The common way, if you have connected to a Wireless Network Access Point and saved the password in Windows is to view the password via Windows GUI interface, via menus following few easy steps:
1. Settings -> Network and Internet -> Network and Sharing Center
2. Click on (Wifi Network name) for which you need password and
3. In View your active networks section
4. When the Wi-Fi network status window opens, click Wireless Properties
5. Move to the Security Tab and check the checkbox, next to "Show Characters" to view the network password.
Nevertheless as a system administrator you might have wondered, how you can easily review in plain text Saved Wireless Networks Wi-FI passwords, without using the Graphical Interface via a direct command line cmd.exe?
Such thing is helpful on maintaining multiple Windows 10 hosts, especially if you have a telnet or SSH remote administration enabled or you have a domain of PCs.
To do so open cmd.exe command prompt and run:
C:\Users> netsh
netsh>wlan show profile
Profiles on interface Wi-Fi:
Group policy profiles (read only)
———————————User profiles
————-
All User Profile : WIFI_Pofile-name
All User Profile: Hotel stage 2
All User Profile: Home Wifi
All User Profile: HP_Custom
…Now lets review the clear text password of the profile from netsh console:
netsh>wlan show profile "WIFI_Pofile-name" key=clear
Profile WIFI_Pofile-name on interface Wi-Fi:
===================================================Applied: All User Profile
Profile information
——————-
Version : 1
Type : Wireless LAN
Name : WIFI_Pofile-name
Control options :
Connection mode : Connect automatically
Network broadcast : Connect only if this network is broadcasting
AutoSwitch : Do not switch to other networks
MAC Randomization : DisabledConnectivity settings
———————
Number of SSIDs : 1
SSID name : "WIFI_Pofile-name"
Network type : Infrastructure
Radio type : [ Any Radio Type ]
Vendor extension : Not presentSecurity settings
—————–
Authentication : WPA2-Personal
Cipher : CCMP
Authentication : WPA2-Personal
Cipher : GCMP
Security key : Present
Key Content : Very-secret-password-for-WIFI-plain-text
TADADAM !
We see the password key text Saved WIFI Passwords plain text !
Note that sometimes, if you have a Hidden Wifi Network the command to use to reveal the plain text password with netsh would be:
C:\Users> netsh wlan show profile "name=SSID hidden WiFi Net" key=clear
…
This trick is very much used today by "hackers" e.g. script kiddies, who break up into others windows.
It is also useful if you want to have a quick way to review plain text passwords for WIFI accounts with organization, lets say if you're a security expert and doing some kind of periodic Security audits within a corporation on multiple Domain attached computers.
Thanks to Martin Petrov (Amridikon) for his trick as I've learned first time from his blog https://mpetrov.net, which is full of many computer geek goodies stuff.
Of course this approach can be easily scripted with a short PowerShell script:
netsh wlan show profile |
Select-String '(?<=All User Profile\s+:\s).+' |
ForEach-Object {
$wlan = $_.Matches.Value
$passw = netsh wlan show profile $wlan key=clear |
Select-String '(?<=Key Content\s+:\s).+'[pscustomobject]@{
Name = $wlan
Password = $passw.Matches.Value
}
}
If you need the script View-all-wifi-passwords-plaintext-windows10.ps1 to reuse it download it from here.
There is also some freeware tools online which can help you reveal passwords, saving you any typing, that might be useful if you want to delegate the task to a non-sysadmin user, you can simply point him and ask him to install a GUI Win tool like Wifi Password revealer (that makes showing plain text passwords piece of cake) and let user reveal his passwords for himself, if needs the password to share it to a colleague 🙂
That's all folks, Happy hacking !
