How To Hide Your WiFi Network & Prevent It From Being Seen

hidessid1   How To Hide Your WiFi Network & Prevent It From Being SeenWireless networks are, by their nature, less secure than wired ones. While many users overestimate the potential security problems that can stem from a wireless network, there are still some risks that don’t exist with wired options, however minor they may be.

Some users try to hide their WiFi network as part of their wireless security. Hiding your WiFi network effectively cuts it off from people who don’t know the SSID ““ or at least, that’s the theory. In truth, this technique has flaws, but it’s easy enough to execute.

A Quick SSID Intro

hidessid2   How To Hide Your WiFi Network & Prevent It From Being Seen

The SSID (Service Set Identifier) of a router is the name that it broadcasts to identify itself. This is a feature you’ve already used if you have ever connected to a wireless network, and it helps users separate the many different signals riding the airwaves. When you visit a coffee shop with free WiFi, for example, you usually know the right network to connect to because it is labeled with the shop’s name.

SSIDs are broadcasted voluntarily, however. Every router broadcasts one by default, but the option can be turned off. When you turn off SSID broadcast, others won’t be able to pick up the broadcast of your wireless network and they won’t know to whom the network belongs to.

The Limitations Of SSID Hiding

hidessid4   How To Hide Your WiFi Network & Prevent It From Being Seen

At least, that’s the theory. The problem with SSID hiding is that hiding wireless signals is impossible. SSID or not, your router is still broadcasting radio waves in all directions, which means that those waves can be intercepted. They won’t have an SSID attached to them, but there are other ways to separate wireless networks.

This means that hiding your SSID won’t hide your wi-fi network from someone using a WiFi network scanner.  Anyone who is going to try and crack a wireless network will be using one of those anyway, so the utility of hiding an SSID is fairly limited.

How To Hide Your SSID

hidessid5   How To Hide Your WiFi Network & Prevent It From Being Seen

If you’re still interested in hiding your SSID, I have good news ““ the process of doing so is quite simple.

First, you’ll need to log onto your router. This is done by entering the local IP address of your router into your web browser ““ in most cases, this is 192.168.0.1. You’ll be presented with a login page prompting you with a username and password. Hopefully you will have customized this, but if not, refer to your router’s manual for the default information.

Once you’re in, navigate to your router’s wireless settings page, find the SSID broadcast option (usually a checkbox) and uncheck it. Then, save your new settings. It’s that easy. Just make sure you know your SSID, because you’ll need to have that information if you want to connect ““ if you’re not using a WiFi sniffer, at least.

Conclusion

I’ve already said that hiding your SSID isn’t really a method of improving your security, but I want to stress that point. Many people want to know how to hide their SSID, and I can only assume they would want to do so under the assumption that it will make them more secure.

Wireless just doesn’t work that way. The only protection this offers is against an uninformed user who is trying to find a specific network, perhaps as a means of identifying where a person lives, or trying to guess the network’s password (you do have a secure password, right?).

The comments were closed because the article is more than 180 days old.

If you have any questions related to what's mentioned in the article or need help with any computer issue, ask it on MakeUseOf Answers—We and our community will be more than happy to help.

24 Comments -

Mediere

Thanks for sharing, now i can keep my neighbors from finding my connection.

Theapoc

You should consider that some devices and computers do not like connecting to networks with hidden SSID making it a pain to keep some home networks running smoothly.

M.S. Smith

No, some devices don’t. It’s an side effect, as Mike noted below.

This is not something I’d consider an optimal or recommended solution. I actually hoping that people who might have simply hidden their SSID and called everything fine and dandy will come away with this article with an understanding of why it’s not really a good form of security.

John E.

One problem I find with this though is that my devices don’t seem to connect automatically to the network..

Mike

Here is the problem: SSID Broadcast is part of the IEEE 802.11 specification.

Hiding your networks SSID will cause problems in some way or another. This includes some devices not being able to connect to the network, problems with automatically connecting and authentication problems depending on your security and encryption settings.

The other point is that your SSID will still be broadcastest ~ not from your Router, but your device if it is set to automatically connect to the network.
Instead of looking through the available networks your device will broadcast the SSID constantly [and everywhere] waiting for an answer from the Router.

Here is another great article about this:
http://blogs.technet.com/b/ste

Mike

Here is the problem: SSID Broadcast is part of the IEEE 802.11 specification.

Hiding your networks SSID will cause problems in some way or another. This includes some devices not being able to connect to the network, problems with automatically connecting and authentication problems depending on your security and encryption settings.

The other point is that your SSID will still be broadcastest ~ not from your Router, but your device if it is set to automatically connect to the network.
Instead of looking through the available networks your device will broadcast the SSID constantly [and everywhere] waiting for an answer from the Router.

Here is another great article about this:
http://blogs.technet.com/b/steriley/archive/2007/10/16/myth-vs-reality-wireless-ssids.aspx

Mike

MAC Filtering doesn’t add any real security either

Your MAC address is send with every single packet unencrypted! All I have to do is capture ONE packet to get my hands on it. Then I use one of the thousends of options to spoof my adapters address to the one I captured and I’m in your network.

Don’t get me wrong ~ I’m a friend of MAC Filtering myself but it’s just another layer of obstacles not security [like SSID Hiding].
The only benefit of MAC Filtering is that you will be notified if your computers MAC is used more then once within the network at the same time since it’s supposed to be a unique Address.

Looking at the real world application:
You probably have a Laptop, Mobile Phone plus a third WiFi device connected to your network. If I want to get in all I have to do is wait for one device to go offline (no more data from this MAC address captured) and then use it to gain access.

Going MAC Filtering only is kind of an invite to go through your network :-)

Nick

Rather than hiding it, some routers allow you to create an access list of MAC addresses. That way, regardless of whether or not the router is password protected or the SSID is hidden, only computers you own and add to the access list can access the router. I just created an access list and left the network open. It allows machines with older operating systems to connect easily.

Mike

MAC Filtering doesn’t add any real security either

Your MAC address is send with every single packet unencrypted! All I have to do is capture ONE packet to get my hands on it. Then I use one of the thousends of options to spoof my adapters address to the one I captured and I’m in your network.

Don’t get me wrong ~ I’m a friend of MAC Filtering myself but it’s just another layer of obstacles not security [like SSID Hiding].
The only benefit of MAC Filtering is that you will be notified if your computers MAC is used more then once within the network at the same time since it’s supposed to be a unique Address.

Looking at the real world application:
You probably have a Laptop, Mobile Phone plus a third WiFi device connected to your network. If I want to get in all I have to do is wait for one device to go offline (no more data from this MAC address captured) and then use it to gain access.

Going MAC Filtering only is kind of an invite to go through your network :-)

Nick

Yes, I understand that. But someone who can spoof a mac address usually also has the tools to scan for unbroadcasted SSID’s and even then is very likely to have the tools to crack WEP or WPA encrypted networks. It’s only a suggestion for those who even dare to stoop so low to stop broadcasting their SSID’s.

M.S. Smith

I don’t think this is something I’d suggest.

Yes, it’s likely that someone who would spoof a Mac address has tools for cracking networks. But security is often about making things harder, even when you know your efforts don’t make breaching your security impossible.

Even cracking WEP security isn’t something I would call “easy.” Cracking WPA is something only people who truly are hackers are going to have the patience and knowledge to do.

Still, to each there own. I just wouldn’t recommend this to most people.

Nick

Just for the record, it takes less then 5 minutes to crack WEP. I know this from experience. As for WPA, if you change your password frequently (i.e. every 2 weeks for random characters) then you should be fine. If you don’t then you have a problem. WPA can be cracked offline. You only need to capture so many packets and then you can go home and run those packets through a cracker. WEP has to be cracked while in range of the network.

M.S. Smith

I don’t think this is something I’d suggest.

Yes, it’s likely that someone who would spoof a Mac address has tools for cracking networks. But security is often about making things harder, even when you know your efforts don’t make breaching your security impossible.

Even cracking WEP security isn’t something I would call “easy.” Cracking WPA is something only people who truly are hackers are going to have the patience and knowledge to do.

Still, to each there own. I just wouldn’t recommend this to most people.

M.S. Smith

No, some devices don’t. It’s an side effect, as Mike noted below.

This is not something I’d consider an optimal or recommended solution. I actually hoping that people who might have simply hidden their SSID and called everything fine and dandy will come away with this article with an understanding of why it’s not really a good form of security.

Elton Sites

It seems hiding your SSID will not help you secure your wireless network from those experienced hackers but will secure your network for those less techy ones. I guess, there is no effective way than having a good password and change it often.

Nick

Not to be mean, but the only real way to keep your network safe is to keep everything wired and make sure you have good locks on your doors and windows.

Elton Sites

LOL… there is no better security for a determined thief.

Matt

A MAC address filter is not a secure method of locking your wifi. An attacker can easily spoof a MAC address (borrowed from one of your connected devices), and connect to your network. The best way to secure your network is to use WPA (PSK) or WPA2 ensuring you use a random character password over 14 characters long.

PragatiChaplotJain

Whenever I run a scan for available wireless networks in my neighborhood, I often come across open or unsecured networks. Not broadcasting the SSID , only allows any strangers from using your wireless network bandwidth but does not leave it secured. It is important that one locks down his Home Wifi network. Look at this post that amplifies this fact and talks about wireless security: http://links.maas360.com/WiFiL

PragatiChaplotJain

Whenever I run a scan for available wireless networks in my neighborhood, I often come across open or unsecured networks. Not broadcasting the SSID , only allows any strangers from using your wireless network bandwidth but does not leave it secured. It is important that one locks down his Home Wifi network. Look at this post that amplifies this fact and talks about wireless security: http://links.maas360.com/WiFiLockDown

Mike

Leaving RADIUS aside since it’s kind of a setup overkill for private networks there are three simple guidelines to WiFi security:

1. use WPA/WPA2
2. use a strong passphrase (10+ characters, lowercase, uppercase, numbers)
3. don’t use any word or combination that is language, person or company associated, don’t use consecutive or common constellations like abc, qwert,1234,1q2w3e4r and the like

This basically screws up any short term attempt to crack the network.

Dictionary attacks will fail, compiled Rainbow tables with common combinations and data associated to you, the company, your location and other reasonable stuff are rendered useless.

This leaves the cracker only the option to use brute force.
Unless this person got access to a supercomputer or a huge nVidia Tesla farm it will take dozens of years to crack it.

I didn’t mention the use of special characters (_-@#$%^&*) for the simple reason that some devices can’t handle these.

IR35

Never realised you could hide your network from other people seeing it – that is very useful indeed! I’ll be using it for our IR35 network.

Gameoman

Thanks for giving nice information. I will try on my wireless onnection

KnowsThat

For the bigger picture, I think this video pretty accurately captures the situation today: http://www.youtube.com/watch?v