System and method for securely configuring a new device with network credentials

What is claimed is: 1. A method comprising: establishing a short range local wireless connection between a first Internet of Things (IoT) device and a mobile device of a first user having an IoT app installed, the mobile device to couple the first IoT device to an IoT service; receiving a request from a user from the mobile device to configure the first IoT device using network credentials from a second IoT device, the second IoT device registered with an account of the user on the IoT service and configured to connect to a secure network of the user with the network credentials; establishing a communication channel between the first IoT device and the second IoT device through the IoT service and the mobile device; implementing a sequence of security transactions between the first IoT device and second IoT device to determine a shared secret; encrypting the network credentials at the second IoT device using the shared secret to generate encrypted network credentials; transmitting the encrypted network credentials to the first IoT device over the communication channel; decrypting the network credentials at the first IoT device using the shared secret; and using the network credentials at the first IoT device to securely connect to the secure network. 2. The method of claim 1 wherein the secure network comprises a WiFi network and the network credentials comprise a passcode and a Service Set Identifier (SSID). 3. The method of claim 2 further comprising: displaying a graphical user interface (GUI) within the IoT app on the mobile device, the GUI to display a listing comprising one or more entries, at least one entry associated with second IoT device and indicating an SSID associated with the second IoT device, the user to generate the request to configure the first IoT device by selecting the entry associated with the second IoT device. 4. The method of claim 3 wherein the SSID and passcode are stored in at least one attribute on the second IoT device, wherein the second IoT device is to encrypt the at least one attribute and transmit the encrypted attribute to the first IoT device with an attribute UPDATE command. 5. The method of claim 4 wherein the first IoT device is to decrypt the at least one attribute using the shared secret to generate at least one decrypted attribute, the first IoT device to store the at least one decrypted attribute prior to using the SSID and passcode to connect to the WiFi network. 6. The method of claim 5 further comprising: associating the first IoT device with the user's account on the IoT service. 7. The method of claim 1 wherein the sequence of security transactions between the first IoT device and second IoT device comprise a key exchange protocol usable to determine the shared secret at both the first IoT device and the second IoT device. 8. The method of claim 1 wherein the short range local wireless connection comprises a Bluetooth connection. 9. A non-transitory machine-readable medium having program code stored thereon which, when executed by one or more machines, causes the machines to perform the operations of: establishing a short range local wireless connection between a first Internet of Things (IoT) device and a mobile device of a first user having an IoT app installed, the mobile device to couple the first IoT device to an IoT service; receiving a request from a user from the mobile device to configure the first IoT device using network credentials from a second IoT device, the second IoT device registered with an account of the user on the IoT service and configured to connect to a secure network of the user with the network credentials; establishing a communication channel between the first IoT device and the second IoT device through the IoT service and the mobile device; implementing a sequence of security transactions between the first IoT device and second IoT device to determine a shared secret; encrypting the network credentials at the second IoT device using the shared secret to generate encrypted network credentials; transmitting the encrypted network credentials to the first IoT device over the communication channel; decrypting the network credentials at the first IoT device using the shared secret; and using the network credentials at the first IoT device to securely connect to the secure network. 10. The machine-readable medium of claim 9 wherein the secure network comprises a WiFi network and the network credentials comprise a passcode and a Service Set Identifier (SSID). 11. The machine-readable medium of claim 10 further comprising: displaying a graphical user interface (GUI) within the IoT app on the mobile device, the GUI to display a listing comprising one or more entries, at least one entry associated with second IoT device and indicating an SSID associated with the second IoT device, the user to generate the request to configure the first IoT device by selecting the entry associated with the second IoT device. 12. The machine-readable medium of claim 11 wherein the SSID and passcode are stored in at least one attribute on the second IoT device, wherein the second IoT device is to encrypt the at least one attribute and transmit the encrypted attribute to the first IoT device with an attribute UPDATE command. 13. The machine-readable medium of claim 12 wherein the first IoT device is to decrypt the at least one attribute using the shared secret to generate at least one decrypted attribute, the first IoT device to store the at least one decrypted attribute prior to using the SSID and passcode to connect to the WiFi network. 14. The machine-readable medium of claim 13 further comprising: associating the first IoT device with the user's account on the IoT service. 15. The machine-readable medium of claim 9 wherein the sequence of security transactions between the first IoT device and second IoT device comprise a key exchange protocol usable to determine the shared secret at both the first IoT device and the second IoT device. 16. The machine-readable medium of claim 9 wherein the short range local wireless connection comprises a Bluetooth connection. 17. A system including a first Internet of Things (IoT) device, a second IoT device, an IoT service, and an IoT app to be installed on a mobile device of a user, the system including circuitry and program code to securely provide network credentials from the second IoT device to the first IoT device, the system comprising: the IoT app on the mobile device generating a request to configure the first IoT device using network credentials from the second IoT device responsive to user input, the second IoT device registered with an account of the user on the IoT service and configured to connect to a secure network of the user with the network credentials; the first IoT device to establish a communication channel with the second IoT device by first establishing a short range local wireless connection with the mobile device of the user, the IoT app on the mobile device to connect with the IoT service, and the IoT service to connect with the second IoT device, wherein the communication channel comprises the short range local wireless connection, the connection between the IoT app and the IoT service, and the connection between the IoT service and the second IoT device; the first and second IoT devices comprising connection management logic to implement a sequence of security transactions between the first IoT device and second IoT device to determine a shared secret; the second IoT device encrypting the network credentials using the shared s