WiFi access has become so common that many places have public networks and hotspots that you can connect to. But, just because a network is available doesn’t mean it’s secure. The information below provides you, and the survivors you serve, with the tools you need to stay safe while using any Wi-Fi network.
WiFi Hot Spots You Control
A WiFi hotspot you can control can be just as secure as a wired connection. To achieve this level of security, the following steps must be taken:
1. Use a Strong and Private Password
Choose a WiFi password that is long. The best passwords are at least 12-15 characters long and contain randomly placed letters, numbers, and symbols. Read more about Password Security. Do not hand out this password or write it in any conspicuous place (including on or near the hot spot itself).
2. Change Security Settings
Proper configuration will ensure that your WiFi Hot Spot only supports the most up-to-date protocols for transmitting information:
- The only algorithm that must be enabled is WPA2. Disable WEP and WPA.
- The only encryption method that must be activated is AES. Disable any TKIP related settings.
- Disable WPS completely. This service is activated by default in most Hot Spots. Allows another method of connecting without a password. It has a significant security flaw that is easy to exploit.
3. Establish a Guest Network (optional)
Set up an alternate network if you have guests who need access to your internet connection. The password for this network does not have to be so complex or private. The name for the network should not be identifiable, for your privacy and for your guests.
The steps to access and set up a WiFi Hot Spot are different for each device. You may need the help of someone with experience to make these changes.
Open/Public WiFi Hot Spots
If you have serious privacy concerns or risks, it is critical to understand how to safely use a public/open Wi-Fi network and when it is best to avoid it. Any WiFi Hotspot where there is no password or the password is publicly available should be considered an open network (a typical example of this is in a hotel where all guests have the same network security key and it is not changed frequently). Even if the network has password protection, someone with knowledge of eavesdropping will still be able to see your communications if they also have access to the password.
There are two ways you can safely surf the internet when using a public WiFi Hotspot:
use HTTPS
HTTPS adds a nearly impenetrable level of encryption between your browser and the website you communicate with. Yes, sites that use an HTTPS connection can be trusted, even when using an open/public WiFi network. But, you should always check that there is “https” at the beginning of the web address and verify that the domain name is exactly the site you want. Bookmarking important websites and always going to those websites using those bookmarks is a great way to make sure you don’t get tricked into going to a site that isn’t what it appears to be. You should always pay attention to the warnings that your browser gives you about problems with the security certificate of a website with HTTPS.
It’s also important to remember that while the content of your HTTPS communications is private, the destination is not. Imagine that you have mailed a letter to a friend using a language that only you understand, but the address on the envelope is written in a language that everyone else understands. Anyone who intercepts that letter will not be able to read the message inside but will be able to see who they are communicating with by reading the envelope. The same concept applies to network communications.
Activities that are generally safe when using HTTPS:
The web address or destination is typically not a secret; but, HTTPS can be relied on to protect the content of:
- Bank transactions or online purchases
- Web-based email (Gmail, Yahoo! Mail, etc.)
- Social networks (Facebook, Instagram, etc.)
- Any other network service that requires a username and password to view information
Activities that are NOT private with HTTPS:
The information in the web address (the destination) reveals the information read
- Search engines (Google, Bing, etc.)
- Online maps (Google Maps, MapQuest, etc.)
- Any website you don’t want someone eavesdropping on to know you’ve visited
The line between the “content” and the “destination” of a website can be hazy. If in doubt, always assume that your information is not private. Wait until you have an internet connection that you control before proceeding.
Using a Virtual Private Network (VPN)
An easy way to avoid almost all WiFi-related privacy risks is to sign up for a virtual private network (VPN). A VPN will encrypt 100% of the traffic your computer sends and deliver it to an alternate server elsewhere on the internet. Once the information has reached the alternate server, it will be decrypted and sent to its ultimate destination. The VPN makes it appear that the requests you send came from that alternate server and keeps your IP address and location anonymous.
A VPN provides the following benefits:
- Encrypts all network traffic (HTTP and HTTPS) while traveling over WiFi
- Masks both the content of the network and the destination while traveling over WiFi
- It masks your original IP address of the website you visit. This prevents the website from tracking your IP address to your geographic area.
Other Safety Tips
1. Keep the Software Updated
It is extremely important that you promptly update your operating system, browser, anti-virus program, and anything else on your computer, tablet, or internet-related or security-related device. If you don’t update them, your computer will be vulnerable. New threats are always being discovered and these updates help protect against those threats but only when they are the most recent versions. It can help to think of upgrades like a leaky roof – if you don’t fix it as soon as possible, things could become very serious soon and your roof could cave in.
2. Use Anti-Virus/Anti-Spyware Software
Although not perfect, anti-virus/anti-spyware programs are still an important tool for stopping malicious content before it can reach your browser.
Most computers already have anti-malware and anti-spyware applications installed. These apps are typically only free for an initial period and these apps should not be relied upon after their expiration date. A variety of free anti-virus programs can also be downloaded.
There are anti-malware apps available for mobile phones but they don’t provide as many benefits as those for computers.
It is important to fully evaluate any anti-virus program before installing it. It is common for malware programs to disguise themselves as anti-virus programs or tools to scan your computer in order to trick you into installing them.
3. Use Privacy Screens
A low-tech way to prevent someone from looking over your shoulder to see the information on your devices is to use a privacy screen. Privacy screens are dark filters to put on top of your laptop or tablet screen to prevent anyone from seeing what you’re doing.
4. Manage WiFi network history
Most mobile devices and computers store a list of Wi-Fi networks that you have connected to. Go through the list and delete any that are not safe to keep. You may not want to delete the entire list because that might raise suspicions from someone who physically controls your devices. Also, it might not be wise to clear the entire list because it’s probably the WiFi network you connect to most often (including passwords).
