The name of the wireless SSID must not contain dictionary words.
If an organization is using common dictionary words in the SSID makes it easier for attackers to predict and potentially guess the name of the wireless network. Attackers use automated tools that can systematically try common words to discover the network name. Avoiding dictionary words in the SSID contributes to enhance network anonymity.
This requirement is verified in following services
- CAPEC™-613. WiFi SSID tracking
- PA-DSS-6_1. The wireless technology must be implemented securely
- ISA/IEC 62443-UC-2_2. Wireless use control
- OSSTMM3-9_5_3. Evaluate configuration, authentication and encryption of wireless networks
- ISSAF-L_4_3. Network security - WLAN security (audit and review)
- PTES-6_7_6_2. Exploitation - Proximity access (attacking the user)
Search for vulnerabilities in your apps for free with our automated security testing! Start your 21-day free trial and discover the benefits of our Continuous Hacking Machine Plan. If you prefer a full service that includes the expertise of our ethical hackers, don't hesitate to contact us for our Continuous Hacking Squad Plan.