Knowledge Base / MAC Address Randomization

What is MAC Address Randomization?

Updated February 17, 2026 · 6 min read

If you've ever looked up a MAC address and our tool said "Private / Randomized MAC", the device is using MAC address randomization — a privacy feature now enabled by default on nearly every modern phone, laptop, and tablet.

The Problem: Wi-Fi Tracking

Before randomization existed, your device broadcast its real, permanent MAC address every time it scanned for Wi-Fi networks — even when it wasn't connected to anything. This created a massive privacy problem:

  • Retail tracking: Shopping malls and stores could track your movement by logging your phone's MAC as it scanned for Wi-Fi
  • Location analytics: Companies like Euclid Analytics and RetailNext built entire businesses around passive Wi-Fi tracking
  • Persistent identification: Your MAC address never changes, so you could be tracked across different locations and visits over months or years
  • Social graph mapping: By correlating which MAC addresses appeared together, trackers could infer relationships

All of this happened without your knowledge or consent, just by having Wi-Fi turned on.

The Solution: Randomized MACs

MAC address randomization solves this by generating a random, temporary MAC address instead of broadcasting the real one. The key feature: randomized MACs always have the locally administered bit set (bit 1 of the first octet), which is how you can identify them.

  Real MAC:     3C:22:FB:AA:BB:CC  (bit 1 = 0, universally administered)
  Randomized:   4E:7A:D1:12:34:56  (bit 1 = 1, locally administered)

There are two levels of randomization:

Probe Request Randomization

When your device scans for available Wi-Fi networks, it sends "probe requests." These used to include your real MAC. Now, devices use a random MAC for each scan cycle, making it impossible to track you passively.

Per-Network Randomization

The more advanced approach: your device uses a different random MAC for each Wi-Fi network it connects to. This means the coffee shop sees one address, your office sees another, and your home network sees a third — even though it's the same device.

Platform Support

Apple (iOS 14+, macOS Sonnet+)

Apple calls it "Private Wi-Fi Address" and it's enabled by default for every Wi-Fi network. Each network gets a unique, persistent private address (so your home network always sees the same randomized MAC, but it's different from what the coffee shop sees).

Starting with iOS 18, Apple introduced rotating private addresses that change every two weeks, making long-term tracking even harder.

To check: Settings → Wi-Fi → tap (i) next to a network → "Private Wi-Fi Address"

Android (10+)

Android uses a per-network randomized MAC by default since Android 10. Like Apple, each saved network gets a consistent random address. Android 12+ added enhanced randomization that changes more frequently.

To check: Settings → Network & Internet → Wi-Fi → tap a network → Privacy → "Use Randomized MAC"

Windows (10/11)

Windows calls it "Random hardware addresses" and supports both per-network and global randomization. It's available but not always enabled by default — check your settings.

To enable: Settings → Network & Internet → Wi-Fi → "Random hardware addresses" → On

Linux

NetworkManager supports MAC randomization via configuration. You can enable per-connection randomization in /etc/NetworkManager/conf.d/:

[device]
wifi.scan-rand-mac-address=yes

[connection]
wifi.cloned-mac-address=random

How to Detect Randomized MACs

You can tell if a MAC address is randomized by checking the locally administered bit:

  First octet in binary:  xxxxxxx0 = real (universally administered)
                          xxxxxxx1 = random (locally administered)

  Quick check: if the second hex digit is 2, 3, 6, 7, A, B, E, or F
               → it's locally administered (likely randomized)

Our lookup tool detects this automatically and flags randomized addresses with a 🔒 icon.

Impact on Network Administrators

MAC randomization is great for privacy but creates challenges for network admins:

  • MAC-based access control becomes unreliable — you can't whitelist a device by MAC if the MAC keeps changing
  • DHCP address pools may fill up faster as each randomized MAC looks like a new device
  • Network analytics can't accurately count unique devices
  • Troubleshooting is harder when you can't consistently identify a device on the network
💡 For Admins: If you need reliable device identification, consider using 802.1X certificate-based authentication instead of MAC-based methods. It's more secure and isn't affected by randomization. RADIUS servers can identify devices by their certificates regardless of what MAC they present.

Limitations

MAC randomization isn't perfect:

  • Connected traffic: Once you're connected to a network, other tracking methods exist (IP address, traffic fingerprinting, DNS queries)
  • Bluetooth: Bluetooth addresses can sometimes be correlated with Wi-Fi, undermining randomization
  • Implementation gaps: Some devices leak their real MAC in certain probe request frames or under specific conditions
  • Persistent per-network MACs: If you connect to the same network regularly, the per-network random MAC is consistent — the network can still track you across visits

For more ways to protect your privacy, see our MAC Address Privacy Tips.

← Understanding OUI Next: MAC Spoofing →