23

Is hiding your Wi-Fi SSID and setting it without a password as secure as when your SSID shown with a password on a technical level?

terdon
  • 54,564
caulmseh
  • 543
  • 1
  • 6
  • 14

5 Answers5

66

NO. When you hide your SSID, it is broadcast by clients, so its easy enough to discover anyway (just Googling "discovering hidden SSID" will link you to multiple tools and ways this can be done with relative ease). At that point, free access. There has never been much point in hidden SSIDs.

WIFI passwords are not sent in plain text; they require a significant amount of work (if correctly set up - an unrealistic amount of CPU) to crack.

Drise
  • 125
davidgo
  • 73,366
32

Hiding SSIDs is also bad for privacy.

In addition to providing exactly zero security (as the other answers have explained), hiding the SSID is also a very bad idea if you care about privacy.

In a "normal" (not hidden) network, the access point will periodically transmit "beacons" with various information including the SSID. A client thus only needs to passively listen to see what networks are available. If it sees a beacon from one of the configured networks, it can then decide to connect to it.

However, with a hidden SSID, there's no way for a client to know it's in range of a configured network without actively trying to connect. Thus once you set your device to connect to a "hidden" network automatically, it will keep broadcasting "probe requests" with its SSID wherever you go. Sometimes the SSID itself might be somewhat embarrassing or contain personal information, and sharing the list of networks you visited in the past with everyone you meet is often also not desirable.

TooTea
  • 651
4

No

THIS IS SUPER EASY TO DECLOAK

You can see it when you are looking at wireless traffic in whireshark while in monitor mode.

You can also simply send a deauthentication packet to the client using aircrack-ng or any other packet crafting tool, and it will show look at probes coming from clients and see it.

here is a good article on this.

LUser
  • 157
4

Others have sufficiently addressed the lack of benefit to security when hiding your SSID, so I would like to point out the significant risk at which you would put your network by not setting a password (i.e. using no encryption).

Anything transmitted between your access point and clients would be open to anyone eavesdropping with a wireless adapter set to monitor mode (trivial to set up). To do that, the person would not even have to connect to your network. Any information not protected by higher-layer encryption (e.g. TLS or PGP) would be available to them in clear.

Should they decide to go further, they could actively manipulate your network's traffic in all sorts of ways.

Whether you decide to hide your SSID or not, always use at least WPA2 encryption with a strong passphrase.

Giorgos350
  • 61
0

It is very secure as long as you never connect to it. Once you do the name is transmitted out for everyone to see.

As TooTea mentioned, the ability to have hidden SSIDs has made it so that clients must actively probe for the entire list of SSIDs that they are configured to connect to, revealing the full list of SSID names to anyone in the area whenever the device is scanning for new networks. Some devices seem to do this anyway even if the SSID was not configured as a hidden one when connecting.

Edit: If you want to see what 802.11 wireless clients are probing for, it's quite easy if you have a GNU/Linux system. You can do this with the default utilities. This assumes wlan0 is your wireless interface.

iw dev wlan0 interface add mon0 type monitor
ifconfig mon0 up
tcpdump -n -e -l --immediate-mode -i mon0|grep -i --line-buffered "probe request"

You shouldn't need to change the channel on the mon0 interface because probing is done on all channels. But it could help if the channel you are monitoring has a lot of interference and because of that you aren't able to receive probe requests as well. If you're using wlan0 you won't be able to have mon0 operating on a different channel than wlan0.

Although it's normal for a client to probe for a particular SSID name when it is connected to that network (so it can roam to other access points), if a client is probing for a particular SSID name when that access point has been unplugged or is out of range, then it's leaking the names of SSIDs (wifi network names) that it has been configured to connect to in the past.

If you do this you'll likely eventually come across some clients which are currently not connected, and they'll be probing for the names of hotels and business where they have been connected in the past. This is in addition to revealing some hidden network names that don't show up in your list of near by wireless networks.

Alex Cannon
  • 339