Very old, obsolete router still being ”seen” in WiFi networks list

MurPhil wrote:

Maybe my next comment below will show whether or not I have at least a partial understanding of what you said.

The SSID associated with my old, defunct network/router and the SSID associated with my current network/router are not the same. I surmise, therefore, that there shouldn’t be any credential conflicts ?!

No. As long as you make your devices "forget" the network with the unwanted SSID, and don't select it again, they shouldn't try either to auto-join that network, or to switch to it when they see that its signal is stronger.

Auto-join – what your Mac or your iPhone does when it's not joined to a Wi-Fi network, but sees a SSID that it recognizes. It will try to connect to that network, using a stored copy of the Wi-Fi password from the previous association.

Switching between access points with the same SSID – what Wi-Fi clients do when they're already joined to a network, they see multiple access points with the same SSID, and signal strengths make it attractive to switch access points.

Say, you're in a shopping mall or airport that has free public WiFi. You connect your phone to the free network, and walk from one end of the building to another. Chances are very good that your phone will switch from one access point to another, as you walk, without giving you any clue this is happening (except for WiFi still working hundreds of feet away from the place where you started walking).

What is the likelihood that someone else has inadvertently used the exact same SSID for their own network/router as was the SSID of my old network/router?

It depends very much on the name. I remember that a lot of new routers used to come with default SSIDs and/or router passwords (as opposed to Wi-Fi passwords) such as "SSID", "password", and "NetGear." If you're talking about gear supplied by your ISP, you might find that many of your neighbors have SSIDs with, say, "Spectrum" in the ID, even though there are additional letters or hexadecimal digits to make the names unique.

If your old SSID was a default name, or a very generic one, or based on a first name that lots of people have, the fact that the other network used the exact same SSID may indeed have been entirely innocuous.

The more you made your SSID distinctive, the less likely it is that someone got the same one by default, or chose the same one with no intention to "steal" your SSID. If your SSID was "Dracula's_Castle" and your neighbor "just happened" to have the same SSID, that would be pretty suspicious.

What is the likelihood that someone else has deliberately “stolen” my old SSID network credentials?

Would this pose any security/privacy threats to my personal WAN and/or LAN communications?

And if so, what would those threats likely be?

How problematic could this be for my internet security/privacy?

Should I be worried and do something ASAP to mitigate it?

Your neighbor could try "sniffing" your packets. They wouldn't even need to run a cable into your house, or get you to connect to their Wi-Fi router, to do this.

If you were using your own Wi-Fi router, turning on WPA 2 or 3 security with AES encryption keys would offer a degree of protection, both against them decoding your traffic, and against them getting to do things like using your printer, or trying to gain access to files stored on a local NAS (network-attached storage) unit.

Locking your network also makes it hard for someone to park on the street in front of your house, and use your Wi-Fi Internet service to send their spam, or launch their hack attack against someone else.

But let's say you were running without any Wi-Fi security.

When you connect to a Web site using the https protocol (the 's' stands for security), your computer and the Web site set up an extra layer of security to protect the contents of the conversation from eavesdroppers. It doesn't guarantee that you're talking to a safe or legitimate Web site, but it means that someone who was "sniffing" a https Web conversation would mostly see packet headers and such. They might be able to tell that you were talking to a bank, and determine which bank it was (from the IP address), but the encryption would make it difficult for them to steal your bank account password or see your bank balances as you are displaying them on your computer screen.

If you connected to a site using http (no 's'), there would be no such added security … so if there happened to be no Wi-Fi security, and no IPv6 security, and no https security either, the whole interaction would be an open book to anyone willing to take the trouble to eavesdrop on it.

BTW, what does the acronym OP stand for? I’m only aware of OS (operating system)?

Original Post or Original Poster. (This site puts the word "Author" next to the name of the original poster.)

As a possibility: Settings > Wi-Fi > Edit > clean up the list of known networks

But if it’s showing up, there’s likely a router active and using that SSID name. Maybe a guest network SSID?

Or possibly some Wi-Fi shenanigans.

ku4hx wrote:

If your old SSID is now visible when you scan for nearby networks, that means somebody hijacked the name.

Same SSID could also mean that someone else has the same "factory default" or generic name, not necessarily that they are trying to pull one over on the OP.

Note that in an enterprise setting, configuring multiple access points to use the same SSID is how you tell Wi-Fi clients that the access points are all part of the same extended network. Clients attached to one of the access points will try to automatically switch to one of the others if the signal difference is enough in favor of another. In a big building / campus, you would typically have many access points, with the same SSIDs, that are part of the same network, scattered around, to provide a wider coverage area than any single access point could provide alone.

If the SSIDs actually belong to different networks, you may get unwanted switching from one Wi-Fi network to another (likely accompanied by denial of service if the new access point requires different credentials).

As you noted, "Indistinguishable names [for different networks] leads to confusion." for man and machine alike.

OP: Original Poster.

If completely unrelated devices also show the SSID, or a SSID-scanning tool such as WiFi Explorer for macOS shows it, that would confirm the SSID is active.

MurPhil wrote:

…I did the “Forget This Network...” thing a few yrs ago w.r.t. my old router, but nothing changed so far as the SSID continuing to appear in the list of “available” WiFi networks.

That means a nearby Wi-Fi network is active with that SSID.

ku4hx wrote:

Indistinguishable names leads to confusion. It's seldom a bad idea to have different pieces of equipment have different names for identity purposed. If you have two computers on your network with the same name, every network I've even been associated with will "complain". In some cases the OS will handle that by appending a unique identified, such a "-2".

mDNS deals with that case, whether due to duplicate host names set on clients, or due to a loop in the network.

Given the DNS host name is set at the DNS server (possibly with the assistance of the DHCP server), there can’t be duplicate hostnames. (Which host name gets precedence?)

What the older name services including WINS or YP or the other older stuff does here, donno, been a while.

Same for IP addresses. Duplicate identifiers are not identifiers at all in reality.

Correct. Which is why most networks will use DHCP or IPv6 to avoid that.

If your old SSID is now visible when you scan for nearby networks, that means somebody hijacked the name.

Correct. Either an explicit SSID setup is active locally on some Wi-Fi router.

A Pineapple doesn’t fit with the details provided here; when the old network SSID has been “forgotten”..

Indistinguishable names leads to confusion. It's seldom a bad idea to have different pieces of equipment have different names for identity purposed. If you have two computers on your network with the same name, every network I've even been associated with will "complain". In some cases the OS will handle that by appending a unique identified, such a "-2".

Same for IP addresses. Duplicate identifiers are not identifiers at all in reality.

If your old SSID is now visible when you scan for nearby networks, that means somebody hijacked the name.

The sorts of Virtual PrIvate Networks that get all the hype badly solve a problem which hasn’t existed for a decade or so, but solve it in a way that makes it trivial to collect personally-identified network traffic metadata.

There’s another sort of VPN that provides an end-to-end tunnel that’s used to connect into the internal network of an affiliated organization, and that’s something best left for when (if) you should ever need remote access into your configuration.

More than a little of the oft-hyped add-on security app market and the first-few-hops VPN market is perfectly positioned for siphoning and selling your data and your privacy, and for little added benefit. For instance, Avast is a well-known add-on anti-malware app that was caught collecting and selling data, much to the surprise of some of its users. I expect there are other examples.

I am also having the same problem. I went on a cruise over a year ago and paid for the internet package to use WiFi at sea. It was “Carnival Liberty WiFi”. I’ve since forgotten this WiFi network but it still shows up as the network name I’m trying to connect to at any new place I login into WiFi for the first time. I don’t understand why it would remember the WiFi name from a cruise ship from a year or more prior and obviously no new router SSID is going to have the same name as that anywhere I go otherwise.

If you have an Intel Mac (any Intel model), the WiFi network name may have been stored in the NVRAM. I have seen this happen but cannot explain why or how it happens. If it's stored there, it will even survive a complete wipe & reinstall of macOS!

Resetting the NVRAM should make it go away permanently. This is specifically on Intel Macs, NOT on Apple Silicon Macs or on iPads/iPhones.

Your router is not a network, it allows network connections and you have dead remnants.

Remove the old unwanted network; click the "Forget This Network..." item for the one in question.