I always hear “CHANGE THE SSID” on your home router. There are two parts to the SSID, correct? The network name and the network password to connect. I realize that the password needs to be changed from the default of admin or whatever, but are people still suggesting that the SSID network name be changed
as well? I can see changing the network name to something other than “Linksys” so that you know that it’s yours, but why does it matter if others can see this name? All that matters is changing the SSID password, correct?
Well, to begin with, a couple of concepts have gotten confused in your
The SSID can be changed, and there are good reasons to do so. Broadcasting
the SSID can also be disabled, but whether that actually helps anything is
And finally, this isn’t really a router thing because there are routers that have no
wireless capabilities and thus, they have no SSID to worry about. This is really a
wireless access point thing – whether that access point is a separate device
or combined with a router in a single package.
That password thing
Even though it’s completely unrelated to the SSID, let’s first deal with the password issue.
As outlined in How do I secure my router?, there are actually two passwords that you need to concern yourself with:
The password used to gain administrative access to the router’s configuration
The password used as part of WPA encryption used to secure your wireless connections
You should change the first one from its default. Otherwise, anyone with access to your network can reconfigure your router. I have heard of malware that can do exactly that if you leave the password unchanged.
You should add the second – WPA encryption – if you have not. Otherwise, anyone within range can possibly “listen in” on your wireless data.
But neither really have anything to do with SSID.
Change the SSID
You’ll need to access your router’s configuration to alter these settings. Exactly how you do that varies from router-to-router, so check your router’s documentation for instructions.
My example uses a LinkSys WAP54G wireless access point, which is a device separate from my router.
In its configuration, I navigate to the Wireless tab, Basic Wireless Settings page:
Everything that we want to look at is on this page in this access point.
The Network Name (SSID) usually defaults to something that is the same for every one of the access points or routers made by the same manufacturer. Typically, that’s the manufacturer’s name – LinkSys, in this case.
As you can see, I’ve changed that to something else:
I’ve named this access point “NOTENLAN-FR”, something that clearly identifies this particular access point and the network to which I have it attached.
You can choose pretty much any name that you like. I’ve seen SSIDs called things like “Fluffy Bunny” or “Connect here for malware” – the later being a semi-facetious way of telling strangers not to try to connect. (With WPA enabled, they would not be able to anyway, unless they had the proper password.)
But as you’ve pointed out, it is good to set it to something unique, so that you don’t accidentally connect to some other access point and questionable network with the same name as yours.
Broadcasting the SSID
There’s a diversity of opinion on whether or not it’s helpful to not broadcast your SSID.
As you can see above, mine is set to broadcast.
What does that mean? It means that it shows up in lists like this one:
The available networks there are those whose SSIDs are being broadcast by wireless access points in range.
If you disable the broadcast of the SSID, the wireless network does not appear here. You can still connect to it manually if you know the SSID (and WPA password, if appropriate), but it won’t show up in these types of lists automatically.
Broadcasting the SSID and security
There’s a misconception that not broadcasting the SSID makes your wireless network more secure.
That’s actually only partly true.
If the SSID isn’t being broadcast, your wireless network won’t show in those “nearby networks” lists. It’s a form of security by obscurity in that it keeps your neighbors or anyone else within range from connecting accidentally or otherwise.
It’s not really secure. Your network is still technically visible; the packets going to and from your access point can still be intercepted and interpreted. It’s slightly more difficult, but still quite possible. Disabling the SSID broadcast doesn’t really protect your network from someone who’s knowledgeable and intent on connecting.
You still need that WPA password to do that.
So, disable the broadcast or not. Just realize what security you are and more importantly are not getting when you do so.