Wi-Fi Security: Tips for Using Public Networks

By Ray Savich   April 11, 2016

Despite the obvious risks, we’ve all logged onto public Wi-Fi networks at some point, whether out of convenience or sheer lack of alternatives.

Hotspot 2.0-enabled networks like LinkNYC are a step in the right direction, but the vast majority of public networks run an open, unsecured network.

So, to kick off a three-part blog series on Wi-Fi security, I’d first like to share a few tips on how the average person can minimize risks while using public networks. If we’re going to keep using them in hacker-friendly zones like airports and coffee shops, we may as well employ security best practices. Before you join a public Wi-Fi network, consider the following:

  • Check for web encryption: Even when your mobile device’s wireless data is encrypted, other data from your messaging services and online browsing could still be exposed. Make sure all of your communications have HTTPS encryption. Your browser will indicate the security level of your web connection using a lock icon in the address bar. At Cambium Networks, we also prefer networks with WPA-2 versus WEP.
  • Watch out for of “evil twin” networks: Say you’re in a Starbucks and you stumble upon a free network called “Starbucks Guest.” Be forewarned that a hacker could have very well set up this network with a deceptive name, strong connection and no required password to lure unsuspecting users into joining. In any public Wi-Fi situation, double-check with a venue employee to make sure you’re joining the right network. When using Windows, make sure you mark the network location as a “public network” to restrict access to your computer’s shared resources. And if a “certificate error” pops up, do not click “ignore.” Enter your credentials only if your browser can verify the site certificate.
  • Never auto-join networks: Even though it’s convenient, it’s critical that you don’t allow your laptop or mobile device to “remember” or automatically join saved networks. Information thieves can take advantage of this by creating an identically named network and tricking your device into joining that one instead. Connecting to one of these imposter networks for even a few seconds can render your personal data vulnerable. Once done using a public hotspot, delete it from the list of Wi-Fi networks in your Wi-Fi configuration (“forget this network”). Otherwise your phone or laptop will try to connect to a network with that name in the future.
  • Use a VPN: A great way to protect your information on a public network is by connecting to a virtual private network (VPN), which works like a private passageway for your Internet activity. Most enterprises encourage their employees to use these when connecting from a remote location. However, as security expert Larry Seltzer pointed out, you may still be vulnerable to attacks during the couple of seconds it takes to connect to the VPN. If you are using a VPN from work, be aware that it may be doing “split tunneling,” where only traffic going to the office is protected. Check with your network administrator.
  • Set up two-factor authentication: If you have two-factor authentication enabled on your Gmail, Facebook and other accounts, even a criminal who steals your username and password won’t be able to log in. Why? Because they won’t have the verification code that just got texted to your phone.
  • Do not use the same password on multiple accounts: This way, a hacker who obtains your credentials on one account will not be able to gain access to your other accounts. Use tools like Lastpass or Keepass to manage your passwords. These let you configure fairly complex passwords while letting you easily retrieve them when you need to log on to your websites, whether on your laptop or your cell phone.
  • Stay up-to-date on updates: Going online without the newest version of your browser is asking for trouble. In addition to keeping your apps and browsers updated, it’s good to have the latest anti-virus and malware protection software installed on your gear. Just make sure that any time you’re downloading something, you do so on a secure, private network.

These struck me as the most pivotal pointers for public Wi-Fi – do you have any others? Let me know in the comments. In my next blog post, we’ll discuss how our wireless products are engineered with these protocols in mind.