Wi-Fi Inspector claims "Weak wireless network password"

system · 2017-05-30T01:14:51.000Z

Wi-Fi Inspector claims that I have a “Weak wireless network password.” I call [b]BS! How exactly does Wi-Fi Inspector determine this? I don’t think it can. I don’t think it checks anything. A large majority of Wi-Fi routers have crappy passwords, so if it just says you have a weak password, it will be right much more often than not. Ha, ha, nice trick.

Pondus · 2017-05-30T05:31:31.000Z

Do you use default router log in: User / Password ?

Welcome to the internets largest and most updated default router passwords database
http://www.routerpasswords.com/

https://help.avast.com/en/ws_android/1/alert_weak_router_password.html

Eddy · 2017-05-30T09:44:35.000Z

You can call it what you want, but it is pretty sure the WiFi inspector is correct.

You truly have a weak password on the WiFi
It can be that the router has a backup option for the password and that means the router has the password twice which is considered to be weak.
You ISP can have a back-door that is using a weak password.
etc.

system · 2017-05-30T12:21:18.000Z

If your rooter is supplied by your ISP you can bet it has a crap password!

FilipBraun · 2017-05-30T14:21:03.000Z

Hello,

This particular report is not related to the router administration password, but to the WiFi password.
When this message shows up, it means that you are connected to a WiFi network and that network has a weak password set.

Please make sure, that you are using a strong WiFi password.

Filip

system · 2017-06-08T12:13:42.000Z

No, you are all full of shit. I have a password that stands up to all other tests, but Avast WiFi checker. BS!

system · 2017-06-08T12:21:27.000Z

Anyway, the root of my question was this: how does Wi-Fi Inspector determine the quality of WiFi passwords? I want to know facts. I don’t care about how people like to make noise. I want FACTS. If you have them, I want to know you.

0

Eddy · 2017-06-08T13:55:03.000Z

We could give you a answer, but that would be useless as we are full of shit you would not believe us anyway.

Pondus · 2017-06-08T14:33:44.000Z

citizen127 post:7:

Anyway, the root of my question was this: how does Wi-Fi Inspector determine the quality of WiFi passwords? I want to know facts. I don’t care about how people like to make noise. I want FACTS. If you have them, I want to know you.

When you enter the password you give it to your windows OS and avast can then also see it

quote from avast

For WiFi connection Windows disclose the information about the network, that you are connected to, including its password. So the scan gets the info from Windows and then evaluates the password strength (based on some standard password evaluation algorithm). If the password is marked as weak, the "Weak wireless network password" vulnerability is reported.
It evaluates more then just length, but also the characters composition (capital, lower case, numbers, special characters, …) and even checks against some dictionary attacks.

If it determines the password is weak, it the displays the detection network scan results and displays the weak password (as hidden dots) in the detail, but you can view it by clicking on those dots.

However Avast does not store the password. It is only available for viewing in the scan result.

Pondus · 2017-06-08T14:35:44.000Z

Password checker:
https://howsecureismypassword.net/
http://www.passwordmeter.com/

system · 2017-06-30T13:18:19.000Z

Looks like Windows is providing wrong username as well as password to Avast.

I have changed both the username and password (quite strong one for that matter) on my router but Windows is still providing admin/admin to Avast resulting in this “Weak Password” error message.

From where does Windows pick up these values? Is there any way to reset those?

Regards.

Eddy · 2017-06-30T13:24:13.000Z

Windows can find/show them through the netsh command.

Note that there is a difference between “weak password” and “weak WiFi password”.

bob3160 · 2017-06-30T13:55:54.000Z

https://support.microsoft.com/en-us/help/242468/how-to-use-the-netsh.exe-tool-and-command-line-switches

system · 2017-06-30T15:03:34.000Z

Eddy post:12:

Windows can find/show them through the netsh command.

Note that there is a difference between “weak password” and “weak WiFi password”.

Weak service password found

Description

A service on this device has a weak or default password. This is very dangerous situation, because factory-default usernames and passwords are often used by hackers and cybercriminals.

Catalogue ID HNS-WEAK-PASS

Username: ●●●●●●●●admin

Password: ●●●●●●●●admin

Details

admin/admin (displayed under the dots) were the default user/password only used by my TP-Link router which I have changed long back. Also, “Details” about this error explains that this user/password should be changed on router’s admin interface - System Tools → Password. So it is router password and not the wifi password.

I just don’t know how to tackle this wrong pickup of user/password values.

Regards.

Eddy · 2017-06-30T15:08:16.000Z

Some routers have a password backup/recovery option.
It can be that is culprit.

If the router is issued by your ISP, it can be they have set a weak password for their backdoor.

system · 2017-06-30T15:51:34.000Z

My router is TP-Link Archer C20 AC750 V1 which I myself bought and is not provided by my ISP.

The only backup/restore option is for saving entire configuration settings to a .bin file.
No option to backup/restore user name and password, only to change them in System Tools → Password.

mchain · 2017-06-30T15:58:10.000Z

Other options available here: http://www.tp-link.in/download/Archer-C20.html

system · 2017-06-30T16:09:27.000Z

Yes, I too check this TP-Link site for latest firmware. I have the latest installed for my region.

mchain · 2017-06-30T16:17:39.000Z

Suggested only if you are competent enough to recover your router: https://wiki.openwrt.org/toh/tp-link/tl-wdr7500

I’d only use to view as possible future options as this sort of wrt firmware is leading edge.

bob3160 · 2017-06-30T16:41:16.000Z

Reported to Avast. Let’s see if they have something to add.

Announcements