Google knows every WiFi password in the world. Well, roughly a billion passwords anyway.


Privacy is one of the most discussed issue in tech in the recent year, and this new report from Computerworld might be slightly unsettling if privacy is something you take seriously. According to Michael Horowitz of Computerworld, Google knows almost a billion WiFi passwords from around the world.

When Google announced Android KitKat, they also announced that there have been 1 billion Android device activations to date. That’s a lot of Android devices out in the wild, many of which have surely connected to multiple WiFi networks.

Soh how would Google have everyone’s passwords? It isn’t commonly known, but as part of Android’s backup feature the company also stores device WiFi passwords for all saved WiFi networks each device has connected. The feature is part of Google’s backup feature built into Android that allows you to store your device settings in the cloud and easily have them restored to the same or other devices as needed. Here’s where you can find the feature:

  • In Android 2.3.4, go to Settings, then Privacy. On an HTC device, the option that gives Google your Wi-Fi password is “Back up my settings”. On a Samsung device, the option is called “Back up my data”. The only description is “Back up current settings and application data”. No mention is made of Wi-Fi passwords.
  • In Android 4.2, go to Settings, then “Backup and reset”. The option is called “Back up my data”. The description says “Back up application data, Wi-Fi passwords, and other settings to Google servers”.

The feature is undoubtedly convenient, as it makes changing to new devices a more seamless experience — who wants to have to type in WiFi passwords when you move to another device anyway? The problem here is that, according to Computerworld, Google can actually read your passwords.

Why is Google storing, and possibly reading, this information? We don’t really know. It could be for research purposes. They probably aren’t out for your home WiFi password so they can leech off your internet connection, but it’s a very real possibility that Google could be forced by governments to turn over the passwords of a specific Android user.

Or maybe Google genuinely thought it is a convenient feature for their users and didn’t realize the risks of doing something like this… especially without warning users. Yep, I’m an optimist.

To be clear, we don’t know exactly how many Android devices have this backup feature enabled, which is why we are loosely using the 1 billion number. Still, despite not knowing the exact number, we can make an educated guess that the number is north of tens of millions.

On the bright side, if this is something you are worried about then you can easily disable this Android backup feature right now if you have it enabled and your settings will no longer be synced/backed up in the cloud. Just don’t forget to change your WiFi password, too.

What do you think about this development? Let us know in the comments below!

[via Computerworld, image via Dan H]

Related Posts