3
If you join a Homegroup from a Windows 8 machine, you are prompted for a password. This password is subsequently visible whenever you enter the homegroup settings:
This is silly. Is there a way to obscure it?
Paul
Posted 2012-10-23T12:09:31.150
Reputation: 52 173
6
At current, No.
The prevailing logic for Homegroups is that it's a Leaderless system, meaning that all members have all applicable rights over shared resources (unless specifically defined by the file/directory's original owner).
Since the Homegroup password is considered owned by no one (there is no Homegroup Administrators group like there is on a Domain) then all members of the Homegroup have full access to that information and the password is reference-able at any time un-obscured.
Maybe in the future, as Homegroups become more and more adopted in the general public, more robust securities will be implemented. But as it stands now, that password is considered public knowledge for all members of a Homegroup.
Jared Tritsch
Posted 2012-10-23T12:09:31.150
Reputation: 3 030
3
It was visible in Win7 as well.
– Karan – 2012-10-23T12:43:25.333Thank you Karan, Yes, this is a limitation in the way Homegroups are designed and its not OS specific.. – Jared Tritsch – 2012-10-23T12:44:38.267
I didn't notice in W7, but the reasoning is flawed in my opinion. Just because all members are equal doesn't mean that the password should not be protected from onlookers who are not members - the password is public to members and everyone else in the vicinity as it stands. This isn't the place for this discussion however. – Paul – 2012-10-23T12:50:42.877
This is a problem. For just that reason, Paul. But this is the logic as to why things are the way they are. They could easily put a "show me the password" button but they didn't, and likely because it simply didn't occur to the developers who were not thinking along those lines.
THey were coming from a "sharing is caring" paradigm and not thinking in terms of security. This will probably be fixed eventually as I have seen this issue floating around the MSDN forum the last couple years. – Jared Tritsch – 2012-10-23T12:54:09.443
Also Paul, When I say "Members of a Homegroup" that is in reference to the machine, not an individual user. Homegroups do not keep or manage user lists like Active Directory does so all rights decisions are taken on a file by file basis. If there is nothing on the file that says you CAN'T, then you can. – Jared Tritsch – 2012-10-23T13:04:54.007
Another awesome implementation by Microsoft! Turn off homegroup (change your network to a "work" network instead of a "home" network) and share files-folders the old fashioned way if you want security. – Moab – 2012-10-23T16:11:01.927
one more vote for the contest? – Jared Tritsch – 2012-10-23T16:11:39.337