Sharing Wifi password with a lodger- Security

[NewEdition]

I am getting a lodger in for a few months and will share the wifi password with him.
I do not know the guy personally, he is a friend of a friend and he works in IT.
What are the risks of somebody knowing this password?
I am sure he is trustworthy enough, but what could I be exposing myself to if I do share this password with a relative stranger?
Could he access my own search history, could he gain access to anything I am looking at, eg, online banking etc?
Its a Virgin Media router - Should I talk to VM about having a guest /restricted password or something?

 

[odyssey06]

You need to distinguish between your WIFI password, and the admin password on your WIFI router.
Make sure you have changed the admin password on the WIFI router from its default password to a password of your own choosing.

If they have your WIFI password, that enables them to access the internet from their own devices.
I don't think there would be much of a risk there, just if he did engage in anything dodgy online (downloading and worse) then it is going to show up under your account. Maybe you should put on some sort of parental controls software.

If you have a desktop\tablet\laptop yourself make sure to secure it with a password.

 

[trasneoir]

I am sure he is trustworthy enough, but what could I be exposing myself to if I do share this password with a relative stranger?
Could he access my own search history, could he gain access to anything I am looking at, eg, online banking etc?

While connected to your network a 3rd party can't see your history, but they can eavesdrop on your current traffic to/from the internet. Because your communication with the bank/gmail etc are encrypted (the green lock in your browser), they won't be able to "overhear" your passwords.

I think the UPC routers all come with a "guest network" feature for this kind of scenario.

 

[Conshine]

This is interesting.. I bet many people share their wifi passwords without knowing these risks!! Me included!

 

[Conshine]

What if the user that has the general password.. or the "guest" password downloads a virus or spyware etc.. would there be any risk to my own devices?

 

[Leo]

What if the user that has the general password.. or the "guest" password downloads a virus or spyware etc.. would there be any risk to my own devices?

Yes, once any malware infected device is on the network, they will be able to scan the network to seek out other targets. It doesn't matter whether they acquired the malware while connected to your network or elsewhere. The level of risk will depend on what devices you have connected and how secure they are.

 

[JoeRoberts]

If he has physical access to the router he can just plug in an Ethernet cable and then he still has access anyway unless you can disable the ports. So maybe make a locked press for the router.
The original admin pw for the router is probably on a sticker under the router too and even if you have changed it can possibly be reset with a pin to the default.
As he works in IT he can probably find loads of ways around things if he wants.
Unless you can prove otherwise, you are likely liable for what happens under your account.
Eventually any wrong doing should be traced to the actual device used, but that is no comfort if cops come knocking on your door because some dodgy stuff is being downloaded. People will just remember it was your house. Small risk of course but strange people out there..

 

[trasneoir]

What if the user that has the general password.. or the "guest" password downloads a virus or spyware etc.. would there be any risk to my own devices?

If a user is on your private network, then their devices can eavesdrop on your traffic, or attack your devices.
If a user is on your guest network, then he is isolated - he can only connect to the internet.


If your private network isn't encrypted (WPA2 or better), all bets are off. Any passerby with a phone can get on to your private network if they are inclined (or their phone is infected).