RE: Comcast storing WiFi passwords in cleartext?

[Luke Guillory <lguillory () reservetele com>]

Yes it's in the router, accessed via the following MIB.



Name     arrisRouterWPAPreSharedKey
OID      .1.3.6.1.4.1.4115.1.20.1.1.3.26.1.2
MIB      ARRIS-ROUTER-DEVICE-MIB
Syntax   OCTET STRING (SIZE (8..64))
Access   read-write
Status   current

Descri   Sets the WPA Pre-Shared Key (PSK) used by this service set.  This
               value MUST be either a 64 byte hexadecimal number, OR an 8 to 63
               character ASCII string.


Which returns the following.


OID: .1.3.6.1.4.1.4115.1.20.1.1.3.26.1.2.10004
Value: F2414322EE3D9263
Type: OctetString

OID: .1.3.6.1.4.1.4115.1.20.1.1.3.26.1.2.10003
Value: F2414322EE3D9263
Type: OctetString

OID: .1.3.6.1.4.1.4115.1.20.1.1.3.26.1.2.10002
Value: F2414322EE3D9263
Type: OctetString

OID: .1.3.6.1.4.1.4115.1.20.1.1.3.26.1.2.10001
Value: F2414322EE3D9263
Type: OctetString





Ns







-----Original Message-----
From: Peter Beckman [mailto:beckman () angryox com]
Sent: Tuesday, April 23, 2019 9:35 PM
To: Luke Guillory
Cc: Laurent Dumont; NANOG
Subject: Re: Comcast storing WiFi passwords in cleartext?

On Tue, 23 Apr 2019, Peter Beckman wrote:

> On Wed, 24 Apr 2019, Luke Guillory wrote:
>
> > OP said they logged into their account and went to the security
> > portion of the portal. So one can assume they're the ISP or I don’t
> > see the point in asking how Comcast would know the info.
>
> It is entirely possible that an account separate and hidden from the
> customer account would be able to access the administrative controls
> of the router. It is also plausible that the access does not use a
> username/password to authenticate but another, hopefully secure method.
>
> One could make this access secure by:
>
>    1. Ensuring any connection originated from Company-controlled IP space
>    2. Username/Password are not provided to the CS agent but is merely a
>        button they press, after properly authenticating themselves as well
>        as authenticating the customer, that would pass a one-time use
>        token to access the device
>    3. Every token use was logged and regularly audited
>    4. Keys were regularly and in an automated fashion rotated, maybe even
>       daily
>
> If such precautions are taken, it is their router and it is their
> service, seems reasonable that Comcast should be able to log into
> their router and change configs.

... such that the access of the Wifi Password which is likely stored in plain text on the router is accessed by Comcast 
in a secure manner and not stored in plain text in their internal databases.

But I'm guessing probably it's just cached in plain text in their internal DBs.

Get your own router if you're worried about your Wifi Password being known by Comcast. Or change to WPA2 Enterprise, 
but I'm guessing that isn't supported on the router...

---------------------------------------------------------------------------
Peter Beckman                                                  Internet Guy
beckman () angryox com                                 http://www.angryox.com/
---------------------------------------------------------------------------