Finding saved wifi passwords from known hotspots

I recently did some work in a building where the tenants thought they were protecting their wifi by having one of their staff type in the wifi password for me instead of just telling me the password.

I think the logic was that it would stop me handing it out to other people which might then lead to them having lots of unknown users connecting. I’m not sure how much research went into testing how effective their technique was

Here’s how to see the password of any wifis you have previously connected to from your computer (even if you didn’t enter the password yourself)

open up command prompt and run: netsh wlan show profile


This will bring up a list of all the wifi hotspots you have connected to. Then to display the password for one of them run : Netsh wlan show profile xxx key=clear (replace xxx with the name of the wifi from the previous step)

this should reveal the plaintext password in the key content field:


Note: If the key is not shown and instead says something like “security key : present” make sure you are running cmd as administrator

If there are too many hotspots listed to do them manually here is some python to automate their extraction: