Wi-Fi Inspector claims "Weak wireless network password"

[REDACTED]

Wi-Fi Inspector claims that I have a "Weak wireless network password."  I call BS!  How exactly does Wi-Fi Inspector determine this?  I don't think it can.  I don't think it checks anything.  A large majority of Wi-Fi routers have crappy passwords, so if it just says you have a weak password, it will be right much more often than not.  Ha, ha, nice trick. 

[Pondus]

Do you use default router log in:  User / Password  ?



Welcome to the internets largest and most updated default router passwords database   
http://www.routerpasswords.com/

https://help.avast.com/en/ws_android/1/alert_weak_router_password.html

[Eddy]

You can call it what you want, but it is pretty sure the WiFi inspector is correct.

- You truly have a weak password on the WiFi
- It can be that the router has a backup option for the password and that means the router has the password twice which is considered to be weak.
- You ISP can have a back-door that is using a weak password.
etc.

[REDACTED]

If your rooter is supplied by your ISP you can bet it has a crap password! 

[Filip Braun]

Hello,

This particular report is not related to the router administration password, but to the WiFi password.
When this message shows up, it means that you are connected to a WiFi network and that network has a weak password set.

Please make sure, that you are using a strong WiFi password.

Filip

[REDACTED]

No, you are all full of shit.  I have a password that stands up to all other tests, but Avast WiFi checker.  BS!

[REDACTED]

Anyway, the root of my question was this: how does Wi-Fi Inspector determine the quality of WiFi passwords?  I want to know facts.  I don't care about how people like to make noise.  I want FACTS.  If you have them, I want to know you.






0

[Eddy]

We could give you a answer, but that would be useless as we are full of shit you would not believe us anyway.

[Pondus]

Anyway, the root of my question was this: how does Wi-Fi Inspector determine the quality of WiFi passwords?  I want to know facts.  I don't care about how people like to make noise.  I want FACTS.  If you have them, I want to know you.

When you enter the password you give it to your windows OS and avast can then also see it


quote from avast

For WiFi connection Windows disclose the information about the network, that you are connected to, including its password.
So the scan gets the info from Windows and then evaluates the password strength (based on some standard password evaluation algorithm). If the password is marked as weak, the "Weak wireless network password" vulnerability is reported.

It evaluates more then just length, but also the characters composition (capital, lower case, numbers, special characters, ...) and even checks against some dictionary attacks.

If it determines the password is weak, it the displays the detection network scan results and displays the weak password (as hidden dots) in the detail, but you can view it by clicking on those dots.

However Avast does not store the password. It is only available for viewing in the scan result.

[Pondus]

Password checker:
https://howsecureismypassword.net/
http://www.passwordmeter.com/

[REDACTED]

Looks like Windows is providing wrong username as well as password to Avast.

I have changed both the username and password (quite strong one for that matter) on my router but Windows is still providing admin/admin to Avast resulting in this "Weak Password" error message.

From where does Windows pick up these values? Is there any way to reset those?

Regards.

[Eddy]

Windows can find/show them through the netsh command.

Note that there is a difference between "weak password" and "weak WiFi password".

[bob3160]

https://support.microsoft.com/en-us/help/242468/how-to-use-the-netsh.exe-tool-and-command-line-switches

[REDACTED]

Windows can find/show them through the netsh command.

Note that there is a difference between "weak password" and "weak WiFi password".

---
Weak service password found

Description

A service on this device has a weak or default password. This is very dangerous situation, because factory-default usernames and passwords are often used by hackers and cybercriminals.

Catalogue ID HNS-WEAK-PASS

Username: ●●●●●●●●admin

Password: ●●●●●●●●admin

Details
---

admin/admin (displayed under the dots) were the default user/password only used by my TP-Link router which I have changed long back. Also, "Details" about this error explains that this user/password should be changed on router's admin interface - System Tools -> Password. So it is router password and not the wifi password.

I just don't know how to tackle this wrong pickup of user/password values.

Regards.

[Eddy]

Some routers have a password backup/recovery option.
It can be that is culprit.

If the router is issued by your ISP, it can be they have set a weak password for their backdoor.