SSID-better short or long

Discussion in 'General Discussion' started by danix71, May 23, 2008.

  1. danix71

    danix71 LI Guru Member

    I have a ''tense'' discussion with one of my friends from a Romanian computer forum: it's better to have a short SSID or a long-name SSID? And why, if you can say.
  2. HennieM

    HennieM Network Guru Member

    I think the idea of the "long and garbage like" SSID still stems from the WEP/no encryption days; the reasoning was (and in die-hards still _are_) that a long SSID like A1b4f3c6cCF0ADfE (add characters to your liking), together with hiding the SSID, contributes to the access control or the "invisibleness" of the wireless net. I.e. the SSID will look like a hex number or just garbage and not be easily detectable by reading sniffer output.

    With the advent of WPA both hiding the SSID and "long and garbage like" went out the window IMO, as the encryption is so much better. Sniffers etc. also got smarter, and hiding the SSID just makes for more problems.

    So, except if there is a (unknown to me) mechanism where the SSID is used as a seed for encryption or something, a shortish one will do fine, though I can't say that short is neccessarily "better" than long. It just depends on how much you like typing I guess...
  3. danix71

    danix71 LI Guru Member

    HennieM, I agree with you. My friend that is on the other part of the barricade said/says that a longer SSID is better because that network it's then harder to crack. But I still don't understand how a longer SSID could help you by being crack-proof.
    In fact, except of identifing the particular network...I don't see what importance has a SSID.
  4. bhlonewolf

    bhlonewolf LI Guru Member

    Why would the network be harder to crack? It doesn't make sense.

    I can't think of any reason why it would be MORE secure, so I guess I'd turn the question around and ask why it would make your network more secure? I suppose a long SSID would be obscure and look odd, so maybe people wouldn't bother? Like I said, that doesn't seem to make any sense.

    Now, a shorter WPA/PSK key certainly could make the difference, particularly if one is using simple passwords susceptible to dictionary attacks. Maybe this is what he was referring to?
  5. Toxic

    Toxic Administrator Staff Member

    if someone wanted to hack your router they have the means to find hidden SSID's.

    It is far better use a high end encryption like WPA2 (PSK or Enterprise) and check the coverage of your home wireless network so it does not cover outside of your house.

    Preshared keys should be over 20 characters in length and include alphanumericle characters including upper and lower case letters.

    Also, dont forget to use a strong password for the admin account. more info here:

    Wireless Security - How secure is your Wireless Network?

    How To Crack WPA / WPA2
  6. HennieM

    HennieM Network Guru Member

    I just read the smallnetbuilder WPA crack linked to by Toxic. It seems that the SSID is indeed used to "salt" the WPA passphrase during client authentication.

    Now, as the SSID will always be known to the serios cracker, there is no real benefit in having a long or a short SSID. However, if you use a common-dictionary-word as SSID, the cracker could use precomputed hash tables to crack the passphrase in a dictionary attack.
    When using a non-common-dictionary SSID, this forces the cracker to recompute his (her) hash tables.

    Computing hash tables is not computing intensive relative to actually cracking the passphrase, but recomputing hash tables could be adding a short delay to the crackers time. As wireless-nets are generally running for days on end, I don't think those few minutes are really going to matter, except to the cracker-in-a-hurry...;)
  7. danix71

    danix71 LI Guru Member

    So, what I makes a slight difference if the SSID is long or a non-frequent-used phrase...Hmm...
    Thank you very much for your responses!
  8. bhlonewolf

    bhlonewolf LI Guru Member

    Not if it's long, but rather if the SSID is a duplicate of one the hacker has cracked before -- but realistically speaking, it doesn't make any difference.
  9. mstombs

    mstombs Network Guru Member

    The SSID is a network name - its not a password, does not need to be cracked - it is broadcast in plain text occasionally, even if 'hidden'. Its length can be 2 to 38 bytes I think, if shorter the messages that include it will be shorter and waste less air time?
  10. danix71

    danix71 LI Guru Member

    I thought so too in the first place: doesn't matter how long or short it is...
  11. bhlonewolf

    bhlonewolf LI Guru Member

    Correct about the SSID not needing to be cracked, but the WPA password is salted with the SSID which adds a nominal computational overhead. So it is used in the cracking process... but practically speaking, it's not a security measure.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice