46 comments

[ 2.9 ms ] story [ 54.8 ms ] thread
Passwords on Mac are saved and retrievable from the Keychain app.
I use this a lot. Often times in response to "Hey do you know the wifi password here?" at random coffee.

I only wish there was a way to view this on iOS...

If you use iCloud Keychain, then all saved password information should also be available on your Mac.
Yes but you can't look it up on your iOS device
You can jailbreak and use the "WiFi Passwords" app.
In case anyone is wondering, the method in the blog post requires elevating your permission, just the same as checking through keychain.app
Doesn't work on my vanilla Mac.
It is working for me. OS X Yosemite on a late 2013 Retina MBP.

myuser@[~]$ security find-generic-password -ga MySSID | grep password

password: "password"

    "desc"<blob>="AirPort network password"
(Obviously I've changed the values here, but this is what it outputs for me.)
An easier way on Mac is to start the built-in Keychain app and search for your Wifi name there.
Same here, I get:

    oathkeeper:~ user$ security find-generic-password -ga labnol | grep password
    security: SecKeychainSearchCopyNext: The specified item could not be found in
    the keychain.
"labnol" should be replaced with the SSID you're connected to.
The SSID is case sensitive. Makes sense, but that was my mistake at first.

To find your current SSID:

/System/Library/PrivateFrameworks/Apple80211.framework/Versions/A/Resources/airport -I | grep " SSID"

Just open keychain app on your mac (any version and you can get the password for any wifi network you have connected to). Requires your computers username/pass just like if you do the terminal way. This tip in the article is just showing how to do something that's always been possible via the gui, but via terminal makes it look/feel cooler doing it.
Don't suppose anyone has an equivalent for Linux?
sudo cat /etc/netctl/wlp3s0-wlas (though it's the hashed key only, except if you'd used wifi-menu without -o to generate the file)

depends on the type of linux :)

EDIT: if it has to be the current network, something like this horrible bash oneliner: sudo vim /etc/netctl/$(ifconfig | grep UP | grep RUNNING | grep BROADCAST | cut -d: -f1)-$(iwconfig 2>/dev/null | grep ESSID | cut -d: -f2 | sed -e 's/"//g')

Depends on what is controlling your WiFi, with netctl, most all the profiles have plain passwords in them, unless you configured otherwise.

These profiles are located in /etc/netctl, so cat-ing the correct file under sudo will give you it.

This will be a concat-d list of all profiles in a pager: `sudo cat /etc/netctl/* | less`.

if using wpa_supplicant, traditionally there was main config at /etc/wpa_supplicant.conf, where passwords to all networks could be held. file would be readable by root and the binary, obviously
If you use NetworkManager, you can right click its icon, choose Edit Connections. Then select the desired network, and choose "WiFi Security" and then "Show password".

Connection configuration, including plain text passwords, are stored in /etc/NetworkManager/system-connections/ for connections that are available to all users. They are readable by root only, obviously. Otherwise the password is stored in your keyring (e.g. Gnome Keyring under Gnome).

For the lazy ones:

  sudo grep psk= /etc/NetworkManager/system-connections/*
wicd GUI network manager (I use this with Debian/XFCE) basically same as first paragraph above - click on try icon, wait for wicd to finish scanning, find your current connection, click 'properties' find the 'key' field and click the little 'show' box. There is your password.

From a terminal as root you can

    cat /etc/wicd/wireless-settings.conf
and find the password in the file.
You can get this easily on Windows 7 anyway without any command line stuff. Right click on network connection / status / wireless properties
I'm surprised the first step wasn't "Download a copy of Windows 10"
Just set up a PC as Wifi hotspot with the same name as the target network and grep the credentials from the devices that try to automatically connect to your PC. ;) PS: should work with any SSID and password auth
No, it shouldn't. WPA2's 4-way handshake allows client/supplicant & access point to prove they both know the PMK without directly disclosing it: https://en.wikipedia.org/wiki/IEEE_802.11i-2004#The_Four-Way...
Oh, ok. Didn't know about that, it's some time I tried it. Thanks for teaching me!
I suspect you've never tried it. This technique didn't work with WEP either: open system WEP simply encrypts every packet with a key derived from the password, and shared key WEP has the client encrypt a challenge from the AP using that key and send it back. In neither case is the password ever sent over the network in any recoverable form.
The AP doesn't prove any such thing to the client in PSK mode. If I scan your house, and write down your AP SSID and BSSID, I can later follow you to a coffee shop, spoof your home AP, get your device to connect, and then glean enough key derived material to go away and bruteforce your password. What you can't do, afaik, is the opposite (coax an AP to give up key derived material)... of course many APs have their own problems.

By modern standards the authentication protocol used in WPA2-PSK is dire. You should use long random keys (something like 9oc46NLMbq7ujAEgXcQU), anything dictionary based puts you at real risk.

How do you post something so blatantly wrong without considering it at all?

The most you can get from doing that, is 2 parts of a 4-way handshake (which is enough to mount an an offline attack).

OR you could just hack their system with this sweet website:

http://hackertyper.net/

EDIT: Be sure you put your browser in private browsing mode first so you can't be reverse hacked!

A simple Mac command line approach is `security find-generic-password -wa {SSID}`. (Using -w instead of -g prints just the password, so no need to grep the output.)
The GUI way of doing this on Windows (if you're currently connected to said network) is to do the following:

1. Go to Network Connections.

2. Right click the WiFi connection and click status.

3. Click Wireless Properties

4. Click on the Security Tab, and then click Show Characters.

Wow, I can't believe that worked...

This doesn't feel very secure at all.

Secure? You're revealing a password that you already know.
(comment deleted)
This worries me at home.

Say I have a party and the neighbor comes over. A few seconds on my unattended computer and they can use my Internet.

Where exactly do you think the insecurity is coming from here? Your guests could do anything at all with a few seconds on your computer. Learning the network password is the least of your worries.
They could run a rootkit/keylogger/download contraband to your computer in the same time. A lot more to worry about than just learning your wifi password.
On my domestic adsl modem/router I use MAC address filtering as well as wpa2. That might slow them down a little tiny bit.

I imagine at the end of the day, you need to change your wifi password now and again (mind you I've left mine the same for a year or 18 months).

Most new routers have the WPS button anyway. Then it's mostly automatic.
If you have a malicious person in your home with physical access to your unlocked machine, your wifi password is the least of your worries.
Now that you stated the cliché about physical access blabla, could we please consider his point as a valid concern?
(comment deleted)
On a Mac you have always been able to do this easily by simple opening the Keychain app, double click on your network name, and after entering your computer's username and pass it reveals the wifi's password. You can do that for any wifi account you have previously connected to. Both this method and the terminal method require you to enter in the current users username and pass so no security issue here.