You’ve been told to set a WPA key on your Wi-Fi router. You’ve even been told to use an SSID (Wi-Fi network name) that is unique. But I bet very few people have told you to set up MAC filtering. Huh? MAC filtering? What’s that? How do you set it up? Is it any good?
This may come as a surprise to you, but MAC filtering is actually the one thing you may need to fully solidify the state of your wireless network. There are a few reasons for this, and perhaps it would be an enlightening experience for you to learn once and for all why this little setting on your router is insurmountably powerful.
A little note: If you don’t know what a MAC address is, perhaps it would be helpful to first read through this.
Why MAC filtering? Isn’t everything else enough?
OK, let’s first explain what MAC filtering is … Every device that connects to a router does so through a network adapter. Each network adapter has a unique identifier that sets it apart from others, allowing it to be found even if the IP address of the device must change.
Yes, you can change your MAC, but it doesn’t happen automatically when you reconnect to the web (if you have a static IP). MAC filtering is a rule set in wireless access points and routers that allows people to allow or disallow MAC addresses from connecting. Now, why should you use it? Here are a few reasons:
- There’s no extra authentication. Once you add a MAC, the device behind the MAC will always be able to connect to the router. Alongside WPA, it’s very powerful.
- You don’t need to do absurd things like disabling DHCP to filter inbound connections. Hackers can’t simply “guess” your MAC address like they could with a local network IP address (which is why disabling DHCP is a useless idea).
- MAC addresses don’t change (unless you change them manually). The default addresses are hard-coded into the networking hardware.
- If and when WPA or any other security method on your router will finally be easy to hack (and it will, at some point), you have a failsafe admitting only certain devices to your network. That by itself is a major plus!
Is it better than WPA/WPA2?
Comparing MAC filtering to WPA authentication as security methods side-by-side is just like comparing apples to oranges. Each of them serves a role in your network’s infrastructure. You can’t really compare them like WEP and WPA (two of the most popular security measures in wireless networks that work similarly). While MAC filtering is doing its job, WPA authentication is adding another layer of cake on top of it. You can’t say that “one is better than the other.”
You can’t even ask whether one is more important than the other. Both carry equal weight, and both are exploitable if the router is using dodgy firmware.
How is MAC filtering set up?
The setup for MAC filtering depends entirely on the router you’re using. Typically, companies like to consolidate their configuration consoles in one particular way, but there are key differences between models that might make some options unavailable. I recommend looking up your router manual to find out whether the router supports MAC filtering, then learning how to use it. So that you don’t come out of this empty-handed, I will show you what the configuration looks like on one of my routers:
In my case, you would go to “Wireless -> Wireless MAC Filtering”, then click on “Allow the stations specified by any enabled entries in the list to access.” Clicking “Add New …” will take you to a screen where you can add a new filtering rule involving a particular MAC address.
Once you find out your MAC address, there are many awesome things you can do with it to filter it in and protect yourself from exterior influences. And no, do not disable WPA protection on your router simply because you have employed this protection method. Both work together to bring you a more complete secure browsing experience!
There is a lot of information here to swallow, so if you find yourself a little stuck or confused, leave a comment below so we may discuss everything!