Mobile & IoT Security

MAC Address

About 5 min read

Last updated: 2026-04-25

What Is a MAC Address

A MAC address (Media Access Control Address) is a 48-bit unique identifier assigned to network devices at the time of manufacture. It is written in hexadecimal notation separated by colons or hyphens, such as 00:1A:2B:3C:4D:5E.

MAC addresses operate at the data link layer (Layer 2 of the OSI model) and are used to identify specific devices within the same local network. The reason a router can distinguish between your PC, smartphone, and IoT devices on your home network is that each device has a unique MAC address.

The first 24 bits are called the OUI (Organizationally Unique Identifier) and indicate the manufacturer. By looking up the OUI in the IEEE database, you can identify the device maker. The remaining 24 bits are assigned by the manufacturer to each individual device, so in theory no two devices share the same MAC address.

MAC Address vs IP Address

Both MAC addresses and IP addresses are essential for network communication, but they serve different roles at different layers.

MAC Address
Operates at the data link layer (Layer 2). Used to identify devices within the same network. Fixed at manufacture and does not normally change. Format: 00:1A:2B:3C:4D:5E.
IP Address
Operates at the network layer (Layer 3). Used for routing between networks. Dynamically assigned by DHCP and changes depending on the connected network.

Think of it like postal mail: the IP address is the street address, while the MAC address is the recipient's fingerprint. Your address changes when you move, but your fingerprint stays the same. Routers use IP addresses to determine the destination network, then use MAC addresses to deliver frames to the correct device within that network.

The protocol that bridges these two is ARP (Address Resolution Protocol). ARP resolves an IP address to its corresponding MAC address, enabling routers and switches to identify the physical destination of a communication.

MAC Address Randomization

Traditionally, MAC addresses were fixed identifiers permanently tied to a device. However, this characteristic created privacy concerns, leading iOS and Android to introduce randomization features.

  • iOS 14 and later: Automatically generates a random MAC address (private address) for each Wi-Fi network. You can check and toggle this under "Settings → Wi-Fi → connected network → Private Wi-Fi Address." iOS 18 added a rotation feature that periodically changes the address even on the same network.
  • Android 10 and later: Uses a randomized MAC address per network by default. You can verify this under "Settings → Network & Internet → Wi-Fi → connected network → Privacy → Use Randomized MAC."

The motivation behind randomization was the discovery that retail stores and commercial facilities were collecting MAC addresses from Wi-Fi probe requests - signals devices broadcast before connecting - to track visit frequency, dwell time, and movement patterns. A fixed MAC address functioned as a long-term tracking identifier, similar to a browser fingerprint.

How to Find Your MAC Address

You can check your device's MAC address using the following methods:

  • Windows: Run ipconfig /all in Command Prompt and look for "Physical Address."
  • macOS: Go to "System Settings → Network → Wi-Fi → Details" to see the Wi-Fi address. Alternatively, run ifconfig en0 | grep ether in Terminal.
  • iOS: Go to "Settings → General → About" and look for "Wi-Fi Address" for the hardware MAC. The per-network private address is shown under "Settings → Wi-Fi → connected network."
  • Android: Go to "Settings → About Phone → Wi-Fi MAC Address" for the hardware address. The per-network randomized address is shown in the Wi-Fi network details.
  • Linux: Run ip link show or ifconfig in the terminal.

Your router's admin panel also shows the MAC addresses of all connected devices. While MAC address filtering (allowing only specific MAC addresses to connect) is available on most routers, MAC addresses can be easily spoofed, so its effectiveness as a security measure is limited.

MAC Addresses and Security

Key security considerations related to MAC addresses:

  • Limitations of MAC address filtering: MAC address filtering restricts connections to registered devices only. However, attackers can intercept a legitimate device's MAC address and spoof their own device to match it. Filtering is roughly equivalent to putting a name tag on an unlocked door - it should always be combined with WPA3 encryption and a strong password.
  • ARP spoofing: An attacker sends forged ARP responses to associate their MAC address with the gateway's IP address, enabling them to intercept traffic within the same network. This is a form of man-in-the-middle attack. While HTTPS encrypts the content of communications, information about the destination may still be exposed.
  • Privacy and tracking: As discussed, fixed MAC addresses can be exploited for physical location tracking. Enable randomization and disable automatic Wi-Fi connections to unnecessary networks to reduce tracking risk.

Common Misconceptions

MAC address filtering makes your Wi-Fi secure
MAC addresses can be easily spoofed, so filtering alone is insufficient as a security measure. Attackers can intercept a legitimate device's MAC address from network traffic and configure their own device to use it. WPA3 encryption and a strong password are the foundation of Wi-Fi security; MAC address filtering is merely a supplementary measure.
MAC addresses can never be changed
While the hardware-burned MAC address itself does not change, it is possible to use a different MAC address at the software level. The randomization features in iOS and Android use exactly this mechanism. On Linux and macOS, you can change the MAC address with a command, and on Windows it can be changed through Device Manager.
Someone can identify you on the internet using your MAC address
MAC addresses are used only within the local network and do not propagate across the internet beyond the router. A web server cannot see the MAC address of a visitor. However, MAC addresses are visible within the same Wi-Fi network, so there is a privacy risk at the local network level.
Share

Related Terms

IP Address A unique identifier assigned to every device connected to the internet. There ar… DHCP (Dynamic Host Configuration Protocol) A protocol that automatically assigns configuration details such as IP address, … Wi-Fi A brand name for wireless LAN communication standards. Based on IEEE 802.11, it … Browser Fingerprint A technique that identifies and tracks users based on unique combinations of bro… IoT Device Security Security measures for the growing ecosystem of internet-connected devices includ… Man-in-the-Middle Attack (MITM) An attack where an adversary secretly intercepts, and potentially alters, commun…

Related Articles

Smartphone Privacy Settings: 8 Often-Overlooked Items Discover the personal information your smartphone may be leaking and the essential privacy settings … Public Wi-Fi Risks: 7 Ways to Stay Safe on Free Networks Learn about the dangers lurking in free Wi-Fi at cafes and airports, and practical measures to prote… How MAC Address Tracking Works and How to Protect Yourself Learn how Wi-Fi probe requests enable MAC address tracking, the reality of tracking in commercial an…
← Glossary