ESP8266 Community Forum

- Tue Mar 14, 2017 1:14 pm #63685 Hello! I'm new to ESP8266!
I'm using NodeMCU 0.9.

When putting the device in AP mode, is there any way to get whatever the user typed when logging in (the WPA2 password to the wifi, not a captive portal password) to the AP?

I think it ought to be possible, because the device is getting the input from whomever is trying to log in and it needs to check out if it maches the login password, so there should be a way to get whatever he typed right?

Or do I need to dig in the firmware and change it so it'll work?

- Sat Mar 18, 2017 5:20 pm #63907 I don't know the details of how WiFi authentication works, but any secure system worthy of the name would not send plain passwords between nodes. Most likely, the AP sends a value to the connecting client which the client uses to encrypt the password entered by the user. The AP will compare the encrypted value against the value that it has obtained itself by encrypting the known WiFi password. If the client has used the wrong password, these values will not match, but the encryption is one-way, so the AP cannot recover the wrong password.

- Sun Mar 19, 2017 3:19 am #63923 that's about how it works. (hint: challenge / response)
So no help on skimming the WiFi passwort of your neighbours...