A situation when you need to know the saved WiFi network password, can arise suddenly. You bought a new router, friends came to visit, or you just switched to an operating system. Linux and want to regain access to the keys you once entered. Unlike Windows, where passwords are hidden deep in the registry, on Linux systems, network connection management is often accomplished through text-based configuration files or specialized command-line utilities.
Restoring access to a wireless network can be done in several ways, depending on whether you're currently connected to the network and what access rights you have. If you're a system administrator, this task can be accomplished in a couple of minutes using the terminal. However, if you don't have superuser rights or the system is running in read-only mode, the methods will vary. In this article, we'll cover all the current methods for extracting security keys for various distributions.
It's worth noting right away that all the methods described below are only legal if you're testing the security of your own network or have official permission from the infrastructure owner. The WiFi password is stored in clear text in NetworkManager configuration files only after the device has successfully connected to the access point. This is a fundamental principle of how most modern desktop environments work, which allows you to avoid re-entering data every time you reconnect.
⚠️ Attention: The interfaces of graphical desktop environments (GNOME, KDE, XFCE) may change with the release of new distribution versions. The placement of buttons and menus sometimes shifts, so be sure to focus on the names of the items, not just their icons.
Using the NetworkManager GUI
The easiest and safest way for beginners is to use the built-in tools of the graphical shell. Most modern distributions, such as Ubuntu, Fedora or Linux Mint, they use NetworkManager for managing connections. This tool has a user-friendly graphical interface that allows you not only to connect to networks but also to view their properties, including security keys.
First, you need to open the system settings. Depending on your Desktop EnvironmentThe path may vary slightly, but the logic remains the same. Typically, you need to find the "Network" or "Wi-Fi" section, select the active connection, and go to its details. There, you'll find a tab with security settings, which is where the access code you're looking for is hidden.
The process of viewing a password via GUI is as follows:
- 🔹 Right-click on the network icon in the tray and select "Network settings" or "Connection settings".
- 🔹 In the window that opens, find the list of known networks, select the desired one, and click the "Settings" button (gear).
- 🔹 Go to the "Security" tab and check the "Show password" box.
If the system prompts you for an administrator or user (polkit) password to display data, enter it. This is a standard security measure to prevent malware or unauthorized users from stealing stored keys. After entering the password, the key field will become readable, allowing you to copy or rewrite it.
However, sometimes the graphical interface may not work correctly or be accessible, for example, when working through a remote SSH session without X11 forwarding. In such cases, the command line, a more powerful and flexible tool, comes to the rescue.
Viewing passwords via the command line and nmcli
The command line is the heart of the operating system. Linux. Utility nmcli (Network Manager Command Line Interface) allows you to manage NetworkManager directly from the terminal. This is the preferred method for system administrators as it is fast, doesn't require a graphical shell, and can be used in automation scripts.
Before attempting to retrieve the password, you need to make sure you know the exact connection name. This may differ from the network's SSID, especially if you manually changed the settings or used automatic name generation. To get a list of all known connections, use the command nmcli connection show.
To view your password, follow these steps:
- Open a terminal and enter the command to view the details of a specific connection, adding the flag to show secrets.
- Use the syntax:
nmcli connection show "ConnectionName" --show-secrets. - Find the line in the output
802-11-wireless-security.psk, the value of which is your password.
Please note that this operation requires root or sudo privileges, as displaying sensitive data is a privileged operation. If you attempt to run the command without elevated privileges, the system will either not display the key field or return an authorization error.
☑️ Check before entering commands
Sometimes a connection name contains spaces or special characters. In this case, be sure to enclose the name in double quotation marks, as shown in the example above. Ignoring this rule will result in a syntax error, and nmcli will not be able to find the required configuration.
Analysis of system configuration files
NetworkManager is based on a file system. All connection settings, including passwords, are stored in special configuration files. By default, they are located in the directory /etc/NetworkManager/system-connections/Direct reading of these files is the most reliable way to access data if graphical utilities fail or are damaged.
Files in this directory usually have the extension .nmconnection or have no extension at all. The file name often matches the connection name, but can be a hash or a random set of characters depending on the distribution version and configuration. To view the file contents, you can use console text editors such as nano or vim, or text output commands.
Let's look at the main parameters that can be found in these files:
- 📁 [wifi-security] — a section containing encryption parameters.
- 🔑 psk — the field where the password is stored in clear text (if it was saved).
- 🛡️ key-mgmt — key management type (usually wpa-psk for home networks).
To view the file, use the command sudo cat or sudo nano. For example: sudo cat /etc/NetworkManager/system-connections/MyHomeWiFi.nmconnectionIn the text that opens, look for the line that begins with psk=The value after the equal sign is your password.
⚠️ Attention: Never edit configuration files manually unless you are confident in the syntax. One extra comma or space can prevent the system from connecting to the network automatically. Use commands
nmclito change the settings.
User only root has read permissions for these files. This is done specifically to protect confidential data from spyware running under a user account with limited rights.
What to do if the file is empty or unreadable?
If the file appears empty or contains strange characters, it may be compressed or encrypted by the system (although this is rare for nmconnection). Also, check the permissions with ls -l. If the permissions are 600 or 000, use sudo. In rare cases, the file may be locked by another process.
Using the wpa_supplicant utility
In some minimalist distributions or server builds that do not use NetworkManager, a daemon is responsible for wireless connections. wpa_supplicantThis is a low-level component that directly interacts with the wireless card driver. The configuration in this case is stored in a file. /etc/wpa_supplicant/wpa_supplicant.conf.
This method is relevant for older systems, servers without a graphical interface or specialized assemblies (for example, Raspberry Pi OS Lite). The configuration file contains blocks for each known network. The file structure differs from NetworkManager files, but the password search principle remains similar.
Example of the structure of a configuration file entry:
network={ssid="MyNetwork"
psk="MyPassword123"
key_mgmt=WPA-PSK
}
If in the field psk If a 64-character hash (hex) is specified, this means the password has been converted to a hash for security. In this case, you won't be able to view the original text password from this file, as the hashing process is irreversible. However, if the password is written in quotation marks as plain text, you can read it.
To view the file, use the command: sudo cat /etc/wpa_supplicant/wpa_supplicant.confIf you see your networks there, you can copy the password directly from there. This method is also useful when transferring settings to another device—you can simply copy this file.
Comparison of access recovery methods
The method you choose depends on your current situation, your system access level, and the distribution you're using. Below is a comparison table to help you quickly determine which method will be most effective in your case.
| Method | Necessary rights | Complexity | Where does it work? |
|---|---|---|---|
| Graphical user interface (GUI) | User (sudo) | Low | Desktop (Ubuntu, Mint, Fedora) |
| nmcli command | Root / Sudo | Average | All distributions with NetworkManager |
| Configuration files | Root | Average | Any Linux |
| wpa_supplicant.conf | Root | High | Servers, Raspberry Pi, older systems |
As the table shows, the graphical interface is the simplest approach, but it's not always available. The command line is universal, but requires knowledge of syntax. Direct file reading is the "heavy artillery" that almost always works, but requires caution.
If you're working on a corporate computer, make sure you have permission to perform these actions. System administrators may log commands run with sudo privileges, and attempting to extract passwords may be considered a security policy violation.
Password recovery via the router's web interface
If none of the software methods on the computer itself help (for example, the password isn't saved in the system, or you're using a guest OS), the last and most reliable option is to view the password in the router's settings. To do this, you'll need a device already connected to the network (via cable or WiFi) and a browser.
You need to find out the IP address of the default gateway. In Linux, this can be done with the command ip route | grep default. Usually this is an address of the form 192.168.0.1 or 192.168.1.1By entering this address into your browser's address bar, you will be directed to the router's authorization page.
Further steps depend on the model of your equipment (TP-Link, ASUS, Keenetic, MikroTik):
- 🌐 Enter the router administrator login and password (often found on a sticker on the bottom of the device).
- 📡 Find the "Wireless", "WiFi" or "Wireless network" section.
- 🔐 Go to the "Security" or "Basic settings" subsection.
There will be a "Password" or "Pre-Shared Key" field. In modern routers, it's often hidden behind asterisks, but there's usually a "Show" button (an eye) next to it or an option to copy the password. If the password is hidden and there's no "Show" button, you can simply replace it with a new one and save the settings. You'll have to reconnect all devices, but access will be restored.
⚠️ Attention: Changing your router's WiFi settings will disconnect all connected devices. Only do this if you're close to the router and can physically reboot it if the settings are incorrect.
This method is great because it's independent of the client's operating system. It doesn't matter if you're using Linux, macOS, or Windows—the settings are stored centrally on the router. It's also a great way to check if someone has changed your password without your knowledge.
Frequently Asked Questions (FAQ)
Is it possible to find out the WiFi password if I have never connected to this network?
No, this is impossible using software. The password is stored either in the router's memory or on devices that have previously entered it. If a device has never been authorized on the network, it doesn't have access to the encryption key. The only option is to brute-force the password (which is illegal without permission) or exploit WPS vulnerabilities if they haven't been patched by the router manufacturer.
Where is the password stored if I use Ubuntu with the Snap version of the browser?
The WiFi password is not related to the browser. It is stored in the NetworkManager system settings (files in /etc/NetworkManager or the GNOME Keyring). The browser uses the existing network connection and doesn't know the WiFi password, unless you're referring to the password for the WiFi service account itself (which is rare).
Is it safe to store passwords in cleartext in configuration files?
From a convenience standpoint, yes. From a security standpoint, it's a risk if an attacker with root privileges gains physical access to your computer. However, the access rights to these files (600) are configured so that a regular user or running program cannot read them without the sudo password. This is considered an acceptable balance between convenience and security for desktop systems.
What should I do if the nmcli command returns a "Not authorized" error?
This means you don't have enough rights. Try adding sudo before the command. If this doesn't help, your system may have a Polkit policy configured to prevent secret disclosure even to the root user in certain contexts, or the configuration file may be corrupted. Check the file permissions. /etc/NetworkManager/system-connections/.