What exactly is the problem with public WiFi? Anyone connected to a WiFi network without a password can use a tool such as Wireshark to monitor traffic, allowing them to see any data sent “in the clear” (without encryption).
In the worst case, where a website is not using encrypted HTTPS, this could include passwords, credit card details and other sensitive information. There’s also the risk of connecting to a fake WiFi hotspot mimicking a real public WiFi network for the sole purpose of gathering data.
Many WiFi hotspots are also vulnerable to known exploits and could be remotely hacked over the internet.
How to stay safe on public WiFi
Although there are risks with using public WiFi you don’t need to avoid it completely. There are simple steps anyone can take to improve security when connecting to unknown networks.
Check the WiFi network name
This is really simple: check that the WiFi network SSID (Service Set Identifier – the network name) and password matches the details provided by the operator of the network exactly. If not it may be a honeypot and should be avoided.
Beware of devices auto-connecting to known networks
By default our computers and smartphones will automatically connect to previously used networks. But hackers have been known to create WiFi hotspots with very common names to capture large numbers of victims, many of whom may not notice they’re even connected to WiFi. If you want to allow automatic reconnections for convenience keep WiFi switched off until you need it, and always double check the details of a network when it’s activated.
Keep software and hardware up to date
It’s generally good practice to ensure all software and hardware is running with the latest updates to block known exploits.
Always use HTTPS for sensitive communications
If a web site is not secured with HTTPS your traffic is at risk of interception. If you’re logging in to a service, making a purchase or doing anything else which involves transmitting sensitive information you should always check that the site is protected by HTTPS – look for the green padlock next to the web site address.
Use a VPN (that you trust)
This is optional but highly recommended. A Virtual Private Network is a service which encrypts all internet traffic. This will completely block interception of data on the Wi-Fi network – all anyone will be able to see is a stream of scrambled data going to the VPN server.
But because you’re sending everything to the VPN you need to trust the operator of that service. Often a business will provide VPN access to employees, but if you’re handling this yourself it’s worth taking the time to research the options. There are free services, but these are generally not to be trusted. A paid subscription to a reputable provider such as Private Internet Access, AirVPN or NordVPN is worth the small asking price.
Matt Powell is editor at Broadband Genie