Many people are familiar with the situation of needing to connect to a wireless network but hopelessly forgetting the password. It often happens that a laptop remembers the network and logs in automatically, but a new gadget or smartphone requires a security key. In this case, the Windows operating system comes to the rescue, storing data on previously used connections.
There are several ways to extract this information, but the most reliable and universal method is to use command lineThis tool allows you to interact with system services directly, bypassing the graphical settings interface. This method works on most versions of Windows, from older versions of Windows 7 to the latest releases.
It's important to understand that you'll need administrator rights to perform these operations. Without the appropriate privileges, the system won't allow you to view saved security keys to protect user data. We'll walk you through a detailed procedure to help you regain access to your network.
Getting Started with the Command Line
Before you begin, you must launch the console with elevated privileges. This is a critical step, as queries to the WiFi profile database require access to system configuration files. Simply opening a cmd window won't suffice—the system will simply return an access denied error.
There are several ways to launch the terminal. The fastest way is to use the search in the Start menu. Type in the search box cmd or command line, then select "Run as administrator" from the results on the right. Alternatively, you can press the keyboard shortcut Win + X and select "Windows PowerShell (Administrator)" or "Windows Terminal (Administrator)".
Once the window opens, you'll see a black or blue background with a blinking cursor. The interface may seem austere, but it's here that powerful network management tools are hidden. Make sure the device you're using has previously connected to the network whose password you need to find out.
⚠️ Note: If you are using a corporate computer, running the command prompt as an administrator may be blocked by your IT department's security policies. In this case, please contact your system administrator.
☑️ Check before you start
Viewing a list of saved networks
The first step is to get a list of all wireless networks whose profiles are saved on your computer. The operating system stores connection history, and even if you're not currently connected to the router, data about it may still be stored. For this, use the utility netsh (Network Shell).
Enter the following command in the window that opens and press Enter:
netsh wlan show profiles
The system will generate a report with a "User Profiles" section. In the "All User Profiles" column, you'll see a list of all networks the device has ever connected to. Network names (SSIDs) will be listed alphabetically.
Carefully review the list and note the exact name of the desired network. If the name contains spaces or special characters, you will need to take this into account when entering further commands. In some cases, names may appear with a suffix indicating the security type or domain affiliation.
Obtaining the password for a specific network
Once you've chosen a profile name, you can begin extracting the security key. The command must include the profile name in quotation marks if it consists of multiple words. The query syntax is strictly defined, and a single character error will result in a "Profile not found" message.
Use the following command template, substituting your network name:
netsh wlan show profile name="Network_Name" key=clear
Pay attention to the parameter key=clearThis parameter tells the system that we want to see the key's contents in plain text, not hidden behind asterisks. Without this parameter, you'll only see general profile information, not the actual password.
In the response you receive, find the "Security Settings" section. We're interested in the "Key Content" line. The value to the right of the colon is your WiFi router password.
Analysis of security and encryption parameters
In addition to the password itself, the command line provides detailed information about the security protocols used on the network. This is useful for diagnosing connection issues with new devices that may not support older encryption standards. In the command output, you'll find the "Encryption Type" and "Security Type" lines.
Modern networks use the standard WPA2-Personal or newer WPA3If you see WEPThis is a signal that your network is vulnerable. Such networks are easily hacked, and in this case, you should change the password immediately through the router's web interface.
The report also displays the MAC address (BSSID) of the access point to which the last connection occurred and the radio type (802.11n, 802.11ac). This data helps us understand the network's operating frequency and whether the access point has been spoofed.
| Parameter | Description | Recommended value |
|---|---|---|
| Security type | Authentication protocol | WPA2-Personal / WPA3 |
| Encryption | Data encoding algorithm | AES |
| Radiotype | Wireless communication standard | 802.11ac / 802.11ax |
| Channel | Frequency range | Auto or free |
Export all profiles to a text file
If you need to save passwords for all networks at once or transfer them to another computer, manually entering commands for each profile will be ineffective. Windows allows you to export the configuration of all profiles to XML files. These files will store passwords in encrypted form, but when exported with the clear flag, they will become readable.
For bulk export use the command:
netsh wlan export profile key=clear folder="C:\WiFi_Passwords"
This command will create a folder WiFi_Passwords on the C drive and save separate XML files for each network there. By opening such a file with Notepad, you can find the tag keyMaterial, inside which the password will be indicated in clear text.
This method is convenient for system administrators who need to deploy the same settings to multiple workstations. However, remember to delete these files after use, as they contain sensitive information.
⚠️ Warning: XML files created with the key=clear parameter contain cleartext passwords. Do not share these files with third parties and delete them immediately after use.
Deleting profiles and clearing history
For security reasons, it's sometimes necessary to delete saved network profiles you no longer use. This prevents your device from automatically connecting to public or unsecured networks in the future and clears the database of outdated keys.
To delete a specific profile, use the command:
netsh wlan delete profile name="Network_Name"
If you need to delete all profiles at once, you can use a command with a wildcard (asterisk), although in standard Windows, scripts or PowerShell are more commonly used for this. In the classic CMD, it's easier to delete profiles one by one or through the network management graphical interface.
After deleting the profile, the system will forget the network and password. The next time you connect, you'll need to re-enter the security key. This is a good practice after changing the router password to avoid connection conflicts.
What to do if the command fails?
If the system displays "Access Denied" even when running as administrator, check to see if your antivirus software is blocking access to network settings. The WLAN AutoConfig service may also be the issue—make sure it's running (services.msc).
Frequently Asked Questions (FAQ)
Is it possible to find out the WiFi password if I have never connected to this network from this PC?
No, the command line only displays saved profiles. If the computer hasn't connected to the network before and doesn't have the network stored, it's impossible to find the password using CMD. You'll need physical access to the router or other device where the password is stored.
Does this method work on Windows 10 and 11?
Yes, the commands described netsh wlan are fully compatible with all modern versions of Windows, including Windows 7, 8, 10, and 11. The command syntax has remained unchanged for many years.
Is it safe to store passwords in XML files?
Storing passwords in plaintext XML files is unsafe. Such files should be stored in secure directories with restricted access or using disk encryption. It's best to destroy the files after use.
What should I do if I see asterisks or dots instead of a password?
This means you forgot to add the parameter key=clear at the end of the command. Without this flag, the system hides the security key by default for privacy purposes.
Is it possible to recover a password via PowerShell?
Yes, PowerShell also supports running netsh commands. PowerShell also has specialized cmdlets for working with networks, but using netsh remains the most universal and easiest method for most users.