This is a half-baked idea that's been knocking around in my mind for a couple of years now, I've never implemented it and maybe it's more of a solution in search of a problem, but I digress.

I've seen several places where they have guest WiFi and they have had all sorts of strange solutions for making sure their guest WiFi is only used by guests and not all and sundry. Often this boils down to some horrible man-in-the-middle proxy that asks you for some sort of detail like your hotel reservation code or your flight number or some number printed on your coffee receipt.

So I thought about using a Time-based One-time Password to generate a new code every day. The same way that the codes in Google Authenticator (or you 2FA app of choice) but instead of a 6 digit code numeric with a period of 30 seconds use a 12 digit base64 code and a period of 24 hours.

Then use some sort of network management software (or python and requests cludged together) to set the code as the PSK for your Guest WiFi. And put that code up on an LCD screen or somewhere your customers can see it but not public.

I did say this idea was half-baked, didn't I? To be honest the idea just interests me more because I think it would be an interesting application of ToTP codes to generate new random passwords every day rather than because I can think of any situations where it would actually be practical and useful.