an encrypted connection, so “your contacts don’t get to see your password, and you don’t get to see theirs,” according to Microsoft.

Even so, Wi-Fi Sense had to store your password for later, and your contacts could connect to your network automatically in the future.

(Annoyingly, because they didn’t have your actual password, just authorization to ask the Wi-Fi Sense service to supply it on their behalf, changing your password down the line wouldn’t keep them out – Wi-Fi Sense would learn the new password directly from you and supply it for them in future.)

Wi-Fi Sense was turned on by default, and you could only opt out of sharing your Wi-Fi network with your contacts by adding the characters _optout to your network SSID.

If that sounds like a privacy disaster waiting to happen…  well, this feature is no longer available, Microsoft announced this week:

We have removed the Wi-Fi Sense feature that allows you to share Wi-Fi networks with your contacts and to be automatically connected to networks shared by your contacts. The cost of updating the code to keep this feature working combined with low usage and low demand made this not worth further investment. Wi-Fi Sense, if enabled, will continue to get you connected to open Wi-Fi hotspots that it knows about through crowdsourcing.

According to a note in the Wi-Fi Sense FAQ, the option to connect to networks shared by your contacts will still appear in the Wi-Fi settings, but this setting “will have no effect now” and you won’t connect with shared networks “regardless of what it’s set to.”

The note merely says that “the service […] is no longer available.”

Wi-Fi Sense will still automatically connect you to open Wi-Fi networks.

That sounds convenient and all, but as everyone knows, open Wi-Fi networks really are open, so connecting to them unexpectedly and automatically is not something we recommend.

Worse still, Wi-Fi Sense apparently makes a bold effort (this is supposed to be a feature, not a bug!) to accept any terms-and-conditions pages automatically, potentially leaving you unware of what you just agreed to.

How to turn off Wi-Fi Sense

On your PC, go to Settings | Network & Internet | Wi‑Fi | Manage Wi‑Fi settings.

On your Windows Phone, go to Settings | Network & wireless | Wi‑Fi | Wi‑Fi Sense.

Turn off Connect to suggested open hotspots.

For more insights into Wi-Fi (in)security

Why not watch our Busting wireless security myths video?