Skip to main content
How can I lock my Sonos? It gets annoying when I host a party, only to have my Sonos repeatedly hijacked by other guests.
Creat a Guest wifi network for your guests and change your normal network password..
If you're allowing your guests to access your home network, you potentially have more to worry about than them hijacking your Sonos. You don't know if someone has a phone with malware that could be infecting your own computers or devices. They could be accessing your NAS and taking your data/music/files.



Keithmac's suggestion of creating a separate Guest network would be highly recommended. Many routers have this capability built into them. It's a network completely separate from your own, with a different name, different password, and no ability to access your own devices, computers, etc.



Some ISPs also have their own "public hotspot" network (some cable providers in the US do this if you use their modem+router gateway), so your guests could either get a limited amount of free time, or sign into their provider account and get unlimited time on a network separate from your own.
Keith and Mike have nailed it. While it would be "nice" for Sonos to offer the additional benefit of password control it's a minimally important feature. You should be much more concerned with your risky network behavior. The idea of people giving unfettered network access to everyone who comes to their house is similar to when everyone used to leave their WIFI unprotected by any password. There's a bigger issue to address.
While saying "segment your network" is generally good security device, it ignores the problem with the device. That the device, itself, lacks the ability to lock it down - relying, instead, on network-level protections - means this is just another IoT device that doesn't care about security.



Further proof? The freaking desktop PC app wants admin privileges just to access folders that the invoking-user already has access to.



Sorry, but this device feels like a security nightmare. Probably the *BEST* advice for running this thing is to further segment your network so that this device (and your phone) is THE ONLY THING on the segment (in other words, put it on a /30 segment). Everything about the SONOS seems to scream "security time-bomb".
Further proof? The freaking desktop PC app wants admin privileges just to access folders that the invoking-user already has access to.



Actually, the admin privileges are so that it can change the file sharing settings, allowing the app to set up a shared folder where your music is stored so your Sonos speakers can access it. Creating shared folders on a Windows computer is a functionality that requires admin privileges. In fact, it also creates its own local user account for the purpose of accessing that shared folder (something else that requires admin privileges), so there's no chance that someone could access other data on your computer. And I'll also note that just running the controller software for Windows on a daily basis, I'm never prompted to elevate privileges for it... so it likely only requests the elevated privileges when it needs them.
If it is a 'security time bomb' perhaps you should return for a refund. I am reckless so will be keeping my system.
While saying "segment your network" is generally good security device, it ignores the problem with the device. That the device, itself, lacks the ability to lock it down - relying, instead, on network-level protections - means this is just another IoT device that doesn't care about security.


Can we talk openly for a moment? Thank you.



You've just said that lacking the ability to restrict people, who you've allowed into your home, from changing your playlist is a "time bomb".



So, let's ease down the rhetoric a bit here.



You're really making two separate arguments, and we need to isolate them to properly discuss. This thread is about people who've been granted physical access to the device monkeying around with it virtually. By that aspect alone, this isn't a "serious" issue, rather it's one of convenience. If it was "serious" you'd tell them to leave, and that's how we put a sanity check on it.



Your other point suggests that lacking a login requirement inside of the network increases your some nebulous risk of being compromised. Mike's already corrected the Windows permission confusion, but you've failed to actually mention any of what "everything" is in the statement:

Everything about the SONOS seems to scream "security time-bomb".


I look forward to continuing our honest dialogue about the SONOS.
@Skelton. Can always rely on your contributions being clear, informed and perceptive. Nice one - thanks.
Everything about the SONOS seems to scream "security time-bomb".



It's not THAT bad ... mostly because Sonos doesn't actually accept internet connections in its current form, only initiate them (so a basic stateful system protects it). Now, once IPv6 becomes a thing ...



As for the desktop software, it's just another one of those cruddy legacy pieces of software that needs to go away/be updated to something modern. I'm guessing the former.
See the opportunity in the problem: that this is being done to your Sonos can be seen as a warning to go back and re examine your practices with the security of your home WiFi network. Breaches there can be real time bombs in spheres different from Sonos.