Author Options:

Is a MAC whitelist more or less secure than WPA/WEP security? Answered

I currently have WPA security set on my home wireless network.  It works nicely to limit access only to those to whom I give the password.  However, it's a real pain to try getting Linux-running laptops to connect to it.  Same with my BlackBerry.

I'm considering disabling security entirely and instead creating a "whitelist" of MAC addresses of the wireless devices I want to allow access.  Is this a bad idea?  Will I be leaving my network vulnerable in a way I'm not foreseeing?



Best Answer 8 years ago

It's really easy to spoof a mac address so no. Don't disable security. Use WPA, don't use WEP, even I can crack that in a few minutes work. WPA (at the current moment in time) can only be cracked by using brute force or dictionary attacks so use a strong key which is reasonably long and contains higher and lower case characters and numbers. Make sure it's not a word in a dictionary too or anything common. Randomize it and it will be virtually unbreakable. Enabling MAC address filtering is a good idea though but don't count on it by itself to protect your network.

Good to know. Thanks to you both for the quick replies.

MAC filters are many times WORSE than WEP/WPA, MAC adresses can easily be spoofed and access can be gained in less than a minute or two, but with WEP that can be about 10 minutes or so and WPA many hundreds of years. WPA is by far the best solution to security