What is Wi-Fi MAC address?

what is this?
is it one of the parameter that identifies and distinguishes your mobile device?

Can I change this value?

 

Yes it is a unique identification for your wireless device. It can't be changed. You can spoof it perhaps, but not change it.

 

^ What WingNut said. However, I'll add that your wired connection (Ethernet) will also have a MAC address (which is different from your WiFi's MAC address since they're different physical devices).

You *could* spoof your MAC address if you want, but there's not much practical value in that.

 

As for what it is in practical terms, my workplace has employee-only Wi-Fi that you can't connect to unless the IT department has added your MAC address to the system. Wi-Fi passwords can be leaked to the general public. This is a more effective way of keeping the employee Wi-Fi for employees only.

 

One of the possible problems with MAC "security" though is that you have to ask; what stops me from sitting in the parking lot of your office with Wireshark on my computer, collecting all those approved MAC addresses? .

 

Exactly, this should not be considered a security feature. An attack as Jarhead described takes less than 15 seconds with minimal tools and no physical access to any hardware.

 

lol, and that's why we have user specific login credentials + security token...

 

To clarify, having an approved MAC address does not give you access to any of the employer servers or documents, just access to an internet connection. I can only access the employer servers and documents on my employer-supplied desktop with a username and password. The wifi connection I'm talking about just allows employees to stream music, send and receive emails, etc without using their mobile data plan.

 

Yeah, I was expecting that your company wouldn't rely on MAC filtering for accessing sensitive stuff. Though even then, you could still use that as a stepping stone for another attack (for example: connect to AP with spoofed MAC and other login requirements, spoof well-used service, commit man-in-the-middle attacks).

Point of that post was that MAC filtering isn't actually a useful security tactic, especially by itself.