Options for individual Wi-Fi access points

When creating a new connection to a Wi-Fi access point, or modifying an existing access point, you have the ability to set various configuration options specific to that access point.

To modify the settings for an existing access point, you can long-press the name of the access point in the list, and then select Modify network.


The SSID is the name given to identify the access point. Unless you are manually creating a new Wi-Fi connection using the Add network menu item, this will simply be the name of the access point you already selected and you won't be able to modify this.


Wi-Fi access points may use one of a range of different security methods, intended to protect your connection from eavesdropping over the air by encryption and authentication.

  • None¬†provides no security. This potentially allows people within range of the Wi-Fi access point (even outside the building) to eavesdrop on any data you send and transmit using their own Wi-Fi device, and it is therefore considered highly insecure to connect to such an access point.
  • WEP (Wireless Equivalent Privacy) provides a low level of security. WEP has been demonstrated to be highly insecure and easily breakable, rendering it not significantly more secure than None. It is considered highly insecure to connect to such an access point. WEP connections require a secret passcode usually represented by a sequence of digits and letters.
  • WPA PSK / WPA2 PSK / WPA Personal (Wireless Protected Access, Pre-Shared Key) provides a more secure encryption scheme protected by a secret password. This scheme is very commonly found in home Wi-Fi access points and provides good security provided the secret password is long enough and difficult to guess.
  • 802.1X EAP / WPA Enterprise (Extensible Authentication Protocol) provides an alternative method to support various modes of encryption and authentication. When this mode is selection, you choose an encryption and authentication method separately. This would be more commonly used in large corporate networks. In some cases a certificate file may be used for authentication instead of, or as well as, a secret password.

EAP method

802.1X EAP / WPA Enterprise connections only

Selects the method for providing encryption over 802.1X EAP / WPA Enterprise connections. This must be set according to instructions provided by the network administrator.

Phase 2 authentication

802.1X EAP / WPA Enterprise connections only

Selects the authentication method used over 802.1X EAP / WPA Enterprise connections. This must be set according to instructions provided by the network administrator.


802.1X EAP / WPA Enterprise connections only

Selects the identity or "Username" used to connect when using certain authentication schemes over a 802.1X EAP / WPA Enterprise connection.


Allows entering the secret password/passcode required to access the Wi-Fi access point.

Show advanced options

Enables the configuration of various additional options.


Proxy settings

An optional field allowing you to specify the address of a HTTP proxy to use for all web traffic over this connection. Networks sometimes use HTTP proxies to filter your access to the web, or to improve the speed of commonly access web pages and resources by caching them.

At this time, Android does not support HTTP proxies which require authentication such as a username and password.

Proxy hostname

The address given may be an IP address (for example, four numbers with dots such as or the hostname of the proxy server.

Proxy port

This field relates to the above (Proxy hostname) field, and if a proxy is being used, both must be set. To use an HTTP proxy you must not only supply the address of the proxy but also the port number to use for connecting to it.

Common port numbers for HTTP proxies may include 80, 3128, 8080, or any high number ending with the digits "80".

Bypass proxy for

Allows the configuration of various web hostnames which should be contacted directly, instead of via the proxy. In a local network, this may be any website which is hosted inside the network and does not require the proxy.

This should be specified as a list of hostnames or IP addresses separated by commas, with no spaces.

IP settings

This allows configuration of the IP address allocated to the device while using this network. On most modern networks, devices connecting to the network are automatically allocated an IP address by a DHCP server on the network, and you should not need to alter the following settings.

If you wish to specify the IP address manually, select Static.

IP address

The IP address that this device will use when connected to this network. This must be compatible with the network configuration set up by the network administrator.


The IP address of the Gateway server on the network: the server through which a connection can be made to other networks.

Network prefix length

Specifies the size of the network prefix for the assigned local network, in bits (8 bits per dotted value). For example, if the current network is defined as the IP addresses through, a prefix of 24 should be used.

DNS 1 / DNS 2

Specifies the IP address of two alternative DNS servers to use for name resolution (looking up IP addresses from hostnames).