Skip to main content
WiFi Buddy

Blog

MAC address randomization on iOS: why your devices look like strangers

iPhones rotate their MAC address per network for privacy. That's great for you and confusing for anyone scanning their own Wi-Fi. Here's what's actually happening and how to read past it.

You scanned your Wi-Fi, saw a device named something like F2:1A:09:B7:42:CE with no friendly name, and wondered if a stranger had jumped on your network. There’s a good chance the stranger is your iPhone.

Modern phones — iPhones since iOS 14, Android since Android 10 — randomize their MAC address per network by default. The feature is called “Private Wi-Fi Address” on iPhones, “Randomized MAC” on Android. It’s a privacy win and a network-administrator headache, and once you understand what’s happening it stops being scary.

Why MAC randomization exists

Before randomization, your phone’s MAC address (a 48-bit hardware identifier) was the same every time it connected to anything. Coffee shops, malls, airports, your apartment building’s free Wi-Fi — they could all see the same unique ID and use it to track your movements without you ever joining their network. Apple, Google, Snowden, and the privacy community spent years documenting this.

Randomization fixes the tracking problem the obvious way: pick a new “address” for each network. Your iPhone uses one MAC for your home, a different one for the coffee shop, and a different one for the airport. None of those networks can correlate you across locations.

Apple goes a step further on iOS 14+: the “Private Wi-Fi Address” rotates again every 24 hours on networks you join briefly, so even repeated coffee-shop visits don’t give a stable ID. On networks you join long-term (your home, your office), the address stays stable for that network until you forget and rejoin.

How to spot a randomized MAC

The first byte of a MAC address has a special bit — bit 1 — called the locally-administered bit. When that bit is 1, the MAC was generated by software, not assigned by the IEEE to a hardware manufacturer. Roughly: if the second hex character of the MAC is 2, 6, A, or E, it’s locally-administered.

Examples:

  • F2:... (starts with F, second char 2) → locally administered → almost certainly randomized
  • A6:... → locally administered → randomized
  • 1A:... → locally administered → randomized
  • 00:1B:63:... → globally unique → real, manufacturer-assigned Apple MAC

WiFi Buddy detects locally-administered MACs automatically and labels them as randomized in the device detail sheet, so you don’t have to do the bit-math yourself.

What this looks like on your network

Three patterns worth recognizing:

  • Random-looking MAC, but the device sticks around for weeks. That’s a phone, tablet, or watch that joined this specific network. Same physical device, just hiding its hardware ID behind a network-specific alias.
  • Random-looking MAC, appears once, then disappears. That’s a guest who joined briefly, or an iPhone that rotated its address on its own (the 24-hour rotation case).
  • Multiple randomized MACs that all look like the same device type. That’s your own phone over time — the 24-hour rotation rolling forward, or you using “Forget this network” and rejoining.

How to keep your own devices identifiable

You can tell each iPhone to use its real MAC for one specific network — useful for parental controls, MAC-based router rules, or just so you stop panicking when you see your kid’s iPad show up as a “new device”:

  1. Settings → Wi-Fi, tap the (i) next to your network name.
  2. Toggle “Private Wi-Fi Address” off.
  3. Forget the network, rejoin (this is what actually changes the broadcast MAC).

Now that device will use the same hardware MAC every time it joins your network, and your router’s device list will be much more readable.

If you’d rather keep privacy on, give the device a friendly name in your router admin page (or in WiFi Buddy via the trust state). Once trusted with a nickname, the random MAC stops mattering.

Why scanners can’t always identify them

Even with randomization on, our 8-layer scanner usually still identifies the device:

  • Bonjour (_apple-mobdev2._tcp, _companion-link._tcp) is unaffected — randomization changes the MAC, not the service-discovery payload.
  • Hostname (“Justin’s iPhone”) is the device’s own setting.
  • Open ports (62078 → Apple sync, 22 → SSH, etc.) work the same way.

So even on a randomized network, an iPhone usually still gets classified as a phone by name and port — it’s only the MAC’s vendor lookup that fails. WiFi Buddy explicitly labels the device as “Apple Device (Private Address)” rather than the misleading “Unknown” most older scanners produce.

TL;DR

A scary-looking MAC isn’t a stranger; it’s privacy working correctly. Read the second character of the MAC (or just trust the “randomized” label in WiFi Buddy), name your devices once, and the mystery goes away.

From the makers of

WiFi Buddy — see your Wi-Fi, walk your home, find every dead zone.

AR walk-and-paint surveys, a graded coverage report, an 8-layer device scanner, and an offline assistant — all on your iPhone.

Download on the App Store
All posts