In much the same way that a traditional Windows network is identified by a workgroup or domain name, wireless networks are “named” using what is known as a Service Set Identifier, or SSID. The default SSID configured on an access point varies between manufacturers, but is always set to a default value in a manner similar to administrator passwords. In the absence of security features like MAC address security, knowing the SSID to a wireless network is typically all that is necessary to form an association with an access point. The SSID values associated with popular access points are also well documents, so you’ll want to be sure to change the SSID for your network. For example, a default SSID of “linksys” should be changed to a unique value for your network.
Hopefully you’re well aware of the difference between a good and a bad password. Some of the same principles should be applied to SSID names. For example, never set the SSID value to something that explicitly identifies you or your organization, such as a proper name or address – this will only make your network easier to locate or identify. Instead, change the SSID value to something a little more obscure.
Another unfortunate default security setting of most wireless access points is that they have a setting known as “Broadcast SSID” enabled by default. What this means is that an access point will broadcast out its configured SSID value for the entire world to see if left unchanged. When systems with a wireless network card come within range of an access point broadcasting its SSID, that network is then listed as an available network (in the wireless network card properties of XP, for example), making it very easy to connect. As a best practice, disable the broadcasting of SSID information if your access point supports it (most do). Understand, however, that if you do disable SSID broadcast, all wireless clients will need to be explicitly configured with the SSID value for the network or they will be unable to form an association.