Your older devices are a gateway into your network
Your older devices are a gateway into your network
Embedded Files
Samuel Abad
Published on March 18, 2026
Wi-Fi feels invisible. You set it up once, forget about it, and everything just works. Your phone, your laptop, your thermostat, your gaming console all connected to the same network. But that convenience comes with a tradeoff most people never think about, and it starts with the devices you trust the most.
We tested two routers, one you can pick up at any Walmart or Target, and a business-class model commonly found in small offices across the US. Using a Nintendo Switch OLED and an Android tablet, we were able to recover the Wi-Fi password on both. Not through some exotic exploit. Not by breaking the router itself. We used the devices against the network they were already connected to. This was a simple attack that is widely detailed online and easy to execute.
The lock on your door is only as strong as your weakest key
Modern routers support a security standard called WPA3, which makes your Wi-Fi significantly harder to crack. The problem is that older devices, game consoles, smart TVs, thermostats, budget tablets, use chips that only support an older standard called WPA2. These devices cannot use WPA3, no matter how new your router is.
To keep those older devices connected, most routers run what is called mixed mode: WPA3 for newer devices, WPA2 for older ones, all on the same network. Your iPhone negotiates the stronger connection. Your Nintendo Switch takes the weaker one. Both end up on your Wi-Fi.
That WPA2 connection is the door.
When a WPA2 device connects to your network, it performs a brief exchange with your router called a handshake, a small packet of data that proves the device knows your password without sending the password in plain text. An attacker within range of your Wi-Fi can capture that handshake passively, without ever touching your router or any of your devices. Once captured, they take it offline and run it against a list of common passwords until one matches.
If your password is common, short, or appeared in any previous data breach, it will fall. If it is strong and unique, the attacker moves on.
This works everywhere
The Switch OLED we used was connected to a UDR7, a business-class UniFi router that supports WPA3 and costs significantly more than a consumer device. It did not matter. The moment a WPA2 device joined the network, the attack surface existed. The router's capabilities became irrelevant for that connection.
This is not a flaw in any specific router. It is a fundamental characteristic of how WPA2 works, and it applies to every network running mixed mode, which is most home networks in use today.
Anyone can do this
The password in our test was cracked using free tools on a free operating system that anyone can download right now. This was not a movie-style hack. It was not the kind of thing you see on Mr. Robot, where a genius in a dark room types furiously for ten minutes. It was a step-by-step process that anyone with a computer and a search engine can follow. The guides are already out there.
That is what makes this worth paying attention to. The threat is not some sophisticated attacker with specialized equipment. It could be a teenager curious about how it works. It could be a neighbor who would rather piggyback off your connection than pay for their own upgrade. The intent does not have to be malicious for the outcome to affect you.
So what can you do about it?
There are two realistic paths, and neither is perfect.
Strengthen your password. This does not close the door, but it makes the door much harder to open. A long, random password that has never appeared in a data breach forces an attacker to abandon the wordlist approach and move to more resource-intensive methods, enough friction that most will simply move on. You can check whether your current password has been exposed at haveibeenpwned.com/Passwords and test its strength at bitwarden.com/password-strength. This option keeps all your devices connected and costs nothing.
Switch to WPA3 only. This closes the door entirely for WPA2 attacks. The tradeoff is real: any device that does not support WPA3 will lose Wi-Fi access completely. That includes most Amazon and Google smart home devices, older game consoles, budget security cameras, smart plugs, and many printers. Depending on how your home is set up, this could mean several devices going offline until replaced or moved to a separate network.
Some routers allow you to create a secondary SSID, a second Wi-Fi network, running WPA2 specifically for legacy devices, isolated from your main network. This is a reasonable middle ground, but it requires a router that supports it and some comfort with network configuration.
There is no option that gives you full compatibility and full security at the same time. That is the honest answer.
The bigger picture
The devices sitting quietly in your living room, the thermostat, the vacuum, the old gaming console, were not designed with your network security in mind. They were designed to be easy to use. The responsibility for what they expose on your network falls on you by default, and most people do not know it exists.
Knowing it exists is the first step.
Page updated
Google Sites
Report abuse