Why you should change your Wi-Fi network name (SSID)
Mahdi Khorsravi
One of the most well-known security measures regarding authentication is to never use default passwords. While this measure is becoming more widely implemented in most Wi-Fi routers ‘out-of-the-box’, hackers are increasingly exploiting other weaknesses that aid in identifying and cracking the authentication across many home Wi-Fi networks.
The Wi-Fi network name (or Service Set Identifier, SSID, in more technical terms), identifies the network and appears when users are looking to connect to a network nearby. Examples of SSIDs include:
- dlink-34E0
- TP-Link_4BC6
- netgear37
- Linksys00042
The SSIDs above demonstrate a standard format, usually the vendor name followed by an alphanumeric string. To understand the risks associated with using common or default SSIDs requires some explanation of the authentication protocol WPA-PSK (or pre-shared key).
The majority of home Wi-Fi networks implement the WPA-PSK authentication protocol, which includes the standards WPA, WPA2 and WPA3. Devices connected to the network encrypt the traffic by developing an encryption key from the shared key. The shared key is derived from a passphrase using PBKDF2 (password based key derivation function), which uses the SSID as the ‘salt’ to add an additional element when generating the encryption key.
The cracking process for a hacker usually includes capturing the pre-shared key during the ‘handshake’ between a device and a router, and then attempting to crack the passphrase used to create that pre-shared key. While a strong passphrase makes the cracking process more difficult, there are ‘rainbow tables’ specifically created for common SSIDs that identify the pre-shared keys already calculated for billions of passwords. Therefore, if a rainbow table exists for the SSID targeted, there is a risk that a simple table lookup might make cracking the passphrase much easier.
Changing the SSID to something less common would add additional steps and require the hacker to calculate potential pre-shared keys, thus significantly increasing the time it takes to complete the cracking process. As such, when combined with using a strong password, the simple act of changing an SSID name can significantly impact the ability of a hacker to gain access to your system. All home users should consider changing their SSID immediately, if a common or default name is used.
Back to all blog posts