Discussion topic: Device/Parental Control with Sky Hub Max

This message was authored by: MrOates · ‎07 Jan 2026

Having found the "Create a Discussion" box, thought it might best for this to have it's own discussion as there does not seem to be much out there on this and wores are getting crossed saying WPA3 is better than whitelists.

Just had Sky Fibre installed with the new Sky Max Hub. We also paid extra for the Parental/Device Controls as this is the most important thing for us with 2 teenagers and a 7 year old. We have set up time limits for each device, but caught the kids still using their iphones at midnight. It seems that there are multiple entries on the device list in the My Sky App for the same iphone; presumably because of MAC address randomisation on the iphones. We saw and set up "Chris's iPhone" on the device list and set it to pause and have a scheduled shutoff at 9pm. Then we see a new entry called "iphone" which is actually still Chris's iPhone but presumably with a new random MAC address as he restarted his iphone and must have got a new MAC address. They have to know the WPA3 wifi password because we want them to have internet access during appropriate times. But as they know the password, the wifi lets them on and default for new devices is 24x7 access. We used to use the MAC address filtering option i.e. a whitelist and forcing the kids to turn off private wifi setting, so hardware MAC was always used to access our home network. But this seems to have gone in favour of secure passwords/encryption. Which is fine, but parental/device control is not a WPA3 issue; how do I stop the kids iphones accessing the internet at midnight? Obviously we want our devices and IOT devices (Ring doorbell) to be on 24x7, but without a whitelist, there seems to be a device control loophole for iphones...and any device that can change MAC address (easy to do). Could we set up up profiles in a way that the system default is say, internet access between 8am-9pm, except if you are in a profile allowing different/longer/shorter access? There is not a lot of official help on profiles that I can find and the Sky videos I can find don't cover profiles in detail.

This message was authored by: JimM1 · ‎07 Jan 2026

@MrOates Have you called sky? Maybe there is a specialist on the minefield of parental controls you can discuss with!

This message was authored by: MrOates · ‎07 Jan 2026

Yes. They said don't let the children turn off "Private Wifi". We assumed they don't have kids! If there are no answers on here we'll try and escalate within Sky, but tried that before and painful to find someone who knows more than you.

This message was authored by: Chrisee · ‎07 Jan 2026

@MrOates there are limits to what any parental controls on a router can achieve and where Apple devices can use multiple Mac addresses etc you are going to struggle. Apple's children's accounts which are linked to parental accounts should help as they can limit settings thst can be chsnged and can set time limits at a device level but the best of luck getting that in place with a teenager.

There should be no need for them to have the wifi password to connect devices which have been previously networked but any tech savvy kid knows how to find it anyway.

=========================================================
65inch Sky Glass, 3 Sky Streaming Pucks, Sky Ultrafast + and Sky SR213(white Wifi Max hub) main Wifi from 3 TP-Link Deco M4 units in access point mode

This message was authored by: TimmyBGood · ‎07 Jan 2026

@MrOates

Personally I'd go crude. Lock the Hub WiFi and administrator settings with a password they don't know (and disable WPS), then attach a separate wireless access point (not a second router) using ethernet cable. Give them the WiFi password to this unit, and then switch it off at the mains when desired.

* * * * * * *
Sky Glass 55" (on ethernet) & two Stream Pucks (one ethernet / one WiFi)
BT Halo 3+ Ultrafast FTTP (500Mbs), BT Smart Hub 2

This message was authored by: MrOates · ‎07 Jan 2026

I understand there are limits, but a device whitelist based on MAC address is surely pretty basic thing to have when coupled with WPA3.

Yes, kids are very tech savvy with their handsets, but they don't have access to the router or My Sky app, which is why we always used MAC filtering. The kids had to use the HW MAC address to access the internet. They even tried to spoof the MAC address on the Xbox which is wired, but couldn't do it. I thought it was very simple and very good. It worked. But you then upgrade to get WPA3 (and quicker speeds) and now the kids can do what they like!

This message was authored by: MrOates · ‎07 Jan 2026

We don't allow WPS anyway and they don't have the password to hub or My Sky. I really don't want to have to buy and set up a separate non-Sky box as an access point. And locking them out of wifi doesn't help with the wired devices. Wouldn't they just get an IP address from the DHCP server on the Max Hub? Then change MAC address and get another one after we've paused it?

This all worked. Why fix it? There must be thousands of parents in the same position here thinking they their kids device under control and don't realise they haven't. I wouldn't have known except we heard them at midnight and then I properly checked the lists in My Sky.

Is there no way of setting up a default 'Profile A' so all new/unallocated devices default to Profile A and then you can add a device to 'Profile B' which has different restrictions. The only issue here is the assumption that new/unallocated devices automatically have unrestricted 24x7 access.

Discussion topic: Device/Parental Control with Sky Hub Max

Device/Parental Control with Sky Hub Max

All Replies

Re: Device/Parental Control with Sky Hub Max

Re: Device/Parental Control with Sky Hub Max

Re: Device/Parental Control with Sky Hub Max

Re: Device/Parental Control with Sky Hub Max

Re: Device/Parental Control with Sky Hub Max

Re: Device/Parental Control with Sky Hub Max

Was this discussion not helpful?

Search Sky Community

Start a new discussion