Announcements

Here you will find the download links for all modules
in version 9: TeamViewer 9

Highlighted
Posted by Chiron
Hexagon

Are TeamViewer Credentials at risk?

The recent announcement of KRACK Attacks compromising WPA2, I have been asked about TeamViewer passwords being visible when creating a new session. I think everything is encrypted, but I haven't tested with Wireshark to verify.

Does anyone know for sure?

I don't work for TeamViewer. I'm just a user.
1 Reply
1 Accepted Solution

Accepted Solutions
Posted by Community Manager
Community Manager
Solution

Re: Are TeamViewer Credentials at risk?

Hi @Chiron

Thank you for bringing this topic up.

First of all: TeamViewer is secured, regardless of the network setup on the end-user side.

As you may have read elsewhere, securely encrypted network protocols such as HTTPS and VPN are not weakened by the WPA2 vulnerability.  TeamViewer communications is similarly encrypted and not directly exposed by this risk.

Having said that, all entries in the computers and contacts list are encrypted.

For authentication we use SRP (https://en.wikipedia.org/wiki/Secure_Remote_Password_protocol). This means no password or password equivalent data is send over the network during authentication.

Therefore, the WPA2 issue does not impact TeamViewer (i.e as a software or as a company) nor is it relevant to our product.

I hope this answer is helpful.

All the best, Esther

Community Manager

Did my reply answer your question? Accept it as a solution to help others.
Find this helpful? Say thanks by clicking on the Thumbs Up button. Find more information here: Knowledge Base | Community Blog | How to get started

View solution in original post

1 Reply
Posted by Community Manager
Community Manager
Solution

Re: Are TeamViewer Credentials at risk?

Hi @Chiron

Thank you for bringing this topic up.

First of all: TeamViewer is secured, regardless of the network setup on the end-user side.

As you may have read elsewhere, securely encrypted network protocols such as HTTPS and VPN are not weakened by the WPA2 vulnerability.  TeamViewer communications is similarly encrypted and not directly exposed by this risk.

Having said that, all entries in the computers and contacts list are encrypted.

For authentication we use SRP (https://en.wikipedia.org/wiki/Secure_Remote_Password_protocol). This means no password or password equivalent data is send over the network during authentication.

Therefore, the WPA2 issue does not impact TeamViewer (i.e as a software or as a company) nor is it relevant to our product.

I hope this answer is helpful.

All the best, Esther

Community Manager

Did my reply answer your question? Accept it as a solution to help others.
Find this helpful? Say thanks by clicking on the Thumbs Up button. Find more information here: Knowledge Base | Community Blog | How to get started

View solution in original post