29

I have found several sources describing a String Format used to describe WiFi-Access Settings in the form of:

WIFI:T:WPA;S:mynetwork;P:mypass;;

(example taken from zxing documentation)

For basic WPA-Connections, this works just fine on my Android Device using the Zxing-Barcode-Scanner-App. However, I have been unable to find a way to embed WPA2/EAP-Connection Settings (Also referred to as WPA2 Enterprise) into a scannable 2D-Code. As I expected, inserting "L" (Login), "N" (Name) or "I" (Identification) Parameters at random positions did not really bring any advance.

Has anyone here succeeded in "embedding" WiFi-Connection Settings into a 2D-Scannable Code to work with an Android device?

Thanks for your help!

Lukx
  • 1,283
  • 2
  • 11
  • 20
  • 2
    Just in case you haven't seen this (https://code.google.com/p/zxing/issues/detail?id=589) the issue says that they want to implement it, but they are not able to test it on a server, so they will not implement it until then. – Tamer May 22 '13 at 18:35
  • and an update for follow-up: https://github.com/zxing/zxing/issues/126 – Lukx Mar 01 '15 at 22:20

1 Answers1

8

I found some information on how to format the WiFi config string in the following pull request at the github page of the zxing library project: https://github.com/zxing/zxing/pull/865

The first post contains a template of the string format, including an error (the prefix AI: is wrong, it must read A:, see here). The correct format according to the source is thus:

WIFI:T:WPA2-EAP;S:[network SSID];H:[hidden?];E:[EAP method];PH2:[Phase 2 method];A:[anonymous identity];I:[username];P:[password];;

When I tried this (using the command line tool qrencode) my Barcode Scanner app crashed. After some trial and error I figured that the option for hiding the SSID can be left out:

WIFI:T:WPA2-EAP;S:[network SSID];E:[EAP method];PH2:[Phase 2 method];A:[anonymous identity];I:[username];P:[password];;

With this I'm getting a working entry in the list of known wireless networks in Android 8.

As of now there is no support for declaring a certificate and the respective domain. If this is needed, one can specify it later by adjusting the settings from inside Android's WiFi menu.

Jacob
  • 136
  • 1
  • 4
  • Nice to see it is possible. I had the thought of using EAP on my home network and setting up a mini kiosk (esp32 + lcd?) with a button. Pressing the button would cause an account to be created, with a QR code displayed on-screen for connection of the smartphone. This means a guest can connect to wifi without much trouble. I assume it wouldn't be too difficult to remove/deactivate accounts in RADIUS when they are inactive for a period of time, limiting the number of devices in the wild containing valid credentials for the network. – Mark Apr 25 '21 at 02:52
  • Hi @Mark, I had the same idea, just with a raspberry pi I'm using anyway. You could specify the expiration date of a new generated RADIUS user to be 2 days in the future. That way the automatically generated accounts would expire without you having to worry about anything. – Jacob Apr 27 '21 at 04:26