How to share WiFi passwords securely

When: Staff, contractors, anyone who needs persistent access.

Create a single encrypted record for the WiFi key and grant access by group. Members see the password in their vault; nothing is copied into Slack, email or notes apps. Revoking is instant — remove the user from the group and they lose access on every device.

1. 1Add the WiFi credentials as a new record in TeamPassword
2. 2Assign it to a group (e.g. Office, Engineering)
3. 3Add or remove people via group membership — never share the URL

When: Guests, visiting clients, event attendees.

A printed or on-screen QR code lets a phone join the network without anyone speaking the password aloud. The password never lands in chat history. Keep the QR physical and out of public photos.

1. 1Generate the QR locally (chapter 10) — never use an online tool that sees the password
2. 2Print it on a tabletop card or display it on a meeting-room screen
3. 3Take it down when the meeting ends; rotate the password if the card was photographed

When: One-off help for a colleague's personal device.

Both platforms can offer to share a saved WiFi password with a nearby trusted contact, without showing the plaintext. It's safer than typing it out, but only works device-to-device and leaves no audit trail.

1. 1Have the recipient open WiFi settings and tap the network
2. 2On the sharing device, approve the prompt that appears
3. 3Confirm the recipient is in your contacts so the OS will offer the prompt

When: Remote handoff when a vault invite isn't possible yet.

Tools like 1Password's 'Send' or a self-hosted PrivateBin generate a URL that decrypts in the browser and self-destructs after one view or a short TTL. Better than email, but still relies on the link reaching the right person.

1. 1Generate the link with a max view count of 1 and a short expiry (≤24h)
2. 2Send the link over a different channel than you used to identify the recipient
3. 3Confirm verbally that the link was opened, then assume it's burned

When: Never — these are leaks waiting to happen.

Slack and email are searchable, exportable, and outlive the people who saw the message. Sticky notes and whiteboards are shoulder-surfing magnets. Anything sent this way must be considered permanently compromised — rotate the password.

1. 1If you've already done this, rotate the WiFi password now
2. 2Move the new password into a vault before sharing
3. 3Delete the original message, but treat it as still leaked