Feature Request: Ability to Hide the Network

Hiding the SSID of a wireless network does next to nothing for improving security. Even a "hidden" network is still sending out information and there are lots of available software tools that can detect these networks. Hiding the SSID can also make it harder for devices to roam to another access point (which with a mesh environment like eero, is critical). It also just adds additional complexity for support personnel to have to deal with (example: when customer submits issue that they can't see their wireless network anymore, support agents would have to first verify if the SSID broadcast is enabled/disabled).

Hi  bindignavile —

Thanks for your feedback and welcome to the eero community!

I am more than happy to share your request, as well as the additional points made above, with our team.

I hope that both you and  cMoo92 can continue your thoughtful discussion on this matter. While healthy debate is encouraged, I'd like to remind you both to make sure any future posts continue to follow our posted Community Guidelines.

bindignavile, I'm not in any way trying to brag or be condescending, but first let me preface the following reply by clarifying what my experience level is. I have 15+ years of IT experience with several of those being the IT manager for several organizations with nearly 1,000 daily network connected devices and 70 enterprise level access points. I don't claim to be a wireless guru, but I'm far beyond just a wanna-be retail store tech.

Let me respond to the points you made in your reply:

You: With a hidden network, casual hackers will have to guess at the network SSID.
Me: My original point was that nobody has to guess at anything. Even a hidden SSID is constantly sending out beacon frames and there are several free tools that can easily read these and figure out the SSID. Properly securing your network means having a network password set. Cracking the WPA2-PSK is going to be the much harder part (but not impossible). But if someone has the desire/capability to crack your network password, I don't think there is much separation of a "casual" vs "dedicated" hacker. It's what they do after they break into your network that would probably define what level of hacker they are. But this is getting into semantics and I don't think it's worth our time to debate that, nor do I believe that is that what this community is intended for.

You: Why would I want to roam on my home network? Why would I want to roam to another access point?
Me: The whole functionality a mesh network (i.e. what eeros do) is based around the idea that your devices connect to the other APs (eeros) in your home. Roaming isn't just connecting to a different SSID, it's also connecting to another AP that is offering a better signal. If you only have one eero in your home, then there is no need for roaming, but if you have multiple eeros your devices will roam. You are correct in that a hidden SSID won't necessarily stop devices from roaming to other APs that are configured with the same SSID and security settings. But a hidden SSID forces your device to be active and to send out requests saying "hey, does anybody have this SSID?" and waiting for a reply. If your SSID isn't hidden, your device can be passive and just sit there and listen and then go "oh yea, I see that SSID and I know how to connect to it!". The active vs passive part is where roaming issues can happen and devices may not connect to a closer AP as quickly/easily. Now, I will also add that roaming isn't always perfect even with SSIDs that aren't hidden. But hidden SSIDs add even more to the already complex nature of wireless networking.

You: A customer who hides his/her network will submit a support request saying he cannot see his network anymore????
Me: Yes. Customers will do this. Eero is selling their product to the consumer market and therefore there will be a lot of people who don't have strong technical skills/understanding. That's the beauty of eero. It's a product that is simple and easy. A hidden SSID requires people know/understand how to manually add a new network to their devices. This isn't a problem for people such as you and I, but we are not the norm.

If you would like me to provide you with some further articles/discussion about why hidden SSIDs are a bad form of security, I can do so.

In summary, hidden SSIDs is a very poor level of security and introduces additional complexity that can cause technical issues. And IMHO, I would rather see eero focus on fixing existing bugs, improving performance, and developing new features that would be more applicable/desirable to the entire user base.

Jeff C. On a side note, I have a community related question. Is there a way I can contact you directly?

cMoo92 Sure thing. Feel free to shoot a note to community@eero.com. Thanks!

Overall, I'm happy with my purchase..I would like this 1 feature added to my set-up.

I won't join debate in regard to whether or not hiding the SSID is beneficial for added layer of security...I simply would like to feature added to eero. I've previously kept my home business SSID private, I prefer having the option to separate my business from home/guest/family use and keep my main SSID hidden. 

Why is this not being planned? I agree that this isn't going to increase security against someone that knows how to scan for SSIDs, but it does help against non-technical neighbors or random passerbys seeing your SSID and trying to join it. If I want to hide my SSIDs, I should have the option to do so.

Purchased the Eero 3 x WiFi APS and was all operational.  However; was very disappointed to learn I could not protect the SSID from being broadcasted.   I totally agree that anyone with right tool can detect SSID even if it’s hidden.  However; we all have to agree that there is a boundary of security that we are  all impacting.

Please find it in your hearts to add this option to the product and make it accessible as a toggled option.

Regardless of the effectiveness of hiding your SSID it is a feature of many other routers and should be an option. Would like to see it added if possible. 

Still really want this feature. It keeps friends from asking to join the primary network where family members hit the "Share network" button on their iphone without thinking about the server privacy 

The reason I am very likely to not keep my new eero devices is 2 issues:

1) Does not allow hidden networks.  I can live with this although I really don't like it but the big issue is my second reason:

2) I can't whitelist who is allowed on my network.  I do get notified when a new device joins but they don't even get asked for a password.  I would much rather have a situation where there is an issue for a few hours while the mac address gets added to the whitelist than have anybody who wants to join my network go crazy.  Even with the block this device...  with the many devices around, a whitelist is a WAY shorter list.

3) OK one more reason.  The extenders do not have an ethernet connection.  I have some devices (shocking I know) that are not wifi enabled and I have been connecting them to the wifi using a small switch and then that is connected to the wifi through ethernet.

txgunlover said:
This feature will never be present on eero. 

 How do you speak for the company? Are you the owner or an officer?

I just bought and set up an EERO mesh network.  I can't believe it lacks the ability to hide the primary network's SSID.  Just about every reputable router out there has that feature.  There is plenty of banter in this thread on the topic.  I think Moozilla2 nailed it with "do you lock your doors at night?"  The EERO mesh network worked well, but not being able to hide the SSID is a deal killer.  I'm removing it and returning it to Amazon.

I am clearly not a huge Securiity expert, but I been using Hidden SSID for years. What needs to get done to add this feature?  Technology is already there, all I am asking is to give us the feature that we are accustomed to using. I just purchased my Eero with 4 devices, and after setting it up and learning that I cannot hide the SSID, is definitely enough to return everything. I rather save $900 and not be told what I can and I can't do with my investment. Not Happy!!!

This is ridiculous. I'm on Frontier Fiber. I am forced to use the supplied Eero router as a gateway, and I have my own router (Synology) and mesh plugged into the Eero. That's acceptable although not optimal. What isn't acceptable is there is no way to turn off Wi-Fi on the Eero router, so it interferes with my much more complex (and capable) Synology wired and wireless mesh, and all the 40 devices I have connected to it at all times.

Just give me a toggle that I can turn it off with. I can't even opt to not set up Wi-Fi when setting up the Eero from scratch. Also, no ability to hide my Eero's Wi-Fi SSID. These are basic capabilities that every router has had since Wi-Fi was first available.

The only other possibility I can think of is to buy a small Faraday cage to put the Eero in so that its Wi-Fi doesn't interfere with my own router's Wi-Fi and mesh.

You got to wonder how this company stays in business after 5 years of ignoring basic router design. Same as above I am forced by my ISP to use this router as gateway... and I have my own router... better... more secure... etc. However, same as above I have no option to hide the SSD, nor turn off the Wi-Fi, nor to use my own router, etc.

Lets start an eero Farady cage business to fix this issue once and for all.

*Long post/wrote a book* Basically as a person who works in networking and security I'm okay with this feature not being included. Large IT companies that charge several thousands per month per client do not care about hiding SSIDs at all. Complex Passwords is FAR more important and even then nowhere near as important as having a security layered approach (EDR, MFA on every PC/Router, Network Monitoring, DNS filtering, etc)

I was curious to see this thread mainly because the "Not Planned" caught my eye, and thought it was actually cool to see this vs. having redundant posts going nowhere, but oh boy... The most complaints I've heard from clients were features that Eero "lacked" were Hiding SSID, MAC Filtering, and WPS, but these either don't matter or are a vulnerability.

I would not consider myself a true expert level since I don't actually write code for network devices or do pen tests myself, but I'd like to humbly contribute my thoughts on this. (I hope someone may find this useful).

Having installed over 3K units on this brand alone and several more other brands. This is not an advanced router and I don't believe it ever will be, but that is a good thing..it just works and it does it very well. I too would like to see some more advanced features because I personally own one. However, this feature is basically useless and provides a false sense of security similar to MAC filtering. I relate to people's thinking that these are security features, as I too thought this when I had my first router in middle school, but once I actually tested these features, I realized how like many experts had told me..."they do nothing, focus on other security".

In EVERY single case I've ever come across for residential use and very small offices, hiding the SSID was never justified from a technical perspective it was just stubbornness. It would cause issues with devices later down the road. (I've also never had any issues with hiding my own SSIDs during testing though). This would cause the client to spend extra money on labor for troubleshooting. In probably 99% of the time we ended up reverting the SSID to broadcast the name again, and the 1% was just stubborn people that still used weak passwords in other areas.

I think hiding the SSID should not be considered a "security" but simply just an option/feature in other brands (not Eero). The analogy of "locking your door" is not equal to hiding your SSID. Locking your door would be more like having a password, and adding a complex password is more like having a better quality door lock (See Youtube videos about lock picking and you will be amazed).

Although I believe that some people may never change their minds for reasons of their own, I think that for many others they would change their mind about how little this matters if they knew or see how cracking WiFi encryption keys work. A few youtube videos should change your mind. Please watch some.

It is very common for kids learning how to hack that will attempt WiFi cracking and like others here have mentioned, it is not about guessing. The entire SSIDs near you will simply appear and their is no "low hanging fruit" here. A person will either target a funny name, someone they know in their neighborhood or even a hidden SSID because "ooh they think they can hide from me". Cracking a wifi password can be done in seconds, minutes, hours, days, or even months, but it will be cracked eventually. The only ones trying to crack your home's wifi password is your neighbors and not people on the internet.

I suggest that if you truly care about your home's security as much as hiding your SSID choose a random complex password of at least 12 characters and change it every few months. But then have the major inconvenience of sharing that with family and entering that into each device every few months. It's overkill but it will ACTUALLY stop hackers from that entry point. This is still likely not your weakest link in security though.