Hiding Your WiFi Network Doesn't Actually Hide It

There's a checkbox in almost every router's settings labeled something like "Hide SSID" or "Disable SSID broadcast." A lot of people turn it on because it feels like a security measure. If your network isn't visible in the list, attackers can't target it, right?

Wrong. And this is worth explaining properly because the misconception is everywhere.

What "Hiding" Your SSID Actually Does

When you broadcast an SSID normally, your router sends out beacon frames announcing "I exist, my name is HomeNetwork-5G." Every device nearby can see those beacons.

When you "hide" the SSID, you tell the router to stop including the network name in those beacons. The router still exists. It's still transmitting. The radio frequency is still active. You have not turned anything off. You have just told the router to stop announcing its name in one specific type of frame.

That's it. That's the whole feature.

Why It Doesn't Work

Here's what happens when a device has previously connected to a hidden network: it starts actively looking for it. Instead of passively listening for beacon frames, it broadcasts probe requests asking "is HomeNetwork-5G out there?" It does this constantly, wherever you go.

So now your phone is shouting your home network's name in every coffee shop, airport, and office you walk into. The SSID you were trying to hide is now being advertised by your own device everywhere it goes.

Anyone running basic WiFi analysis tools can see this. A $30 WiFi adapter and free software like Kismet is all it takes. The hidden network shows up immediately when any previously associated device is nearby.

What the Research Actually Says

NIST addressed this in 800-97. The guidance essentially says that hiding an SSID provides no security benefit and can actually cause additional issues, specifically around the active probing behavior I described above. That guidance has been around for years. Router manufacturers still ship the feature because people ask for it, not because it works.

What Security Actually Looks Like on WiFi

If you want your network to be secure, the answer is authentication and encryption, not obscurity.

WPA3 is the current standard. If your router and devices support it, use it. WPA2 with a strong passphrase is still reasonable for most home environments.

For anything beyond a home network: 802.1X with PEAP and Active Directory credentials is the real answer. That's enterprise WiFi authentication. Users authenticate with their actual credentials, not a shared password that gets passed around and never changes. Hidden SSID adds nothing to this setup. Take it off and the security is identical.

The One Argument That Holds Up

The only scenario where hiding your SSID makes any sense is visibility management. If you manage a large office with fifteen networks and you only want users connecting to the right one, hiding the ones they shouldn't see reduces confusion. That's an organizational hygiene reason, not a security reason.

If someone tells you hiding the SSID keeps hackers out, ask them how. Make them explain the mechanism. There isn't one.

Broadcast the SSID. Use WPA3. Use a strong passphrase. That actually protects your network.