Does SSID need to be broadcast?

With a home network of Windows PC's, I have always turned off the option to broadcast my wireless router SSID (as an additional security measure). Now that I have switched to an IMac, it seems that Airport requires the SSID to be broadcast - if I turn the broadcast off, Airport loses connection immediately and does not reconnect. Is this how Airport should be?

No, I never broadcast SSID. However, you'll need to manually connect, as changing that recycles the Airport. Connect to OTHER, type in your SSID and then set your security settings.

Almost as soon as I submitted my post, I found a thread on the same topic in the forum (sorry, still finding my way round it). The "best" advice seems to be to broadcast the SSID and not use MAC address filtering. Personally, I think that using WPA encryption, applying MAC address filtering, changing the SSID from something identifiable like "NETGEAR" or "TALKTALK", and not broadcasting it is about as robust security as can reasonably be attained. And I see no reason to settle for less!

As an addendum to my last post, broadcasting a SSID could impact on security other than computer security. Burglar Bill sees from his wi-fi enabled phone that a particular property is broadcasting a SSID, let's say it is called SKY123 (there's a similar one coming from a near neighbour to me). Bill now knows that inside this property is at least one computer. It's a router provided by the Sky broadband, phone and TV services provider so it is likely that there is also at least one TV and a satellite box inside the property as well. Bill can also see that the router is almost always on except at weekends - perhaps because the occupant is away from home. Just what Bill needs?

Turning off SSID broadcast buys you nothing more than a false sense of security, as does MAC filtering. It does make it more difficult for your legit clients to connect and stay connected however.

The reason I say this is because no one who is trolling for wireless networks is going to use a standard WiFi connection manager to do so. They're going to be doing a full WiFi scan, and whether you're broadcasting or not, they're going to see your SSID.

Don't believe me? Try something like AirRadar and do a quick scan of your neighborhood. I'll bet you a dollar that you'll see at least one network that you hadn't seen before. And AirRadar is not even close to one of the best scanners on the market.

MAC filtering is probably only effective against someone who doesn't know what they're doing. It's child's play to identify allowed MACs and then spoof one of them once the machine goes offline. It might add another layer of security, but if you're using decent encryption like WPA2/AES, you have nothing to worry about for the most part.

+1 for what cwa said. It is unbelievably easy to get a MAC address and SSID with a few clicks of software. It does 0 for protecting a network and makes it a pain to connect legitimate devices. One of the first things I ask when debugging connection issues on these forums is if SSID is being broadcast - as many times that can cause an issue with reconnection.

Secondly - if Burglar Bill is really trolling for stuff to steal - he would probably be war-driving - he will see <hidden> if you aren't broadcasting your SSID - but he will still know there is an access point near by. If he is worth his salt - he probably already has a database with the SSID already figured out.

Any WPA will do as long as you have a strong password - but go with WPA2/AES as suggested if you can.
Strong Password Generator

On a side note - I have MAC filtering on - so that I have a list of known MAC addresses handy. I can then just look at my list to see who is on and what device it is. It really isn't a security measure for me - more of a debugging tool. The list is right there in my Airport Utility. The Airport Utility reports signal information for MAC addresses so it is just easier for me to see how good the signal is for a given MAC address.