Pelican Parts Forums

Pelican Parts Forums (http://forums.pelicanparts.com/)
-   Off Topic Discussions (http://forums.pelicanparts.com/off-topic-discussions/)
-   -   Wifi security question (http://forums.pelicanparts.com/off-topic-discussions/1119229-wifi-security-question.html)

hcoles 05-20-2022 07:39 AM
Wifi security question
 
The other day I installed a Rachio 3 irrigation controller. It needs to be connected to a WiFi so I can setup the water zones. I went through the process on my iphone after downloading the app and an error came up. The app didn't ask for a password. I backed up a few steps in the app and all of sudden it seemed to be connected to the WiFi. In the mean time somewhere I pushed a button on the front that had a WiFi symbol near it. The button is not mentioned in the instructions or on the app. How does this work that something can connect to my WiFi without a password?
Thanks.

3rd_gear_Ted 05-20-2022 07:49 AM
Your IoT device (irrigation controller) has a protocol, Read about device management

https://www.iotforall.com/glossary-iot-standards-and-protocols

Now your landscaper can access your bank account, welcome to the cyber security world.

gacook 05-20-2022 09:23 AM
Quote:
Originally Posted by hcoles (Post 11696768)
The other day I installed a Rachio 3 irrigation controller. It needs to be connected to a WiFi so I can setup the water zones. I went through the process on my iphone after downloading the app and an error came up. The app didn't ask for a password. I backed up a few steps in the app and all of sudden it seemed to be connected to the WiFi. In the mean time somewhere I pushed a button on the front that had a WiFi symbol near it. The button is not mentioned in the instructions or on the app. How does this work that something can connect to my WiFi without a password?
Thanks.
Pushing the button on the front of the device sends a signal to your router--a virtual "Let me in!" You're supposed to also push the same button on your router, making it "open" to accepting that signal.

Sounds like you've got something on your router protocols set up as always broadcasting open. That's the first thing I'd look at.

stevej37 05-20-2022 09:35 AM
I wonder if it would have needed your password if you were setting it up from a place where you weren't connected to your own wifi.

id10t 05-20-2022 10:10 AM
Wonder how easy it is to get the MAC address of your IoT thing.... since that is how I handle wifi security...

gacook 05-20-2022 12:26 PM
Quote:
Originally Posted by id10t (Post 11696888)
Wonder how easy it is to get the MAC address of your IoT thing.... since that is how I handle wifi security...
Anything less isn't very secure :p

rwest 05-20-2022 12:59 PM
Is it possible that since your phone already has permission to use your WiFi that the app automatically gets it too? Maybe have a friend try their phone to see if it just connects as well?

gacook 05-20-2022 01:11 PM
Quote:
Originally Posted by rwest (Post 11697011)
Is it possible that since your phone already has permission to use your WiFi that the app automatically gets it too? Maybe have a friend try their phone to see if it just connects as well?
That's a yes/no answer. Typically, when you set up an app for a device, you have to first pick a network and input the password the first time. After that, the app is just like any other "device" you've allowed to access your network.

hcoles 05-20-2022 04:11 PM
Quote:
Originally Posted by gacook (Post 11696857)
Pushing the button on the front of the device sends a signal to your router--a virtual "Let me in!" You're supposed to also push the same button on your router, making it "open" to accepting that signal.

Sounds like you've got something on your router protocols set up as always broadcasting open. That's the first thing I'd look at.
I think this is correct. WPS vs WPA or WPA2. I need to check what my Comcast router is set to and what might happen if I try to change.... e.g. WPS to WPA2.

hcoles 05-20-2022 04:33 PM
Quote:
Originally Posted by hcoles (Post 11697127)
I think this is correct. WPS vs WPA or WPA2. I need to check what my Comcast router is set to and what might happen if I try to change.... e.g. WPS to WPA2.
logged into the router via 10.0.0.1 and could not find e.g. WPS, WPA, WPA2 settings. ??? more internet digging needed.

hcoles 05-20-2022 04:38 PM
Quote:
Originally Posted by hcoles (Post 11697139)
logged into the router via 10.0.0.1 and could not find e.g. WPS, WPA, WPA2 settings. ??? more internet digging needed.
okay found it.... both 2.4 and 5 GHz are set to WPA2 PSK AES

stomachmonkey 05-20-2022 07:33 PM
Quote:
Originally Posted by gacook (Post 11697028)
That's a yes/no answer. Typically, when you set up an app for a device, you have to first pick a network and input the password the first time. After that, the app is just like any other "device" you've allowed to access your network.
It's this.

The device does not have open access.

The app controls it all and you approved the app for access.

Without the app as a proxy the device can't connect.

And FWIW, if you don't have a Rachio you need one.

hcoles 05-21-2022 06:45 AM
okay - I don't fully understand. Something like since the app on my iPhone said it was okay to join the network the device supported by the app is also given access. I'm assuming there is no way or at least difficult for someone to see the traffic or get access to my Wifi by being associated with Rachio. Case closed?


All times are GMT -8. The time now is 01:35 AM.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
Search Engine Optimization by vBSEO 3.6.0
Copyright 2025 Pelican Parts, LLC - Posts may be archived for display on the Pelican Parts Website


DTO Garage Plus vBulletin Plugins by Drive Thru Online, Inc.