Updated on 11/15/2023 with current threat risks and solutions.
So you're at your favorite coffee shop, hopping onto the free WiFi with your tablet to check your social networks, read the latest news, and maybe take a quick peek at your bank balance while enjoying your latte. We've become so accustomed to constant Internet access wherever we are that we often overlook the safety of logging into a public network.
Over the last decade, Techlicious has tracked the dangers associated with using public WiFi, and while it's safer than it was ten years ago, there are still threats. We've identified three consistent ways free public hotspots can put you at risk. To keep you safe, we also recommend five simple measures to protect your privacy when using public WiFi.
The 3 big risks of free public WiFi
Using public WiFi is akin to having a conversation in a public place: without precautions, others can overhear you.
1. Exposure of personal information
While most websites today use encryption to scramble data during transmission, not all encrypt their entire site or every page element. For example, some may embed content from unencrypted external sources. Without precautions, your information could be transmitted over public WiFi in an unencrypted form, allowing someone on the same network to easily intercept and view your data, compromising your privacy.
2. Honeypot WiFi hotspots set up by thieves
A significant risk is connecting to a honeypot, a deceptive WiFi hotspot, often labeled innocuously like "Public WiFi." Thieves set these up to capture data from connected users. Simple to create with just a laptop or smartphone, these honeypots can be encountered anywhere.
3. Hackers hijack your connection to social media and other sites
Using public WiFi increases the risk of session hijacking and man-in-the-middle attacks. Hackers can hijack active sessions you have with online services, such as social media or email, by stealing browser cookies. These cookies help services recognize your identity, and once stolen, hackers can impersonate you. However, direct login and password details are typically not found in these cookies, as they usually contain only session-specific data.
5 ways to stay safe on public WiFi
1. Know your network
Before connecting to a public WiFi, confirm the network's legitimacy to avoid WiFi honeypots. If unsure about a network's name at a business, ask an employee. Additionally, adjust your device settings to prevent automatic connections to unfamiliar networks, ensuring you consciously choose the network you join.
2. Keep your connection secure
Always connect to websites via HTTPS, which encrypts data sent and received. HTTPS ensures secure communication with websites, indicated by "HTTPS" in the browser's address bar or a lock icon.
3. Use a VPN
When you use a VPN service, your personal information is encrypted, thwarting attempts at session hijacking and other man-in-the-middle attacks. Based on our own testing, we chose SurfShark as our Techlicious Top Pick for the Best VPN. It is fast, has all of the premium security features we recommend, will cover all of your devices, and it's affordable. We also like the free version of ProtonVPN if you're looking to protect just one device (just your laptop or just your phone).
4. Use two-factor authentication
Enable two-factor authentication on websites and apps where available. This requires a password plus a regularly changing secondary code, significantly increasing account security. Authy lists sites supporting two-factor authentication.
5. Disable file sharing
Ensure your computer isn't set to share files on public or guest networks. While convenient at home, file sharing poses risks on public WiFi.
To disable sharing:
- Windows 10 and 11: Go to Control Panel > Network and Internet > Network and Sharing Center > Change advanced sharing settings. Turn off file and printer sharing and network discovery and save changes.
- Mac OS X: Go to System Preferences > Sharing and be sure that File Sharing is unchecked.
[Image credit: woman with laptop via BigStockPhoto.com]