MAC Address (Media Access Control address) is an identifier that uniquely identifies a host on your network. This unique identifier (MAC address) is used for tagging frames (a.k.a. data-packets or datagrams) associated with (originating from or being sent to) a host on a network. Simply put, the MAC address is a number that uniquely identifies a network device such as a Wireless Adapter, or an Ethernet card.

MAC addresses are sometimes referred to as Airport IDs (usually on Macintosh computers), Ethernet IDs, Hardware IDs, or Physical Addresses. MAC address are usually denoted using Hexadecimal codes -such as: bd:16:3e:c4:6a:df

Because MAC addresses are permanently recorded/assigned to a product by it's manufacturer, they are also known as burned-in addresses (BIA) or Universally Administered Addresses (UAA). However, considering that these BIA (or MAC Addresses) can be overridden with a Locally Administered Address LAA), they can be altered/faked.

Therefore, it is possible for an intruder to fake his/her network interface card's MAC Address. However, doing so is (slightly) more difficult than simply faking an IP address associated with the network interface or a networking device. However, it would be unsafe to blindly trust a wireless client based on its MAC Addresses alone. Just because cloning/faking MAC addresses requires someone to go through a few extra steps, or simply because intrusions using faked MAC addresses are not as common as intrusions attributed to other (easier) methods; trusting connections based on MAC addresses alone could be a recipe for disaster.

Having noted the fact that MAC Address filtering alone should not be relied upon exclusively for preventing unauthorized access to your WLAN, it would certainly be beneficial to enable MAC Address Filtering on your wifi gear as an additional layer of security.

MAC Address filtering works by restricting access to your wireless network based on the unique address assigned by the manufacturer of your network interface card.

MAC Address filtering can be especially helpful if you happen to be stuck with a few older wireless devices that do not offer other (WEP, etc.) ways of securing your WLAN.

While cataloging and adding MAC addresses of every network interface on your network to your "MAC Address based Access Rules/Filters" on every AP/Bridge/Router/Card can take a lot of work/time -especially if you have a large network -doing so is often well worth it considering it adds yet another (and a very effective) layer of security to your wireless network.

Consult with your product manual for enabling MAC address filtering on your wireless gear.