I have been receiving messages about new devices joining my network and right now I can see 7 unnamed devices with MAC addresses that I don't recognize.
My first and most important question is: are these the result of external people hacking into my network and does it mean that its password is compromised?
If that is the case, is resetting the password the only solution? I had hoped that I could filter on MAC addresses, but that doesn't seem to be an option. 😞 The problem is that resetting the password is a major pain because of a few of the devices that are connected.
It's most likely that you have some client devices that are generating random MAC addresses. If you take a look at the actual MAC addresses you're seeing, there should be 12 characters in groups of two. If you look at the first group, and the second character in that group is either a 2, 6, A, or E, then it is very likely a random MAC address generated by one of your clients. For example, the address 92:B1:B8:42:D1:85 has a "2" as the second digit in the first group ("92"), indicating it is a random address.
So, if that's what you're seeing, it shouldn't be a security issue and you shouldn't need to reset your password. But, it will be annoying until you figure out which client is generating those random MAC addresses and reconfigure it to stop doing that. Some clients that use random addresses will pick one random address and keep using it on that network indefinitely (but won't use it on any other network). Some other clients may pick a new random address periodically, though, and that will get pretty annoying.
All of that said, if these aren't random MAC addresses, then changing your WiFi password to something stronger and reconfiguring your clients would be prudent. I would not do that unless you're sure it isn't just random MAC addresses from your trusted clients.
It's possible some clients aren't following the numbering convention, so the 8 and C may still just be random MAC addresses. But, you may also be able to look them up in a MAC address vendor database (I use something like https://www.wireshark.org/tools/oui-lookup.html but there are others). That just needs the first half of the MAC address.
Other than that, it seems like most of the random MAC addresses are generated by mobile devices (iPhone, iPad, Android) or Windows machines. So, you might just take a look at any of the devices you have that might be in that category and see if they've been configured to do this (and if you can disable it, which they may warn you about, but should be perfectly safe in a network you own).
With thanks to MichaelP: I now suspect it's all random MAC addresses. Looking at the times when they were used, it seems pretty random - nothing systematic. The two addresses that were traceable pointed to Mitsumi and Murata, and I gather they are likely to refer to components in my devices.
I will also reboot the whole system. And if it gets worse, I will change the password.
Thank you again, it made me breathe easier 🙂