It is apparently pretty easy to break in without knowing the SSID, and the MAC address is in the headers of the IP packets, so that's not much of a secret as soon as someone monitors your signal. I'd use the WEP, it's by far the most effective measure available.