Originally published at: http://www.howtogeek.com/howto/28653/debunking-myths-is-hiding-your-wireless-ssid-really-more-secure/
Seems like every guide to securing your wireless network tells you to keep your SSID from broadcasting to make your network more secure, but is that really worthwhile? Let’s take a look at one of the silliest myths out there.
SSID hiding is a good measure for when I see a new "How to Secure Your Wireless Network" article.
Usually in a out of date and misinformed article it will be the no.1 recommendation before MAC filtering. So when I see that I know I can ignore the article and move on.
Excellent article. I definitely sit on the side that security through obscurity is more of a hindrance than a helper. I will give hidden networks one positive: if people dont know the network is there, they wont bug you for the name and key.
The fact that someone has to be running specific software within a broadcast range of a client in order to even know that said WiFi exists is a bonus security feature for me. I don't mind a few extra steps when I only have to set it up once. I know it's not literally more secure, however it is relatively more secure.
I don't connect to public Wifi... there should be an article on that .
I agree exactly with Wysir too: bonus + I don't mind the few extra steps: not complicated.
Plus the fact that you make sure that normal people walking around don't ask employees for that specific SSID network password since it's not showing. I'm always worry that a staff inadvertently gives away the password for the wrong SSID.
In my office, for example, I have 2 SSID:
- one "public" (and broadcasted) for visitors,with access only to the internet: the password is known by most employees but not readily available; and
- another one "private" (and not broadcasted) for the staff, with access to our server + network resources (printers, NAS, etc.).
This article is mostly a load of bull, half-truths etc...
I do agree that simply hiding your SSID is not secure, in this day and age I think most know to enable WPA2 or at the very least WEP encryption.
Hiding your SSID does acomplish one thing though, keeps average joe off your network. As for hackers - they'll get in no matter what if they want in badly enough.
As for Kismet etc... they require people to actually download an app, and while available freely, most people wouldn't go through the trouble.
Absolutely nothing wrong with hiding your ssid as long as you've got connection encryption enabled as well, and even if you don't have encryption, it will at the very least keep the less tech-savvy off your network.
IMHO, use both - hide your SSID AND encrypt your connection. (WPA2) At the very least they won't be able to identify that you have a wireless network by simply checking their laptop for available wireless networks. And that in itself adds a bit of security - not much - but better than nothing.
Guys, hiding your SSID just isn't worth it so the article is quite correct. No bull here.
It's as useful as hiding a Sherman tank with a napkin.
You are just making life more difficult.
People just love doing outdated stuff just cos it makes them feel more 'Tech'.
No, it's like hiding a Sherman tank with a cloaking device. You will have to install an infrared scope and search in the right area to realize it exists.
No, using WPA2 and a password will keep all of the average joes off your network.
Anybody that has the skills to crack a WPA2 network isn't going to be stopped by a hidden SSID... in fact, that might make them more likely to want to get in.
Why dont you read my entire comment, not nitpick sections of it for sensationalism. I DID say USE encryption. I am not promoting "Hiding your SSID" as a sole method for securing it, thats stupid. BUT, it does help. You can only access a wireless network if you know it is there.
Personally I hide my SSID use WPA2 and I do MAC filtering.
So taking 15 seconds to manually saet up the Network porfile (Which you only have to do once per device) is too much trouble? Damn, people have become lazy as hell. Yes SSID hiding in a business enviroment - not an option - but perfect (In conjunction with WPA2 & MAC Filtering) to keep neighbors from even being aware of your wifi.
Hey if you want to waste your time with out dated procedures then that's up to you.
A decent WPA2 password will keep out 99.99%of folks. The other technically adept .01% (the ones that really want to get in for some reason) will just walk over your hidden SSID and MAC filtering in seconds.
It's not being lazy it's just knowing what the real likely threat is out there, moving forward and not using obsolete security methods.
My point is that hiding your SSID does absolutely nothing to promote security and is only a hassle to deal with.
Setting a strong WPA2 password will stop every average joe from getting on your network.
Every. Single. One.
Because there are zero average joes that would be able to get past a tough WPA2 password, anything you do on top of setting a strong WPA2 password is pointless. It would be like adding two padlocks to the chicken cage to prevent the chickens from getting out.
And since hiding your network doesn't actually stop the tiny percentage of people who might have a chance of cracking your network, it's extra pointless.
It is actually better for security but it certainly isn't a solution for actual security. You would need to still use WPA2 or something else to secure it though hiding it does give a bit of Security through Obscurity benefits. However, with that said, the tiny amount of benefit it provides is not worth the hassle of dealing with it.
I don't know where everyone is getting "not worth the hassle, just a waste of time, don't want to deal with it, etc."
When setting up your network hiding the SSID usually takes ZERO extra time, just click a radio button/check box on the page where you are already setting up the wireless.
You are already using a key that you need to enter when connecting which takes what, 30 seconds at least if the key is worth anything? Typing in the SSID probably takes 5 seconds unless you get stupid with the name.
So you either click view networks, connect, and type in the key or you click add, type SSID, and type the key.
So 5 extra seconds per device is really that big of a hassle? Not for me because it keeps the freeloaders from bugging me for WiFi because they don't know it exists.
Security? Not really. Hassle or time consuming? Nope. Smart? Yup.
If hidden SSID isn't effective, then why do my logs for the past five years with router protected by hidden SSID plus a MAC whitelist show zero logons by people outside my family? I can crack WPA2 overnight with Reaver--no problem. None of that stuff does a thing against the determined and skilled hacker. But determined and skilled hackers don't seem to have wanted to spend the time to break into my system. By the way, I used hidden SSID with Windows XP for four years with zero problems. I don't know where these wacky "professional" opinions come from but they're dead wrong.
In order not to be eaten by the bear you don't have to be the fastest runner in the land. You only have to be faster than the slowest. Bad guys bash in doors with invitations on them. They avoid any trouble at all unless there is something mighty attractive on full display. My network ain't it. Probably neither is yours.
The most insecure wireless practice? Using the stupid button to automatically swap passwords between computer and router. The actual password they swapped is pretty secure, but the button itself has a password that's child's play to decode. It can be done very quickly and then the router hands you the real password for free. THAT's stupid security. Don't buy a router unless you can install DD-WRT, which doesn't support giving your password to strangers.
This topic was automatically closed after 10 days. New replies are no longer allowed.