How to Secure Public Wi-Fi
By Nick Anderson 6 minutes
Who doesn’t love free access to the internet while on the go? The moment we step inside a restaurant or a shopping mall, one of our first instincts is to switch from data to Wi-Fi. Data plans are expensive; free public Wi-Fi buys you more time on your available data.
But public Wi-Fi networks are unsecured. Generally, they don’t even have a password to protect you from malicious actors. If you travel a lot or find yourself spending time on public Wi-Fi often for work or otherwise, here’s everything you need to know about how to secure public Wi-Fi.
Why is Public Wi-Fi Dangerous?
Free Wi-Fi is offered as a complementary attraction by a business for visitors. A coffee shop that hopes to retain a customer in the shop will provide free internet access to customers. As a technology, the internet is so ingrained in our daily lives that it has become part of the overall customer strategy for businesses.
However, most businesses do not pay attention to the security aspect. Some public Wi-Fi networks are not even password-protected, making them even more vulnerable because they lack encryption.
Encryption is the process of converting plain-text into cipher-text. It is encrypted using a private key and shared only between the client and the router.
Can I Get Hacked on Public Wi-Fi?
Wi-Fi is vulnerable to packet sniffing because communication is wireless. A malicious actor could connect to the same network and sniff on data packets being exchanged wirelessly. It’s not hard to do either; software and equipment are readily available for such purposes.
While we’ve all seen Hollywood represent hackers as hooded figures that try to avoid attention and work in stealth. In reality, a hacker could look nothing as such. The hacker could look completely normal but have software and equipment that allows the interception of data packets.
Speaking of equipment, another way hackers steal data is by tricking you into connecting to a fake access point.
It is called an Evil Twin Attack and involves the hacker setting up a rogue access point using equipment like Wi-Fi Pineapple. The rogue access point will act as a relay between you and the actual Wi-Fi network at the premises.
How Hackers Steal Data on Public Wi-Fi
After establishing a rogue public Wi-Fi access point and letting your device connect to it, the hacker will be in control of your network traffic. Your data can be intercepted and even manipulated if it is not encrypted.
Usually, the hacker will show you a fake login page instead. Once you put the information on the malicious page, your credentials will leak to the hacker.
How to Secure Public Wi-Fi
There are certain best security practices that you can follow to secure yourself on public Wi-Fi.
Use a VPN
The key to securing public Wi-Fi is to encrypt communication. A VPN is the best way to encrypt network traffic. It encrypts the contents of your data packets as well as DNS information so that hackers intercepting the traffic cannot manipulate it.
This is the easiest way to ensure security on public Wi-Fi. It uses public-key encryption for authentication and encryption.
Always Use HTTPS
HTTPS is the secured version of the HTTP protocol that is used for web communication. It features end-to-end encryption for security when the client and the webserver are communicating during a session.
End-to-end encryption is highly important for privacy on the internet. It uses public-key encryption to ensure the data exchange between two parties cannot be decrypted by a third party. Thankfully, the majority of the web today has transitioned to HTTPS but some websites may still show the HTTP version, especially if they are not configured properly.
Always check for the padlock icon next to the website address in the URL field for HTTPS.
Turn Off Auto-Connect
Our smartphones and devices are set to auto-connect to known SSIDs when in close proximity. Hackers leverage this feature by cloning the SSID of the real Wi-Fi network and being in close proximity to the user to boost signal strength.
The auto-connect feature will connect to the SSID with better signal strength, thus making the MITM attack successful.
Don’t Connect to Open Networks
In an effort to attract users to connect to rogue networks, hackers will try to keep the access point unprotected. It will allow anyone to connect without a password.
Make it a point to never use a Wi-Fi network if you don’t see the lock icon next to it.
Enable Two-Factor Authentication
In most cases, Two-Factor Authentication (2FA) could be everything between you and an unauthorized login attempt in your account. It adds a layer of security by implementing a second authentication step for logging into an account.
It could be a One-Time Passcode (OTP) sent to your registered device or email address, or an authenticator app like Google Authenticator that’s connected to your account.
If an attacker attempts to gain access using stolen credentials, two-factor authentication will prevent the unauthorized login.
Avoid Sharing Sensitive Information on Public Wi-Fi
If you are on the go and find yourself relying on public Wi-Fi for sending office documents, logging into a bank account, or something more sensitive, avoid doing it.
Always connect to a VPN first before logging into bank accounts or making any transactions online. FastestVPN uses AES 256-bit encryption on top of the existing HTTPS encryption to build a stronger defense around your data.
Your time on public Wi-Fi could be risky, but it doesn’t have to be. Once you are connected to FastestVPN, it encrypts every type of network traffic on your device, not just web browser traffic. A malicious actor cannot spoof your DNS information and divert your traffic to a malicious login page in an attempt to steal credentials.