What Is a MAC Address?
A MAC address (Media Access Control address) is a unique 48-bit hardware identifier assigned to a network interface card (NIC). It is expressed as six groups of two hex digits separated by colons or hyphens (e.g., AA:BB:CC:DD:EE:FF). MAC addresses operate at Layer 2 of the OSI model and are used for communication within a local network segment.
MAC Address Structure
The first 24 bits (3 bytes) are the OUI (Organizationally Unique Identifier) — assigned by IEEE to manufacturers. The last 24 bits are the device-specific identifier assigned by the manufacturer. Bit 0 of the first byte indicates unicast (0) or multicast (1). Bit 1 of the first byte indicates globally administered (0, burned in at factory) or locally administered (1, set by software).
MAC vs IP Address
MAC addresses identify hardware within a local network (LAN). IP addresses identify devices across networks (e.g., the internet). Routers use IP addresses to route traffic between networks; switches use MAC addresses to forward frames within a network. ARP (Address Resolution Protocol) maps IP addresses to MAC addresses within a subnet.
MAC Address Spoofing
Despite being 'burned in' to hardware, MAC addresses can be software-overridden on all modern operating systems. This is used legitimately for privacy (iOS and Android randomize MAC addresses for Wi-Fi scanning to prevent location tracking) and maliciously for network impersonation. MAC addresses should never be used alone for access control.
MAC Address Privacy
Since iOS 14 and Android 10, mobile devices use randomized MAC addresses when scanning for Wi-Fi networks and can also randomize per-network. This prevents retail stores and public Wi-Fi networks from tracking your device's physical location across visits using MAC address logging. Disabling randomization reveals your device's permanent identifier.