Sometimes you can just shake your head. Doesn’t help to find a plausible answer, but somehow it makes you feel a little better. So also in this case. Why are we shaking our heads? Well, the question is: who thinks up something like this? Definitely a typical example of “comfort over safety”. And now (almost) everyone knows that this is not always necessarily the best approach. But what happened?
WLAN access data can be viewed in plain text in the Fritz!Fon
We could hardly believe our eyes when we accidentally came across the WLAN sub-menu item in the Home Network menu of a Fritz!Fox.
If you select the WLAN access data and guest access data option, the WLAN network names and the associated access passwords can be viewed in plain text. Using the WiFi QR code and guest QR code functions, a connection can be established in just a few simple steps via the camera of a smartphone or tablet. protection from it? none!
In closed family biotopes or in times of total corona isolation without guests and visitors at home, this may be a totally cool comfort function. In all other cases it is more of a weak point. But the simple option of switching off the internal WLAN or guest WLAN at the push of a button can also provide entertaining entertainment. Just before saying goodbye, just turn off the WiFi, drive home relaxed and grinning while thinking about how the host who has just visited is desperately looking for the error in the system because suddenly no WiFi access and devices are working anymore. What did we laugh .…
No reference to this function in the Fritz!Box and Fritz!Fons manuals
As of January 22, 2023, there are no indications of this possible security risk in the manuals. As a user of this hardware, you will probably come across this circumstance more by accident.
Remedy via the DECT menu in the Fritz!Box
Fortunately, there is an option to disable access to this Fritz!Fon menu. But if you look in the phone yourself, you won’t find anything. To do this, you have to switch to the Fritz!Box itself, log in and switch to the Telephony / DECT menu. Scroll down a bit and there you will find the item “Access protection”. Activate the checkbox “Access protection for WLAN / guest access) and assign a secure PIN (0000, 1234 or your own date of birth 😉 ).
This put an end to the spook on the Fritz!Fon, as you can see in the next screenshot. As soon as you switch back to the menu item Home network / WLAN, you will be prompted to enter the PIN previously set on the Fritz!Box.
Why this access protection is not activated from the outset, or why there are at least clear indications of this function, remains a mystery. The manufacturer himself refers to the possibility of protection by a PIN only in the Online-Wissensdatenbank there. This can be done better.
Nevertheless, let guests comfortably access the WLAN
To do this, go to the wireless network menu of the Fritz!Box. Under the names of the WLAN and guest WLAN there is an entry on the right “Print information sheet”. The result is a chic DIN A4 PDF with the QR code for the guest WLAN as well as the name and access password. Print it out, laminate it, and hand it to web-needy visitors to log in. The internal WLAN should be taboo for guests anyway. Or?