How to Find a Wi-Fi Password Using the Command Prompt: A Complete Guide

Connecting a new device or guest to the network, but losing or forgetting the password, is a classic problem in home and office network administration. Fortunately, the operating system Windows stores security keys for all previously successful connections in a secure registry. This data can be accessed not only through the graphical settings interface, but also using a more powerful and flexible tool— command line.

Using the console not only allows you to quickly retrieve a forgotten key, but also audit connections and clean up profiles. This is especially important for system administrators working remotely or managing a large fleet of computers. In this article, we'll detail the syntax of the necessary commands and discuss the specifics of using the utility. netsh and discuss security measures when working with sensitive data.

How Netsh Works in Windows

The main tool for managing network configurations in the Windows environment is the utility Netsh (Network Shell). This is a powerful command-line scripting tool that allows you to display or modify the network configuration of a local or remote computer. It operates in various contexts, each representing a set of functions for a specific network service or component, in our case, for WLAN (Wireless Local Area Network).

When you enter commands to view passwords, you are actually accessing the profile that Windows created the first time you successfully connected to the access point. This profile stores SSID (network name), encryption type, and the security key itself, encrypted using system tools. The command line only serves as an interface for decoding and displaying this information in a readable form if the user has the appropriate access rights.

It's important to understand that working with network profiles requires elevated privileges. Running the console as a non-administrator user will result in an access denied error when attempting to request key data. This is a built-in operating system protection mechanism against unauthorized access to credentials by attackers or malware.

⚠️ Note: The commands described in this article only work for networks to which your computer has previously connected. This method will not allow you to find the password for a Wi-Fi network you've never connected to.

Prepare the command prompt and run it with administrator rights

Before entering specific codes, it's important to properly prepare the execution environment. Standard user mode restricts access to system network settings, so the first step should always be launching a terminal with elevated privileges. This is a critical step, and ignoring it is the most common cause of script failure.

There are several ways to open the desired interface. The fastest option for modern versions of Windows 10 and 11 is to use the search in the taskbar. Type "cmd" or "Command Prompt," then select "Run as administrator" from the menu that appears on the right. An alternative method is to use a keyboard shortcut. Win + X and select "Windows PowerShell (Administrator)" or "Windows Terminal", as they are fully compatible with CMD commands.

Once the window opens, you will see a prompt with a black or blue background, usually containing the path to a system folder, such as C:\Windows\system32>Make sure the window title says "Administrator." If this word isn't present, password extraction commands will return an "Access Denied" error or simply won't display the key.

  • 🔍 Click Win + S and type "cmd" to search for the application.
  • 🚀 Right-click on the result and select "Run as administrator".
  • ✅ Confirm the action in the User Account Control (UAC) window by clicking "Yes."
📊 Which interface do you prefer for working with the network?
Windows graphical interface
Command Prompt (CMD)
PowerShell
Third-party utilities

Viewing a list of saved Wi-Fi profiles

Before searching for a specific password, you need to make sure the profile you're looking for is actually saved in your computer's memory. Windows stores a history of all networks you've connected to, and each has its own unique identifier. To get a complete list, use the profile list command.

Enter the following instruction into the console: netsh wlan show profilesAfter pressing Enter, the system will parse the registry and display a list of all known networks. At the top of the window, you'll see the heading "User Profiles," and below that, a list of names (SSIDs). Names may be displayed with prefixes indicating the profile type or group.

If the list is very long and doesn't fit on the screen, you can use the filter modifier, although standard output is usually informative in this case. Be careful to spell the network name exactly, including spaces and special characters, as it will be used as a command argument in the following steps. A single letter error will result in a message about a missing profile.

netsh wlan show profiles

The command output also shows whether the profile is group (applies to all PC users) or user-specific. This isn't crucial for password extraction, but it's useful for understanding the overall structure of your device's network settings.

Extracting the password of a specific network connection

Once you've determined the exact name of the desired network, you can proceed to obtaining the security key. To do this, use an extended version of the show profiles command with a key parameter. The syntax requires specifying the profile name and a flag that allows the display of secret data in cleartext.

The basic structure of the command looks like this: netsh wlan show profile name="Network_Name" key=clear. Here is the parameter name indicates the target profile, and key=clear Instructs the system to decrypt and display the security key. Without the second parameter, the system will only show asterisks or hide the key field.

In the resulting report, find the "Security settings" section. Within this section, you'll see a line labeled "Key Content." The value next to this line is the password you're looking for. Other information, such as the encryption type (WPA2-Personal, WPA3) or authentication type, is for reference only.

netsh wlan show profile name="WiFi_Name" key=clear

It's worth noting that if the network uses enterprise encryption (WPA-Enterprise), a simple password (a string of characters) may not be present, as authentication occurs via certificates or domain login/password. In such cases, the key field may be missing or irrelevant for manual entry on other devices.

☑️ Password retrieval algorithm

Completed: 0 / 5

Analysis of security and encryption parameters

The command line provides not only the password itself but also detailed technical information about the connection parameters. This is useful for diagnosing compatibility issues or checking the network's security level. The command output displays the encryption type, security method, and even the radio module type, if one was detected.

Particular attention should be paid to the "Encryption Type" (Cipher) field. Modern security standards recommend using WPA2-Personal or the newest WPA3If you see an outdated protocol WEP or TKIP, this is a signal that your network security is at risk and your router settings need to be updated. The command line allows you to quickly audit all saved networks for weak protocols.

The report also contains information about the authentication type. For home networks, this is typically "WPA2-Personal," while in the corporate sector, "WPA2-Enterprise" is used. Understanding these differences helps correctly configure new devices that may require a specific security method to be selected upon connection.

Parameter Description Recommended value
Authentication Authentication method WPA2-Personal / WPA3
Cipher Data encryption algorithm CCMP (AES)
Security key Presence of a key in the profile Present
Connection mode Connection mode Manual / Auto

Using this data allows you not only to restore access but also to conduct a security audit. For example, you might discover that your laptop automatically connects to an open network with a similar name and delete this profile to avoid potential risks.

⚠️ Note: Command line interfaces may vary slightly depending on your Windows version (7, 8, 10, 11) and locale. Field names in the output (e.g., "Key Content" vs. "Key Content") depend on your system locale.

Deleting profiles and managing saved networks

The command line allows you to not only read but also modify the network list. Over time, the database accumulates profiles from cafes, hotels, or old routers that are no longer in use. Deleting them helps clean up the registry and speed up the network search process during scanning.

To delete a specific profile, use the command netsh wlan delete profile name="Network_Name"This operation is irreversible through standard rollback, so before deleting, make sure you save the password in case you need it again. After running the command, the profile will disappear from the list, and Windows will prompt you for the password again when you try to connect to this network.

There is also the option to export profiles to XML files to transfer settings to another computer or to create a backup copy. Command netsh wlan export profile folder="path" key=clear Creates configuration files containing all settings, including cleartext passwords. This is a powerful tool for system administrators deploying settings across multiple workstations.

netsh wlan delete profile name="Old_Network_Name"

It's important to exercise caution when working with profile export and import. Files received with the flag key=clear, contain passwords in plain text, and anyone who gains access to this file will be able to read the keys. Store such backups in secure locations.

What to do if the delete command doesn't work?

If the system reports "Profile not found," check the exact profile name using the show profiles command. Sometimes names contain hidden characters or are case-insensitive. Also, make sure you're running the console as an administrator.

Frequently Asked Questions (FAQ)

Is it possible to find out my neighbors' Wi-Fi password using the command line?

No, it's technically impossible using the method described. The command line only shows passwords for networks to which your computer has previously connected and saved a profile. Connecting to other networks requires knowledge of the key in advance or physical access to the router.

Why does the command show "Access Denied"?

You most likely launched the command prompt in normal user mode. Administrator privileges are required to work with network security keys. Close the window and run cmd by right-clicking with the option "Run as administrator".

Where are these passwords stored in the system?

Profiles and keys are stored in a protected part of the Windows registry and in system configuration files, access to which is strictly regulated. Utility netsh is a legal interface for accessing this data for authorized users.

Does this method work on Windows 7 and 8?

Yes, command syntax netsh wlan remains virtually unchanged since Windows 7. However, the output interface (field names) may differ depending on the language of the installed operating system.