Technology with attitude

Wi-fi Mythbuster: Do NOT hide your SSID

0

Wi-fi users are often advised to disable or hide the SSID (Service Set Identifier, or simply, the network name) of their routers as a security measure. This tip appears in numerous web pages, books, and magazines. It even shows up on the websites of wireless product manufacturers.

The idea behind disabling SSID is to make your wireless router “invisible” to hackers and other malicious users. Unfortunately, merely disabling SSID is not effective as a security measure, and any active wi-fi router can be revealed quite easily. Free tools like Netstumbler (www.netstumbler.com) will display all active wi-fi routers, regardless of whether their SSID is hidden. Worse, disabling SSID can actually degrade network performance.

The “hide SSID” myth was actually been debunked for years. No less than Robert Moskowitz, senior technical director at ICSA Labs warned against it as far back as Dec 2003, in a paper titled “Debunking the Myth of SSID Hiding” (PDF warning).

“Efforts to hide the SSID are at best half-measures which lead to a false sense of security and to a degradation of wireless network performance.” Moskowitz wrote.

Microsoft also advices against disabling SSIDs, as evidenced by these two pages from its TechNet website — “Non-broadcast Wireless Networks with Microsoft Windows,” and “Non-Broadcast Wireless SSIDs: Why hidden wireless networks are a bad idea.” So, you should merely change your router’s SSID, and not disable it.

For more robust security wi-fi measures, use WPA encryption, set a strong password, and turn on MAC address filtering.

This article originally appeared in Tech.Blorge.com on April 21, 2008.