Ensure Default Wireless SSIDs Are Changed
Change default wireless network names to enhance security.
Plain language
Changing the default name of your wireless network (also called the SSID) is crucial for security. If you keep the default name, it can signal to potential attackers that you might not have changed other default settings, making your network an easier target to exploit.
Framework
ASD Information Security Manual (ISM)
Control effect
Preventative
Classifications
NC, OS, P, S, TS
ISM last updated
Feb 2022
Control Stack last updated
19 Mar 2026
E8 maturity levels
N/A
Official control statement
Default SSIDs of wireless access points are changed.
Why it matters
Default SSIDs can reveal the access point vendor and suggest default configuration, aiding targeted attacks and unauthorised access attempts.
Operational notes
Change all wireless access point SSIDs from vendor defaults, and document approved naming conventions to avoid revealing organisation or location details.
Implementation tips
- IT staff should identify all wireless access points: Use network scanning tools to find all devices broadcasting a wireless signal in your organisation. This ensures no access points are overlooked.
- The network manager should change the default SSID: Log into each wireless router using the admin interface and navigate to the wireless settings page to rename its SSID to something unique and non-identifiable.
- The IT team should establish a naming policy: Develop a consistent naming scheme for SSIDs that avoids using company names or addresses. This policy helps maintain an organised and secure network environment.
- Managers should inform staff about the SSID change: Communicate any new network names and related changes to employees so they can connect correctly. This could be done via email or during team meetings.
- The IT department should document all changes: Record each new SSID change along with the date and reason for changing in a secure and accessible document. This provides a historical record of network changes for future reference.
Audit / evidence tips
-
Askthe network inventory report: Request a document listing all active wireless access points and their corresponding SSIDs
Goodshows a list with unique, non-default SSIDs
-
Askto see the SSID naming policy: Request the document outlining the organization's naming conventions for wireless networks
Goodis a clear, specific policy document with unique guidelines
-
Askmeeting notes or emails regarding staff notifications: Check documents or emails showing that staff were informed about SSID changes
Goodis a record or message explaining the change
-
Asknetwork change logs: Request logs or reports showing changes made to SSIDs
Goodincludes detailed records confirming actions
-
Askaccess to wireless access point settings: Request a demonstration of the current SSID settings via the access point’s administration interface
Goodis a live demonstration showing the configured settings
Cross-framework mappings
How ISM-1316 relates to controls across ISO/IEC 27001, Essential Eight, and ASD ISM.
ISO 27001
| Control | Notes | Details |
|---|---|---|
| layers Partially meets (2) expand_less | ||
| Annex A 8.8 | ISM-1316 requires changing default wireless SSIDs to avoid insecure default configurations on access points | |
| Annex A 8.9 | ISM-1316 requires that default SSIDs are changed on wireless access points as part of secure configuration | |
| link Related (1) expand_less | ||
| Annex A 8.20 | Annex A 8.20 requires organisations to secure and control networks and network devices, including configuration management of access tech... | |
These mappings show relationships between controls across frameworks. They do not imply full equivalence or certification.