Unintended and intended use by outsiders
Measures to deter unauthorized users include suppressing the AP's service set identifier (SSID) broadcast, allowing only computers with known MAC addresses to join the network, and various encryption standards. Access points and computers using no encryption are vulnerable to eavesdropping by an attacker armed with packet sniffer software. If the eavesdropper has the ability to change his MAC address then he can potentially join the network by spoofing an authorised address.
WEP encryption can protect against casual snooping but may also produce a misguided sense of security since freely available tools such as AirSnort can quickly recover WEP encryption keys. Once it has seen 5-10 million encrypted packets, AirSnort will determine the encryption password in under a second. The newer Wi-Fi Protected Access (WPA) and IEEE 802.11i (WPA2) encyption standards do not have the serious weaknesses of WEP encryption, but require strong passphrases for full security.
Recreational exploration of other people's access points has become known as wardriving, and the leaving of graffiti describing available services as warchalking. These activities may be illegal in certain jurisdictions, but existing legislation and case-law is often unclear.
However, it is also common for people to unintentionally use others' Wi-Fi networks without explicit authorization. Operating systems such as Windows XP SP2 and Mac OS X automatically connect to an available wireless network, depending on the network configuration. A user who happens to start up a laptop in the vicinity of an access point may find the computer has joined the network without any visible indication. Moreover, a user intending to join one network may instead end up on another one if the latter's signal is stronger. In combination with automatic discovery of other network resources (see DHCP and Zeroconf) this could possibly lead wireless users to send sensitive data to the wrong destination, as described by Chris Meadows in the February 2004 RISKS Digest. 
In Singapore, using another person's Wi-Fi network is illegal under the Computer Misuse Act. A 17 year old has been arrested for simply tapping into his neighbor's wireless Internet connection and faces up to 3 years' imprisonment and a fine.
 Wi-Fi vs. amateur radio
In the US and Australia, a portion of the 2.4 GHz Wi-Fi radio spectrum is also allocated to amateur radio users. In the US, FCC Part 15 rules govern non-licensed operators (i.e. most Wi-Fi equipment users). Under Part 15 rules, non-licensed users must "accept" (i.e. endure) interference from licensed users and not cause harmful interference to licensed users. Amateur radio operators are licensed users, and retain what the FCC terms "primary status" on the band, under a distinct set of rules (Part 97). Under Part 97, licensed amateur operators may construct their own equipment, use very high-gain antennas, and boost output power to 100 watts on frequencies covered by Wi-Fi channels 2-6. However, Part 97 rules mandate using only the minimum power necessary for communications, forbid obscuring the data, and require station identification every 10 minutes. Therefore, output power control is required to meet regulations, and the transmission of any encrypted data (for example https) is questionable.
In practice, microwave power amplifiers are expensive and decrease receive-sensitivity of link radios. On the other hand, the short wavelength at 2.4 GHz allows for simple construction of very high gain directional antennas. Although Part 15 rules forbid any modification of commercially constructed systems, amateur radio operators may modify commercial systems for optimized construction of long links, for example. Using only 200 mW link radios and high gain directional antennas, a very narrow beam may be used to construct reliable links with minimal radio frequency interference to other users.