In google home app, the app can connect with GoogleHome without asking password for connecting.
Even though, the app doesn't have root permission to do that. How google home can connect with device?
Short answer: you cannot access the Wi-Fi password without root access. (with root it's just stored as plain text on disk)
What Google does (I'm guessing) is to get your Wi-Fi password from your Android Phone's backup. After all, after resetting your Android phone you just have to log in to your account and you magically have your Wi-Fi passwords back.
Note: They could also be using a private API, but as that would be a security risk, my best guess is the solution above.
Note2: This is very much in line with what Apple does in their WAC set up protocol. They've provided a proprietary flow to set up "Made for iOS" devices so you don't have to ask a user for her password.
I don't have an actual answer, but had too much background data for a comment.
From this Super User answer:
Chromecast acts as an access point when first turned on.
For the initial setup, you install an app on your Android, Windows or mac device, that will find it and connect to the chromecast's AP directly. Then the chromecast scans for nearby access points, allowing you to pick one and enter in its password.
Once this is done, it will connect to that access point instead of acting as its own access point.
So the overall flow is:
You install the app
The app sees the Chromecast's access point
The app connects to the Chromecast access point (named ChromecastXXX, with random alphanumeric chars)
The Chromecast scans for nearby access points
You select your WiFi network
You either enter your password, or the mysterious wifi share happens.
Chromecast uses your WiFi network
This is api to securely transfer wifi creds from one device to another.
https://developer.android.com/preview/features#wifi-suggest
I found it in Q's arsenal of secret 007 spy tools.
AFAIK (remember) I had to enter the wifi password on the google home app and wear os when I set up.
Basically your phone and home device are connected to the same Wifi. And your phone already is successfully connected to the Wifi. So the Wifi password is kind of auto fetched while Google Home device is connecting.
Below are some hints from the Google Home setup page -
Make sure to connect your mobile device/tablet to the same Wi-Fi
network that you intend to use to set up your Google Home device.
Choose the Wi-Fi network you want to connect to your Google Home. To
automatically fetch the password for this network on this device, tap
OK. The password will populate in the password field. Note: Android L
and above is required to auto fetch the password. Tap Continue. You
can also manually enter your password. Tap Continue.
https://support.google.com/googlehome/answer/7029485?co=GENIE.Platform%3DAndroid&hl=en
Related
As the question says, i was wondering if there is a safe, and non really complex way to send credentials from an APP to an ESP32, in this moment i made an app that connect via bluetooth and send the credentials via serial and it works, but this way has 2 issues, 1) its not safe (not encrypted/secured data), 2) you have to ask in the application the credentials (SSID and password of the wifi) and i think it should exist some way that avoids asking for data that is already known by the smartphone. Any guidance on this topic will be welcome, thanks in advance.
all apps which are used to configure devices like IoT hardware and smart devices, ask the user to enter the wifi credentials when configuring the device, which is then transferred via Bluetooth or wifi connection,(the device acts as an access point, mobile with app connects to that devices' AP). you can save credentials one time and automate the process of sending them afterward.
I am developing an app for Android with Kotlin, and I want to share the information about the current wifi network my phone is connected to; in order to connect another device to it (the information are shared by Bluetooth).
At first, I wanted to get the SSID and Password by WifiManager but it looks like the password is only accessible with root privilege.
So is there a way to share the Wifi info without accessing the password? I'm sure it should be possible because when I configure my weather station with that app, I don't need to enter the password of my network, it does everything automatically (and my phone is not rooted) :
https://play.google.com/store/apps/details?id=com.netatmo.netatmo
Also when I configure my Google Home, it's the same process, the information of my network are shared to the device.
Thanks in advance
Edit: -
Look is it just me or doesn't the W3C spec say this should be happening already: -
1.2.2. Authentication
On a laptop or desktop:
User pairs their phone with the laptop or desktop via Bluetooth.
User navigates to example.com in a browser and initiates signing in.
User gets a message from the browser, "Please complete this action on your phone."
Next, on their phone:
User sees a discrete prompt or notification, "Sign in to example.com."
User selects this prompt / notification.
User is shown a list of their example.com identities, e.g., "Sign in as Mohamed / Sign in as 张三".
User picks an identity, is prompted for an authorization gesture (PIN, biometric, etc.) and provides this.
Now, back on the laptop:
Web page shows that the selected user is signed in, and navigates to the signed-in page.
===============
My WebAuthn code happily interacts with Windows Hello for user verification via PIN. My Samsung Android phone happily interacts with the https://webauthn.appspot.com demo and accepts fingerprint verification.
But I can't seem to use my phone as an Security key like a YubiKey connected on my computer?
I can pair it with the PC via Bluetooth or tether it with a USB cable, but Windows will not recognize it as a security key.
Is this possible, or is the functionality restricted?
If we could use our phone as security keys, we'd need no special dongles for platform agnostic authentication.
In order for that to work, the phone device manufacturer would have to either always present itself as a FIDO2 authenticator, or have some sort of switch that allows it to change mode, kind of like how you can configure USB connection to be for charging or for data transfer. I don't see any technical reason why that could not be done, in fact it's come up multiple times in various discussions, but to my knowledge that is not an Android feature, at least not yet.
For that either smartphone OS or a 3rd party application needs to implement CTAP protocol to receive and process authentication operations on the phone. Currently, Android does - but not in a way to be used as a cross-platform authenticator to not stick to only one PC.
For 3rd party apps, there are some certified solutions that are listed on the FIDO Alliance website as certified authenticators.
I recently find that the PIXEL phone can do this.
When you open a FIDO2 Web via Chrome or Edge, it will prompt a dialog shows add Android Phone. Click it and a QR code(FIDO:/AAACCC...) appeared. Scan the QR Code by your Pixel Camera (registered FIDO2 Token).
Magic...
A push notify show on the Pixel. Click it and wait and scan FP. Finally your WebAuthn web Verify OK via BT.
The only question for me is what kinds of Andoid phones can support this scnerio.
Can any other phone except Pixel support scan the QRCode(FIDO:/....).
We have a AOSP device that does not have a keyboard or touch (wearable). We can attach a keyboard via Bluetooth but that is only for development purposes.
Furthermore, we use Enterprise Wifi (WPA2-Enterprise using TLS and MSCHAPv2) at our shop that uses a corporate certificate + private certificate.
Everything works but there is a very annoying problem. After every reboot, somebody has to type in the password for the credential store and then again confirm the "PIN".
Is there any programmatic way to "open" the credential store & "PIN" at startup? Without doing so, it is not possible to connect to the WiFi.
We are willing to create a custom launcher or ROM if needed.
Android Version: 4.0.4
I need to connect to a specific Wifi selected from the list and I want to hard code the password in my app.
Is it possible in android devices that an app can connect to a specific Wifi network and provide the password?
Is there an API for this?
You should check out the docs from Google: http://developer.android.com/reference/android/net/wifi/package-summary.html