Instructables

Is a MAC whitelist more or less secure than WPA/WEP security?

I currently have WPA security set on my home wireless network.  It works nicely to limit access only to those to whom I give the password.  However, it's a real pain to try getting Linux-running laptops to connect to it.  Same with my BlackBerry.

I'm considering disabling security entirely and instead creating a "whitelist" of MAC addresses of the wireless devices I want to allow access.  Is this a bad idea?  Will I be leaving my network vulnerable in a way I'm not foreseeing?

lofty4 years ago
It's really easy to spoof a mac address so no. Don't disable security. Use WPA, don't use WEP, even I can crack that in a few minutes work. WPA (at the current moment in time) can only be cracked by using brute force or dictionary attacks so use a strong key which is reasonably long and contains higher and lower case characters and numbers. Make sure it's not a word in a dictionary too or anything common. Randomize it and it will be virtually unbreakable. Enabling MAC address filtering is a good idea though but don't count on it by itself to protect your network.
yoyology (author) 4 years ago
Good to know. Thanks to you both for the quick replies.
MAC filters are many times WORSE than WEP/WPA, MAC adresses can easily be spoofed and access can be gained in less than a minute or two, but with WEP that can be about 10 minutes or so and WPA many hundreds of years. WPA is by far the best solution to security