NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Can WPS be disabled on AC790s hotspot?
Hi All I'm a raw newbie, and the odds are this thread is in the wrong place, and apologise if so. I've already posted something similar on Telstra's CrowdSupport forum, but suspect only by ca...
Thanks,
When we got the hotspot originally, the hotspot's name (I gather the Main name) was displayed on the "top" screen with a numerical password eight digits long.
We then changed that password to a personalised one and, (ironically, so visitors couldn't see it) hid the hotspot name and password on the screen that everyone sees.
If a factory reset is done, will the original screen (with visible factory password) be restored? If not, I have to hope the factory pw is one I see I wrote down. Otherwise, we're in strife I think.
Cheers
ausgumbie
Quick addition
A factory reset was done (without problems), and the factory password was there. Presumably any WPS connections went then.
We then changed both WiFi Name and Password.
One final question. To the best of anyone's knowledge/experience, do devices which have been connected by WPS always show up in the "number of devices" or (in the case of the "home" browser pages) appear named on the Overview page when they access the hotspot? Or can they be cloaked in any way? Again, that's a personal knowledge and experience question - I bet the manual says nothing about it.
And, if anyone DOES know how to disable WPS on the AC790s, great!!!!!!!
Many thanks
ausgumbie
Think of WPS as a clever way for a device to obtain the Wi-Fi password. Once it has the password, it uses it to join the network. So, devices that connected with WPS should show up.
Many thanks "TheEther".
For others following, a contributor on another forum also alerted me to the perils of UPnP (http://www.howtogeek.com/122487/htg-explains-is-upnp-a-security-risk/). Fortunately, AC790s seems to have that feature disabled by default.
Cheers
ausgumbie
I just thought I'd add - for anyone following for info - some thoughts (modified) from a similar thread I started on BleepingComputer (http://www.bleepingcomputer.com/forums/t/595929/how-do-i-know-if-someone-unauthorised-has-wps-connected-to-my-wifi/).
My initial thing was I had carelessly and stupidly left the hotspot out in the open and visible in the presence of a visitor (a tradesman) whom I became uneasy about later for whatever reasons.
I've experimented, and it takes little time at all to WPS-connect to this hotspot. If you're someone who is familiar with it (and the AC790S has been around since November last year and are popular in Australia) it's four taps on the hotspot screen to press the "pair devices" button and return to home screen. About 3 seconds, then simply walk away from the hotspot. You then have 2 minutes to hit the WPS button on your own device that you want to pair. And that's something you could even do openly - everyone fiddles with their mobile nowadays and nobody would ask what you were doing.
It would take a pretty brazen person to do what I'm talking about, but we get a lot of brazen people in Australia nowadays. It's a reasonable suspicion that anyone who could connect to your wifi isn't just after a bit of free service - they're after identity and financial details. These days there's a lot of predation on the vulnerable and elderly, and many forms of predation. My personal opinion is the attitudes and responses of our authorities and private sector to this really don't do our country much credit.
The remedy to my 'visitor-WPS' scenario, as most point out, is to physically ensure no one but those you want to can get their hands on your hotspot. While I will certainly now be more careful in future, there's always that day you forget again. IMHO, having that WPS facility on the AC790S with no option to turn it off is appalling madness.A BleepingComputer respondent wrote (and I think it's good advice) with reference to the AC790S manual:
"On page 37 you can restrict the number of devices connected to the hotspot. I would provide the minimum you need.
On page 44 you can whitelist only the devices you want to connect by inputting their MAC addresses. "
http://www.laptopmag.com/articles/find-mac-address-windows-10 "
Inputting MAC addresses I gather isn't foolproof, but it seems an added layer. And I'm coming to realise that's what modern cyber security is - adding layers of it and realising it can only protect you so far.
Hope those thoughts are helpful
Cheers
ausgumbie
