Tech Made Simple

Hot Topics: How to Fix Bluetooth Problems | The Best Coffee Grinder | Best Fitness Trackers Under $50 | Complete Guide to Facebook Privacy

Use It

author photo

How to Protect Your Privacy on Public Wi-Fi Networks

by on October 16, 2017
in Computers and Software, Computer Safety & Support, Tips & How-Tos :: 9 comments

So you're at your favorite coffee shop and have hopped onto the free Wi-Fi with your tablet to check your social networks, read the latest news, and maybe take a quick peek at your bank balance while you're enjoying your latte. We're so used to having Internet access whenever and wherever we need it that we don't often stop to consider whether logging into a public network is safe.

Here are three major ways these free, open hotspots could get you into trouble.

The risks of free Wi-Fi

Using public Wi-Fi isn't unlike having a conversation in a public place: Others can overhear you. If you don't take precautions, information your devices send over a public Wi-Fi network goes out in clear text — and anyone else on the network could easily take a look at what you're doing with just a few simple software tools.

Someone spying could easily pick up your passwords or other private information. If you use the same password on multiple sites, that could be a big problem. Mallon reports that this is the biggest concern with public hotspots.

The next potential problem is what is called a honeypot. Thieves might set up their own Wi-Fi hotspot with an unassuming name like "Public Wi-Fi" to tempt you to connect so they can grab up any data you send. These are easy to set up without any kind of special equipment — it could be done just using a laptop or smartphone — so you could run into them anywhere. News reports about honeypots pop up once or twice a year.

Finally, using public Wi-Fi puts you at risk for session hijacking, in which a hacker who's monitoring your Wi-Fi traffic attempts to take over an open session you have with an online service (like a social media site or an email client) by stealing the browser cookies the service uses to recognize who you are. Once hackers have that cookie, they can pretend to be you on these sites or even find your login and password information stored inside the cookie.

How to stay safe on public Wi-Fi

Before you connect, be sure you know whose network you're connecting to so you don't fall prey to Wi-Fi honeypots. If you're not sure what the public network at a business is called, ask an employee before connecting.

Check to make sure your computer or smartphone is not set up to automatically connect to unknown Wi-Fi networks — or set it to ask you before connecting — so you're sure you know what you're connecting to when you connect.

Make sure to connect to websites via HTTPS, which encrypts anything you send and receive from the website. While a VPN service encrypts everything you send, HTTPS ensures that communication to and from a particular website is secure. To verify if you're connected via HTTPS, look at the address bar of your browser window; you should see "HTTPS" at the beginning of the web address (or, on some web browsers, a lock icon). Looking for HTTPS isn't enough, though. Hackers have been able to acquire legitimate SSL certificates for sites with names that are slightly off those of major financial institutions and also bear the HTTPS at the front of the URL. Site names include banskfamerica.com, paypwil.com and itunes-security.net. 

Recently, hackers have taken advantage of a loophole in the HTTPS handshake, so they can highjack your HTTPS session. Mobile device (smartphone, laptop, tablet) and router manufacturers are working on rolling out patches to fix this (check this list to see the status of your device manufacturer). In the meantime, the way to ensure all of your data is protected is to use a VPN.

If you use a VPN service, anyone trying to steal your data will see only encrypted data that they can't get into. There are many services that can do this. Based on our own testing, as well as third-party analysis, such as PC Mag, we recommend NordVPN (Disclosure: we have an affiliate relationship with NordVPN). VPN services charge a fee for their use, with pay packages ranging from day passes to year-round protection. Keep in mind that services like Netflix may not let you connect if you're using a VPN service. Check out our tips on how to use a VPN and still access Netflix.

Whenever you can, use two-factor authentication, which requires both a password and a secondary code that changes regularly, for websites. This makes it very difficult for hackers to get at your accounts because even if they can get your password, they won't have the secondary code. Though not all services support it, many popular sites offer this level of security including Google, Facebook, Twitter, LinkedIn, Apple and Microsoft.

Make sure your computer isn't configured to share access to files or be seen on public or guest networks. When you're at home, it may be convenient to keep things in a folder you share with other members of the household, but that's less safe when you're connecting to public Wi-Fi.

Disable sharing in: 

  • Windows 10: Click on the Wi-Fi icon (lower right icon with a dot with curved lines). Scroll down to Change advanced sharing options Turn off file and printer sharing and network discovery> Save changes.
    Wi-Fi icon Windows 10
  • Windows 8: Go to Control Panel > Network and Internet > View network status and Tasks > Change advanced sharing settings > Turn off file and printer sharing and network discovery> Save changes.
  • Windows 7: Go to Control Panel > Network and Sharing Center > Change advanced sharing settings > Home or Work > Turn off file and printer sharing > Save changes.
  • Mac OS X: Go to System Preferences > Sharing and be sure that File Sharing doesn't have a check mark by it.

Good luck, and safe browsing!

[This feature has been updated on 10/9/2017]

[woman with laptop via Shutterstock, HTTPS image via BigStockPhoto.com]



Discussion loading

gravatar

XfinitiWifi

From Apri on March 06, 2015 :: 7:34 pm

Is it safe to assume that the relatively new Xfinity wifi (which is now practically everywhere) is also just as vulnerable as any other public wifi?

Reply

avatar

Yes

From Josh Kirschner on March 10, 2015 :: 9:20 am

The same risks would exist for Xfinity. And, given the network’s high profile across the country, it would be a prime target for honeypotting (creating fake Xfinity hotspots that are set up specifically to steal user information).

Reply

How to keep my home Wifi from being a public hotspot

From Jettie Blevins on July 30, 2017 :: 5:59 am

I use my WiFi when I work from home and I live alone but when I check my internet for device’s I have as many as 13 different device’s on it which slows my network down to where it take’s me forever to get my work done. Is there a way to stop it from being a public hot spot an app or something? With the net work I have they charge me extra for all device’s over 10. So why am I paying for my internet service only to have the company make it a public WiFi hotspot? Thank you for your help I appreciate it.

Reply

gravatar

Use a password

From Karen H. on October 09, 2017 :: 1:31 pm

One of the best ways to secure your wife is to require a password to access the network. Search “Set a password on your wifi network” or contact your wifi provider and ask them.  If your wifi is not password-protected, of course people are going to use it.  You’re paying for it and they’re using it.  It’s not hard to do but call if you can’t figure it out.

Reply

how can i secure my

From Sadhendra Singh on October 07, 2017 :: 6:48 am

how can i secure my privacy under a unsecured wi-fi connection?

Reply

gravatar

Unsecured WiFi on iPhone and iPad

From D Smith on October 09, 2017 :: 2:02 pm

I was recently out of town and trying to use the hotel’s unsecured WiFi on my iPhone and iPad (to find some local restaurants and stores), and although I could connect to the hotel’s network, neither my iPhone nor my iPad would allow me to surf the web.  I kept getting a message that the network was unsecured.  Well… I knew that! I wasn’t about to do any banking or buying, but did what to do some finding. Is there some “safety” setting that Apple defaults on, that would prevent me from even using an unsecured network?  I poked around a bit in my settings, but nothing presented itself.

Reply

avatar

I've run into that as

From Suzanne Kantra on October 16, 2017 :: 2:03 pm

I’ve run into that as well. Did you get to the hotel page that lets you enter your info to access the web? If so, you need to “forget” the hotel network and reboot your phone. It will usually let you in then.

Reply

gravatar

Not a big traveler

From D Smith on October 16, 2017 :: 2:30 pm

This particular circumstance was several weeks back, but as I recall, there was no hotel web page.  My phone showed a valid connection, but the web was nowhere to be found.

It just seemed odd, but it obviously didn’t bother me enough to take the trouble to call the front desk. I soon gave up and turned off the light.

I’ll have to try and remember the reboot trick, if there’s a next time.

Reply

gravatar

Last month i found out

From David on October 17, 2017 :: 6:47 pm

Last month i found out my wife had always been texting this man. She said he lives in providence but we stay in Jacksonville,FL then i didn’t bother, After i did some investigation i found out he lives in Jacksonville too, i couldn’t just think straight I was hurt and felt like my soul was taken away. we had no kids yet we’ve been married for over 4 years now, when there no enough money i made sure she finished schooling and get her school cert, i sponsored her until i found out she’s seeing another man since then in school and those time I have not been a Saint dealing with demons(I did not cheat). I had no Idea what to do, So i made inquiries about how to hire a hacker to ease my investigation. i was introduced to this amazing hacker through his Gmail Username scottcyberlord11 or his direct contact text +1 8 50 631 5 59 7 or WhatsApp him via +1 62 8 204 35 8 8 and i was given real-time access to her social media accounts and text messages, Call logs, Whatsapp, IG, and retrieved all her deleted messages from start. I was able to figure out how my wife of 4 years has been cheating on me and claiming she loves me. Okay you need this one for the better. i will prefer to let their services speak for itself. You should contact him.

Reply

© Techlicious LLC. Home | About | Meet the Team | Sponsorship Opportunities | Newsletter Archive | Contact Us | Terms of Use | Privacy Policy

Techlicious participates in affiliate programs, including the Amazon Services LLC Associates Program, which provide a small commission from some, but not all, of the "click-thru to buy" links contained in our articles. These click-thru links are determined after the article has been written, based on price and product availability — the commissions do not impact our choice of recommended product, nor the price you pay. When you use these links, you help support our ongoing editorial mission to provide you with the best product recommendations.

site design: Juxtaprose