Is there any way to put a password on your sonos system?
Trying to stop everyone logging in and switching the play list, wondering if there is any way to put a password on the system so only those with the code can access the system
This topic has been closed for further comments. You can use the search bar to find a similar topic, or create a new one by clicking Create Topic at the top of the page.
Page 2 / 5
Do you ever let people on your main network to use a service (maybe printer, file server, TV/movies etc) ? If so are the other devices you password protected or are the other devices etc open to anyone who gains access?
I'm not personally concern or care about Sonos not having authentication, but can accept that some user have legitimate use cases/pov that require password even.
I'm not personally concern or care about Sonos not having authentication, but can accept that some user have legitimate use cases/pov that require password even.
@stuart_W, it's as easy as putting a toggle button, "Require Security", "Dont Require Security" if users like yourself want to keep their system fully unsecured and open to random connections then you can continue to do so, BUT for users that like to secure things on their network because they know the importance of securing any system connected to their network they could do that as well...If you know anything about network security you might understand the importance of this.
I personally don't leave my system fully unsecured and open to random connections, which is why I employ a Guest network that not only keeps people out of Sonos, it keeps them from accessing my PC, my backups, my NAS drive, my printers, my lights, my thermostat, my home security system, my TV, etc., etc., etc. If I can't trust someone to not change my music, I certainly don't want them accessing my private data, my heat/AC, or my security alarm.
No. they just haven't implemented THIS request. It's four pages long and most of the posts are from people saying they don't want it Thankyou very much. I'd say that actually demonstrates Sonos is going with the majority.
And just because I know you like a bit of drum beating. O N L Y those people YOU gave access to your network can access Sonos. If not having a password on your Sonos app is a worry to you don't give your wi-fi credentials to any Tom, Dick or Harry (Or Yvonne, Bette or Jane). If you do give out your password like that to people who can't be trusted you are going to get what you deserve[/quote]
@stuart_W, it's as easy as putting a toggle button, "Require Security", "Dont Require Security" if users like yourself want to keep their system fully unsecured and open to random connections then you can continue to do so, BUT for users that like to secure things on their network because they know the importance of securing any system connected to their network they could do that as well...If you know anything about network security you might understand the importance of this.
And just because I know you like a bit of drum beating. O N L Y those people YOU gave access to your network can access Sonos. If not having a password on your Sonos app is a worry to you don't give your wi-fi credentials to any Tom, Dick or Harry (Or Yvonne, Bette or Jane). If you do give out your password like that to people who can't be trusted you are going to get what you deserve[/quote]
@stuart_W, it's as easy as putting a toggle button, "Require Security", "Dont Require Security" if users like yourself want to keep their system fully unsecured and open to random connections then you can continue to do so, BUT for users that like to secure things on their network because they know the importance of securing any system connected to their network they could do that as well...If you know anything about network security you might understand the importance of this.
Userlevel 7
+22
Are their other systems out there where you are able to password protect or lock to specific device/s?
This is a Sonos board.
We all know this is a sonos board but Sonos has ignored the boards/requests of the user base for like 5 years now! how are we not supposed to look for a better solution. they have dont nothing to keep me as a customer or shown that they are making improvements that are requested....[/quote]
No. they just haven't implemented THIS request. It's four pages long and most of the posts are from people saying they don't want it Thankyou very much. I'd say that actually demonstrates Sonos is going with the majority.
And just because I know you like a bit of drum beating. O N L Y those people YOU gave access to your network can access Sonos. If not having a password on your Sonos app is a worry to you don't give your wi-fi credentials to any Tom, Dick or Harry (Or Yvonne, Bette or Jane). If you do give out your password like that to people who can't be trusted you are going to get what you deserve
Are their other systems out there where you are able to password protect or lock to specific device/s?
This is a Sonos board.[/quote]
We all know this is a sonos board but Sonos has ignored the boards/requests of the user base for like 5 years now! how are we not supposed to look for a better solution. they have dont nothing to keep me as a customer or shown that they are making improvements that are requested....
Another trend that I'm out of step with, I fear...
Some googling turned up this interesting article:
http://www.consumerreports.org/cro/magazine/2015/06/connected-devices-and-privacy/index.htm
A much bigger issue that a few passwords isn't going to address. There are also reports of hacking a networked fridge to extract the gmail account details of the owners.
There is a lot of demand for voice control - but the technology may not be just a one way street. Alexa and Amazon may also be listening to you and your family's conversations - 24/7.
Interesting times:-).
http://www.consumerreports.org/cro/magazine/2015/06/connected-devices-and-privacy/index.htm
A much bigger issue that a few passwords isn't going to address. There are also reports of hacking a networked fridge to extract the gmail account details of the owners.
There is a lot of demand for voice control - but the technology may not be just a one way street. Alexa and Amazon may also be listening to you and your family's conversations - 24/7.
Interesting times:-).
Whilst Sonos may run on some form of unix, like many devices these days, it is designed as a media device, not a computer that you have direct access to. Whilst many media devices today have simple parental controls, I think that you'll find that the overall requirement for Sonos is much more complex, with people wanting access controls at all sorts of levels to sort out their particular problem. For Sonos to satisfy all of these requirements, they'd virtually have to enable the locking off of any set of menus and/or facililties - and then users would no doubt want each of these to be separately configurable. And we all know how much Sonos love designing user configurable options...
If you don't want people to fiddle with your media devices, then don't give them access to the remote control - it really is that simple. If a child misbehaves, take the remote control away from them. In the case of Sonos, just change the guest network password and lock them out.
More importantly, I don't see how it will serve any long term purpose. Those that surrender Wifi passwords will, sooner or later, surrender these as well, for the same reasons. Why spend development dollars on something like this?
Just out of curiosity since I haven't seen them - what do appliances like refrigerators that are on the network do for restricting access? Devices like these will only increase in future, I am sure. All will have passwords over and above the one needed to access the network?
Just out of curiosity since I haven't seen them - what do appliances like refrigerators that are on the network do for restricting access? Devices like these will only increase in future, I am sure. All will have passwords over and above the one needed to access the network?
Userlevel 7
+22
Good luck with that....
From the fanboi comments here and lack of response from Sonos i'm starting to feel that way too!
This is a forum where civil discussion of many things happens. Many, if not all, times when a suggestion is made some people will have a contrary view. That's just the way of things and to be expected. Just because people have a contrary view to you does not either 1) Make them a "fanboi" nor 2) Preclude them from commenting.
For what it's worth I am not a proponent of requesting Sonos become a surrogate for my own security responsibilities. So I shan't be giving access to MY private network to anybody who might take advantage of any security or aesthetic vulnerability in the Sonos app/controller, neither shall I call for Sonos to add password or finger print or iris scan access in order to allow me to be profligate with my security responsibilities.
I know people who want these added security "features" hate to be told to take responsibility for their visitors AND their actions but I'm afraid that's the way it is. Frankly I don't want to have extra hurdles to cross to change my settings because you allow dickheads onto your private network.
It is worth remembering. NOBODY has access to YOUR network unless YOU give them access to it - If you can't trust them not to hack into your system or play The Birdie Song at full volume then don't give them access (or at least put Sonos on the private side and give them a guest login and maybe change the password every week).
Good luck with that....
From the fanboi comments here and lack of response from Sonos i'm starting to feel that way too!
Good luck with that....
I really don't understand this... People hand out total access to their network, and then they're surprised that people (particularly kids) abuse it? Let's be kind and say that's just niave....
As previously suggested, put the Sonos kit on a private network and any untrustworthy people and children on a guest network - job done... Why on earth would you give access to your private network, which can hold all of your private data, to someone that you can't totally trust?
You are assuming people are savvy enough to do this - or even know how to do this. Most people are not. What other private data would they have access to on your network? A NAS? A windows server? A linux server? These all offer access control via password. The odd man out here is the Sonos.
Regardless of what you think though - the question has come up and customers have asked for it and given specific examples of why they want it. That should be justification enough. The old Steve Jobs chestnut of 'don't hold it that way' really doesn't wash. Again - it should be optional - so if you don't want the feature, don't use it. Simples.
I really don't understand this... People hand out total access to their network, and then they're surprised that people (particularly kids) abuse it? Let's be kind and say that's just niave....
As previously suggested, put the Sonos kit on a private network and any untrustworthy people and children on a guest network - job done... Why on earth would you give access to your private network, which can hold all of your private data, to someone that you can't totally trust?
Don't confuse the two issues though. The password to access configuration and playlists, and any possible external threat are separate. I'm just requesting some sort of access control to the Sonos.
No, I don't. I thought it was you that was confused, by using external threats as the justification for this need for passwords. I must have misunderstood your post.
I am curious though - how will these passwords work to stop a "friend" or a child from blasting music through the Sonos in your bedroom at 3 am if they are that kind of people?
The problem comes when people have the password.
Ah..so that is the real issue, not the security one that was so strongly stated. Security is already blown by giving up the WiFi password, how would it help for Sonos to have one thereafter?
I don't give people my WiFi password in a hurry, and I am personally up to here with passwords and remembering them. I for one would be quite irritated to have one more in my life. My vote therefore is for no change on this count.
That may be fine for you but as you can see from this thread, it is not fine for others. It should most certainly be an option and not forced into the user. If you don't want a password, don't use the feature. Many people share their wifi passwords with friends and family or are in a shared network environment.
Don't confuse the two issues though. The password to access configuration and playlists, and any possible external threat are separate. I'm just requesting some sort of access control to the Sonos. Any possible external security threat should be something that I hope Sonos is mindful of. My point being that if they are unconcerned about access control, they may well be unconcerned with other security issues too.
The problem comes when people have the password.
Ah..so that is the real issue, not the security one that was so strongly stated. Security is already blown by giving up the WiFi password, how would it help for Sonos to have one thereafter?
I don't give people my WiFi password in a hurry, and I am personally up to here with passwords and remembering them. I for one would be quite irritated to have one more in my life. My vote therefore is for no change on this count.
Doesn't this exist even now? How can anyone connect to the Wifi without the Wifi password? And if Sonos had a password, but the Wifi was accessed, how does the Sonos password offer any protection against such attacks? What is the incentive for a hacker to attack just the Sonos devices? Can someone access the WiFi via Sonos without having the WiFi password? Or hack into that somehow via Sonos as it is just now, with no password protection of its own?
The problem comes when people have the password. Friends, or an office environment where people share the same network, family members. They have full control over your Sonos as it has no password. As for hacks, this is just a theoretical scenario. Access could be gained by using another compromised device inside your network. But my point is that Sonos needs to take security more seriously. For all I know, they do lot of work behind the scenes, but not having a password to authenticate a client device doesn't bode well.
Come on Sonos - just configure a password or pin that each device needs to enter once the first time it tries to connect to a device.
Doesn't this exist even now? How can anyone connect to the Wifi without the Wifi password? And if Sonos had a password, but the Wifi was accessed, how does the Sonos password offer any protection against such attacks? What is the incentive for a hacker to attack just the Sonos devices? Can someone access the WiFi via Sonos without having the WiFi password? Or hack into that somehow via Sonos as it is just now, with no password protection of its own?
I see. Thanks for the explanation.
If that was an issue for me, I'd have the Sonos on the public side of my network, which would restrict access to all of my "secure" devices. But at the end of the day, if something is connected to the internet in any way, it's potentially accessible, no matter what "lock down" you implement.
But I have to chose between the internet of things, and security. So I'm somewhat rigorous in who I give access to my network to, and hence my sonos contorlling devices. It's not perfect, I'd agree, but I'm not sure how Sonos could make it much better. At the end of the day, it's my call as to whom I give access to, not Sonos'.
If that was an issue for me, I'd have the Sonos on the public side of my network, which would restrict access to all of my "secure" devices. But at the end of the day, if something is connected to the internet in any way, it's potentially accessible, no matter what "lock down" you implement.
But I have to chose between the internet of things, and security. So I'm somewhat rigorous in who I give access to my network to, and hence my sonos contorlling devices. It's not perfect, I'd agree, but I'm not sure how Sonos could make it much better. At the end of the day, it's my call as to whom I give access to, not Sonos'.
Anyone connected to your wifi network has full control of your Sonos. Might be ok for some, but the option of password/pin protecting access has been requested many times.
Sonos is a Linux system at heart. In theory it could be used as a vector to attack a local network or be used as a pawn in a botnet. I say in theory - this has not happened - but Sonos and all network appliance makers have to be vigilant. Google 'Brian Krebs ddos' - one of the largest ddos attacks in history was made against him using mostly unsecured internet appliances.
Sonos is a Linux system at heart. In theory it could be used as a vector to attack a local network or be used as a pawn in a botnet. I say in theory - this has not happened - but Sonos and all network appliance makers have to be vigilant. Google 'Brian Krebs ddos' - one of the largest ddos attacks in history was made against him using mostly unsecured internet appliances.
I'm confused by your statement. I use iOS almost exclusively to "control" my Sonos system. But all of my iOS devices are locked after a minute of non interaction, and the only things that you can do on the lock screen is start/stop, skip or replay a track. How does this indicate "no security"? While I can't look at the screen right now, not being at home, I'm 90% sure that I don't have access to the change the playlist / location of music. So to do anything else, I have to unlock my iOS device, using Apple's process. But maybe I'm not understanding your statement?
Please inform me on the theory as to how this could be used as a vector for security issues. I'd be most interested to know.
Please inform me on the theory as to how this could be used as a vector for security issues. I'd be most interested to know.
This is most certainly needed. In fact you should go full out and on iOS take advantage of the touch-ID to authenticate users.
The fact that Sonos devices have NO security at all is somewhat worrying actually - it could theoretically be used as a vector for all sorts of other security issues - it runs Linux after all so is a fairly open platform underneath.
The fact that Sonos devices have NO security at all is somewhat worrying actually - it could theoretically be used as a vector for all sorts of other security issues - it runs Linux after all so is a fairly open platform underneath.
This thread is hilarious. Every concerned message requesting even the most basic form of password, PIN or any other protective feature is countered by answers such as "discipline your children", "get new friends", "hope your job wasn't affected", "get different roommates", "don't share your wifi" and so on.
Sonos is the leader in their field, but providing absolutely zero support for device control protection is just plain crazy. Submitting requests for any such protection is like throwing rocks into a deep pit... satisfying for a bit, but ultimately just a waste of time.
Perhaps someone at Sonos will do a quick web search for "how to add password protection to an application" and things will change. But seeing as this thread is several years old, I'm not going to bet any money on it.
Keep the requests coming, folks! I love reading the responses written in Sonos' defense. 🙂
Sonos is the leader in their field, but providing absolutely zero support for device control protection is just plain crazy. Submitting requests for any such protection is like throwing rocks into a deep pit... satisfying for a bit, but ultimately just a waste of time.
Perhaps someone at Sonos will do a quick web search for "how to add password protection to an application" and things will change. But seeing as this thread is several years old, I'm not going to bet any money on it.
Keep the requests coming, folks! I love reading the responses written in Sonos' defense. 🙂
With 6 zones I'm a bit invested in SONOS and love it, but it's not perfect, and not without its competition. I selfishly want to see SONOS trump the competition so that I don't end up with 6 BetaMax players :)
I wanted to amend this post with an anecdote of a recent experience. As an IT consultant, I'm in and out of a lot of different environments. Most recently, I was in the home of a CEO of one of my clients setting up a remote workstation. Seems they were having weird issues with their 8 zone SONOS system so I took a moment to look into it. Seems her teenage son and his friends were accessing the SONOS and changing settings, music queues, etc. When she expressed doubt that they could do this, I very effectively demonstrated this shortcoming by taking out my mobile phone, connecting to her SONOS, and piping Country music all over the house. Now, while I needed to be on her WiFi to do this, keep in mind that teenagers in the house are going to be on and know the wifi code, so it follows that their friends will be on the wifi as well. As a partial mitigation to this, I setup a guest wifi in the house with no access to the local subnet, but this still relies on the main wifi password not being used or discovered - a difficult task that anyone with kids can attest to.
So- the need still stands- an integral/optional method to connect to SONOS.
Page 2 / 5
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.