From: John Tserkezis on
D-L473 wrote:

> Lock the router down to specific MAC addresses. If your router
> can't do both encryption and MAC address lock-down consider
> another router.

As it turns out, MAC address locking only stops idiots incorporated
from logging on. And encryption will stop them easily enough anyway.

It's easy enough to observe, and reconfigure your WiFi interface to
copy one of those MACs (where possible), and that minor stumble is averted.

More importantly, it doesn't stop packet sniffers from doing their job.

And it adds more inconvenience as far as administration goes too.
Extra work to reconfigure the router for every new device you want to
attach. Perhaps not such a big deal in a home situation where the
hardware doesn't change, but I've seen this in corporate configurations
where it can and does change frequently.



Sadly, I've seen MAC address locking with NO encryption (otherwise
open) in corporate situations.
It'll be more secure to leave the front door open, and hang an ethernet
cable out the hallway. That way, the hackers will need to physically
walk up there and plug in, verses sit on their fat arses and do it from
their own chairs with WiFi.