Most people know that they need to protect their IP address, but have you considered protecting your MAC address? It can be used to track and log your location, disrupt your connection, and even impersonate you online. But first, let’s find out what a MAC address is.
Anna Rasmussen
Jan 03, 2019 · 7 min read
Contents
A MAC (short for “media access control”) address is a series of numbers and letters that identify a network device.
Our devices need to know the addresses of every device and network they connect to if you want to connect to the internet or send and receive information. That’s why we have IP and MAC addresses. An IP address identifies your network connection. Similarly, your hardware is also identified by a MAC address.
Every connected device has a network interface card, or NIC, that allows it to connect to a network. The NIC manufacturer provides each card with a unique MAC address. Therefore, MAC addresses are also sometimes called burned-in or hardware addresses.
A MAC address is essential for successful interaction between local network devices. When it detects a router, your device sends its MAC address through to form a connection. Your router will then assign you an IP address and let you connect to the internet. The difference between MAC and IP addresses is that MAC addresses never change and are only used in the local network, while IPs identify network devices globally and can change depending on your location.
Most MAC addresses consist of 12 letters or numbers across 6 pairs. For example:
1A-2B-3C-4D-5E-6F
11-22-33-44-55-66
Here’s how you can find your device’s MAC address:
1. Press the Windows key on your keyboard, type “cmd”, and press Enter
2. When the command window shows up, type “ipconfig/all” and press Enter
You will see a list of your adapters. Each will have a Physical address — the letters and numbers next to it are that adapter’s MAC address.
1. Click on the Wi-Fi icon on the top of your screen and select Open Network Preferences in the drop-down menu
2. In the next screen, click on Advanced
3. Select the Hardware tab at the top to see your MAC address
1. Go to Settings and Network & internet
2. Tap on Wi-Fi and select the network you’re connected to
3. Tap Advanced, and under Network details you’ll see your MAC address
1. Go to Settings and General
2. Select About and scroll down. Your MAC address is listed as Wi-Fi Address
MAC addresses are generally secure since attacks are difficult to implement and require extensive technological know-how. However, it can be used to monitor your location, disrupt your internet access, or even perform a man-in-the-middle attack.
Companies and institutions have used people’s MAC addresses to track their location. As you move with your device from one Wi-Fi point to another, it continually broadcasts its MAC address to connect to new points. In a large facility (like an airport) or a city, a unified Wi-Fi system can be used to track users’ locations and gather information about their movement.
However, doing this requires access to a lot of Wi-Fi points that’s usually only available to large companies or institutions. MAC address tracking isn’t always very sinister, either — sometimes, it’s simply used to gauge traffic speed and flow.
But the technology can also be abused. In 2013, an advertising company in London used trash cans with Wi-Fi to detect and track MAC address’ movements. Targeted ads followed people throughout the city in response to their movements and online habits.
A hacker could use your MAC address to impersonate you and hijack your credentials. Unless you’ve set up your home router securely, they may use special software to discover your MAC address and connect to the same Wi-Fi.
Some routers use MAC addresses to filter access, which can be a powerful security strategy when combined with other techniques. On its own, however, it is highly susceptible to MAC spoofing. All a hacker needs to impersonate you is your MAC address, which your device regularly broadcasts when looking for or making a connection.
It’s hard to effectively use your MAC address to attack you. Your devices’ MAC addresses are difficult to tie to your identity as they rarely travel beyond the very first network device they connect to.
However, in the wrong situation, it can become a vulnerability. In addition, some local networks, like the one at your job or school, can use MAC address filtering to block certain online content.
Completely blocking your MAC address isn’t really a good idea since you won’t be able to connect to any other network devices and go online without it. However, there are a few different techniques you may want to use to stay secure or private.
As you move around during the day, your MAC address is broadcasted to hundreds of networks. Even if you don’t connect to any of them, your device still sends its MAC address to discover surrounding networks and list them for you.
If you’re a responsible and security-minded user, you only connect to networks you trust (and use a VPN for the rest). If that’s the case, you’ll have little to lose by turning off your phone’s Wi-Fi whenever you’re not using it.
You will not only be safer for it — you’ll most likely enjoy prolonged battery life as well. After all, constantly scanning for connections and sending your MAC address can be taxing.
This solution will be different for every device, but it can be one of the best ways to secure your gadgets. When you spoof your MAC address, you assign a made-up address to your NIC.
Don’t forget that this process may disable anything that requires your device to have a set MAC address. If you’re connected to a router that has whitelisted your MAC or to a broadband cable that only allows a certain number of devices to connect, changing your MAC may disrupt your connection.
MAC spoofing can also be part of a hacker’s toolbox, so some system admins may not be too happy if they see you doing it. Use this method with caution.
Note: always write down and keep your real MAC address safe so you can change it back when you need to. Some devices will restore your original MAC address when you’re done spoofing while others will not. Repeat the same steps when you want to change it back to the original.
1. Hold the Windows key and press X then click on Device Manager
2. Expand Network adapters and right-click on your Ethernet or Wireless adapter, select Properties
3. Under the Advanced tab, scroll down the Property list and click on Locally Administered Address
4. You’ll see your MAC address under Value. You can delete it and paste your new MAC address
5. Restart your computer, and your MAC address will be changed
1. Turn your Wi-Fi off
2. Launch the Applications app and click on Utilities
3. Open the Terminal app
4. In a new window, type or paste “sudo ifconfig en0 ether XX:XX:XX:YY:YY:YY”. Replace the Xs and Ys with the MAC address you wish to have. Hit the return key and enter your password
For it to work, you will need a rooted Android device.
1. Go to the Google Play store and download two apps: Terminal and BusyBox
2. Open the app, type “su” and hit enter
3. Type “ip link show” to find your interface name
4. Type “busybox ifconfig yourinterfacename hw ether XX:XX:XX:YY:YY:YY”. Use your actual interface name and replace the Xs and Ys with the MAC address you wish to have. Hit the enter key
5. To check if your MAC address was changed successfully, type “busybox iplink show yourinterfacename”
We strongly advise against spoofing your MAC address on iPhone. This requires a jailbroken device and significant changes to the OS, which, if done incorrectly, could leave you with an unusable device.
Instead of setting a single fake address, MAC randomization lets you cycle through random fake addresses whenever you aren’t connected to Wi-Fi. As soon as you connect to a network, the randomization stops to maintain a steady connection.
As far as MAC security is concerned, this is probably the best method to use. It prevents your MAC address from being distributed to every device but doesn’t interfere with the connections you want to make.
As of 2014, Apple implemented automatic MAC randomization in its products, so you don’t have to do anything. Most Android and Windows devices have this feature too, but you might need to check if it’s on.
If you have Android 5 or later running on your device, the MAC randomization feature is built-in. Here’s how you activate it:
1. Go to Settings and Network & internet
2. Tap on Wi-Fi and select the network you’re connected to
3. Tap Advanced and under Privacy, select Use randomized MAC
1. Press the Windows key and click on the Settings icon
2. Select Network & Internet and click on Wi-Fi
3. Click on the network you are connected to, and under Random hardware addresses select On, Off, or Change daily
You can repeat the same steps for any network you use.
Take your privacy into your own hands.
Protect yourself with the world’s leading VPN.