15

Yesterday I got a cable modem, and on the back of the modem there is a small sticker with the name of the default SSID, which looks like Vendor-A11 and the default Pre-Shared Key, which is a long password containing both numbers and letters.

I found it convenient that when I want to connect some device to its Wifi, I just need to have a look at the rear of the modem. But then, while doing some research, I saw that it is recommended to change the default SSID. For me, it seems that what comes printed on the sticker is unique to each device sold by the manufacturer (both the SSID and the key).

Then I did some research on the web and, while there are many websites that tell you to change the default SSID (and some even go as far as saying you should change it often), all of them failed to explain what is the purpose of changing it.

Isn't doing this just some sort of security by obscurity? Isn't setting WPA2 with a good password the most important? Just for reference, I have disabled WPS too.

admirabilis
  • 285
  • 1
  • 2
  • 7
  • 3
    You could always take a sticky note, write the username and password on it and attach it to the router. It *seems* less secure ("Never write down your password!" probably) but the existing user/pass is already there and you want to be able to keep it there. – Jon Feb 06 '14 at 00:46

3 Answers3

11

Changing the Default SSID would serve no particular security purpose where it's not entirely predictable (e.g. 'netgear'). It would allow you to easily identify your wireless network though, if there are lots of others about.

It used to be the case where companies used one string for all their APs that it was relevant to Rainbow table generation (more info here) as the SSID is involved in generating the key (details here)

It could be that the articles you read were confusion the idea of changing the SSID with the idea of changing the Pre-Shared Key.

Changing the PSK can be a good idea, in case there is a problem with the methodology used to generate the first one being predictable (IIRC this has been a problem with some makes of access point in the past).

Also changing the PSK periodically can be beneficial if you're worried about someone brute-forcing the existing one or your worried about someone who has had access to the network and should no longer have it (e.g. in a company set-up where someone leaves the company)

Community
  • 1
Rory McCune
  • 60,923
  • 14
  • 136
  • 217
  • 2
    Some modem used to generate the WEP/WPA key based on the SSID so in this case if they know your SSID they know your key. More info here : http://www.gnucitizen.org/blog/default-key-algorithm-in-thomson-and-bt-home-hub-routers/ – null Feb 05 '14 at 20:01
  • 2
    Changing the SSID can also serve as a deterrent to *lazy* attackers brute forcing against default values. Though that's not necessarily anything significant. – Steve Feb 05 '14 at 23:35
5

For some routers, the SSID will identify the type of router (one example). This gives potential attackers more information about your network that they can use to break into it. Thus, changing the router name hides that information from the attacker. Some things that knowing the type of router can enable is finding default passwords for that router, or knowing specific attacks that will work against that router.

John Montgomery
  • 163
  • 1
  • 6
  • 3
    So will the MAC address (BSSID). And that's going to be broadcast out regardless of what SSID you pick. – derobert Feb 12 '14 at 23:56
  • True. But with security, you'll never be perfectly protected. You just need to make it hard enough for the attacker that they don't find it worth their time. This is just one step (albeit, not the most effective step) to raise that threshold needed for a successful attack. Using good encryption and a strong password is probably the best first step, but that doesn't answer the question that was asked. – John Montgomery Feb 13 '14 at 21:03
-1

Changing the SSID is for security purposes because when you change the SSID settings you can hide the SSID from discovery as well. Wifite on Kali can crack the key to my WPA2 secured AP in about 4 hours. Also some keys are out there and in wordlists that someone would use for an attack.

Bryan
  • 21
  • 4
  • 1
    This does not really answer the question. You could also hide the default SSID. And cracking a password is independent from the SSID (except in some rare cases where the default password is derived from the SSID). – Lukas May 17 '16 at 18:08
  • I said that as I cracked a Dlink from a worlist that was created for that one. In a rare occasion as above the SSID could have the name of the router. – Bryan May 17 '16 at 19:51