Hmm I mean, I'm actually attempting to capture the WiFi password. I'm going under the assumption that if they have a profile setup with an SSID that has, say WPA encryption, that when they see a similar SSID name on my router, the device will attempt to connect, send their passphrase which I'd like my router to capture. After which, I'd like to be able to connect to their own router to setup a potential MITM attack.
Are you suggesting that there is a method that will allow them to connect to my router as long as I simply have the same SSID, no password, and later do a MITM attack to capture their WiFi password?
To be clear I'm just looking for a way to get WPA passwords, after learning WEP attacks here, I figure I'd try to think of a way to get WPA passwords without having to do a dictionary attack on a captured handshake. Since I live in a country where the first language is not english, dictionary attacks are very very hard to do.