Avoid giving your wireless network a common name (SSID)

Learn why you should not give your wireless network a common name.

If you give your wireless network a common name, users of iOS devices will need to sign in to each access point in the network the first time they use that access point (the iOS device will rejoin that access point automatically in the future). This manual sign-in process is necessary because iOS devices store the access point's hardware address (Basic Service Set Identifier, or BSSID) when the network name (Service Set Identifier, or SSID) is considered common or ambiguous.

If you were to give your wireless network a common name (SSID), users of your network who use iOS devices and are away from your network would run the risk of joining a different network with the same name. Having joined the unexpected network, they would be exposed to potential data theft.

Because of this security issue, Apple maintains a list of common or ambiguous SSIDs, including the default SSID for many commercially available access points, as well as the SSIDs "wireless" and "default". If your network's name is on the list, any iOS device that joins the network stores the access point's BSSID and associates it with the network's SSID. Subsequently, it will only auto-join the network if the access point's BSSID matches the information the device has stored. This avoids joining a different network with the same name.

Giving your network a unique name avoids this security measure, so that iOS devices will auto-join your network as expected.

Configuration profiles

When using configuration profiles to configure iOS devices and the networks they join, note that the profile contains only the SSID, not the BSSID. So even if an iOS device is configured to join a network on the list, it won't automatically join because it doesn't have a saved BSSID. After the iOS device has joined a given access point manually for the first time, it will rejoin automatically in the future.

Published Date: