Ask HN: My WiFi password changed over night

11 points by JaggerJo ↗ HN
This morning I woke up to notice something strange. My internet radio alarm was not playing and instead wanted me to setup a internet connection.

Did not really think about it - because radios usually have crappy software and a short power outage could have caused it was my thought.

Then I realised that I can't stream music to my Sonos speakers while still in bed. Also just thought Spotify probably has some issues (happened before).

When I finally tried to use my computer I realised that all my devices aren't connected to my wifi anymore. It prompts with an 'invalid password' dialog - and wanted me to enter the password.

My router is a Ubiquity Dream Machine (not pro) and I use their cloud account. I checked what was put there as the password and it's an old password from me. (this shocked me - I did not change it.)

How could this have happened?

Are there things I should do?

Other thoughts I had:

- Someone is trying to get my wifi credentials by cloning my SSID name. (unplugged my AP and the network disappeared so I guess that a not the case.)

- Ubiquity screwed up an update. (Nope - works properly after changing the password back)

- Ubiquity somehow restored an old version (I might have had that password as the wifi password before. But this was a year ago.)

Actions I have taken:

- changed unify account password

- checked https://haveibeenpwned.com

my mail address is included in one breach.

12 comments

[ 3.0 ms ] story [ 41.2 ms ] thread
What encryption level was set on the WiFi? WEP is compromised and can be hacked. Reset the router and change the protocol
WPA is much better than WEP, but not uncompromised in the face of a determined attacker. Or to put another way, it's often good enough, but not always.

https://thehackernews.com/2018/08/how-to-hack-wifi-password....

Is WPA Enterprise any better?
I don't know. My guess is that since the weaknesses are in the protocol, adding a Radius server makes management easier but doesn't change the mathematics. This means that the network is more secure from things like weak passwords, but not handshake attacks.

I see from Wikipedia there is a new WPA3 protocol, and that's where I would start if I was worried about security to that degree. I am not, so I have not upgraded openwrt on my router.

Yes.

Instead of a preshared key shared by all sessions, each session gets a different key.

With WPA personal, if you compromise the key, you can record traffic and decrypt forward and backward in time. With enterprise, you can only decrypt a session. The fundamental technology/encryption is the same.

I would guess that the service restored the old password. It fits the evidence and is the sort of thing that a business of that type would do.
Yeah - I guess so.

Still strange and unexpected from a brand that mostly targets businesses.

Cloud service ticks a marketing box targeting a market segment more toward the convenience end of the convenience versus security spectrum. It is rarely a core competency of hardware companies.

Plain and simple it is a massive attack surface and an attractive nuisance for ransomware organizations.

Ubiquiti did disclose a breach on Jan 11, 2021. Is it possible that your data was compromised and they logged in and reset your data?
IIRC they did say that no customer data was leaked/ that there’s no need to worry.

Need to check their press statement again later.

Not an answer to your question, but just a warning to anyone considering buying a Ubiquity Dream Machine. You can no longer set up or manage a Dream Machine locally — you must use Ubiquity’s cloud management. You could do everything locally in the past, but no longer with new Dream Machines. Another great product ruined by the trend in which every device has to phone home, be centrally managed, and report every action you take.