An SSID (Service Set Identifier) is the technical name for the network name of a wireless local area network (WLAN). It is used by wireless devices to identify and connect to a specific Wi-Fi network. In essence, the SSID is a label that distinguishes one wireless network from another in a shared space.

The SSID is a case-sensitive alphanumeric string, up to 32 bytes in length, that uniquely identifies a wireless network within a given range. It is broadcast by wireless access points (APs) in beacon frames, allowing nearby devices to detect available networks.

When a user connects to Wi-Fi, the device scans for nearby SSIDs, displays them in a list, and allows selection and authentication (if required). The SSID enables the association between a client and the correct AP among multiple available networks.

Types of SSID

A. Broadcast SSID

By default, most routers and access points broadcast the SSID periodically via beacon frames. This allows client devices to discover the network automatically. Broadcasting is essential for user convenience and initial setup but can also expose the network to unauthorized scanning.

B. Hidden (Non-Broadcast) SSID

Administrators can choose to disable SSID broadcasting. In this case, the network name does not appear in Wi-Fi scans. Devices must have the SSID manually entered to connect. This does not significantly enhance security, as hidden SSIDs can still be discovered using packet sniffing tools.

SSID and Security

While the SSID itself is not a security mechanism, its use is tied to wireless encryption schemes:

• Open networks (no password) still require an SSID to be broadcast.
• WEP, WPA, WPA2, and WPA3 encryption protocols rely on the SSID during the authentication and key derivation process.
• Changing the default SSID from something like “linksys” or “netgear” helps avoid confusion and reduce the risk of targeted attacks.

It is recommended to assign a unique, non-identifiable SSID (avoid using names or locations) and enable strong encryption (preferably WPA3 or WPA2-AES).

Best Practices for SSID Configuration

Use unique, recognizable names for organizational networks.

Avoid using personally identifiable information (PII) in SSIDs.

Use different SSIDs for guest and internal networks.

In enterprise environments, segment networks with multiple SSIDs mapped to different VLANs.