You’ve probably been warned about the dangers of public WiFi, but if it’s so dangerous, why it is so readily available? You can find public WiFi at restaurants, cafes, airports, gyms, cruise ships… are all of these places really putting us at risk, or is there a safe way to use public WiFi?
Yes, you can use public WiFi safely if you take precautions to reduce the risks that are often associated with public WiFi.
A quick note about VPN and public WiFi: If your favorite influencer or podcast host has been telling you about how important it is to have a VPN, there is some truth so that. A VPN can be a useful privacy tool, but it’s not the be all and the end all, and the importance of having a VPN can often be overstated. Oftentimes, your connection is already private and encrypted without the need for a VPN, but we’ll get into the nuances of that because it’s still not a bad idea to use a VPN.
What is Public WiFi?
Before we go any further, let’s go over what public WiFi is to begin with.
- WiFi refers to a connection-point that grants you internet access by allowing your wireless device to connect to the internet.
- Usually, this is simply a wireless router in your home that your devices connect to, in order to access the internet via your home internet connection.
- When you’re in public, however, there are many public wifi access points.
- In your home, it’s going to be you that uses this wifi to connect to the internet, and anyone else who may live with you.
- In public, however, this wifi connection is going to be used by any number of people.
The Risks of Public WiFi
When you get down to it, the risks of public wifi aren’t that much different than the risks that exist with your home wifi and you should take many of the same precautions to protect yourself.
The following cards will cover a number of different security risks of using open WiFI. Understanding how people might try to attack you on a public network is helpful in recognizing the steps you need to take in order to protect yourself.
Click to expand and learn more about each of these public WiFi risks:
In a perfect world, every little piece of data that gets transmitted from your phone will be perfectly encrypted and even if someone were to intercept it, that data would be completely useless and unreadable to them due to the encryption.
We aren’t in a perfect world, but we’re getting there, at least in this context because a lot of internet traffic is encrypted nowadays, and a lot of the time it happens without us even having to do anything special, or know about it. For example, most websites are encrypted. However, this isn’t a bulletproof forcefield, and there can still be vulnerabilities.
We really don’t hear about viruses and malware nearly as often as we used to, and the rise of cellphones probably plays a role in that. Also, operating systems have stronger built-in mechanisms to fight-off viruses than they have in the past.
Still, viruses are out there, so it’s a good idea to keep your devices up to date with the latest security patches for all the various software and apps that you have installed, along with your operating system.
Imagine you’re at a Starbucks and you want to connect to their wifi network to save on your cellphone data while you chill, or maybe your phone doesn’t work as a hotspot and you need wifi for your laptop. Either way, you head to the wifi settings and the list of networks, you see “Starbucks-1” and “Starbucks-High Speed” and “Starbucks-Free Wifi”, etc.
One of those could be the actual Starbucks wifi network, and the others could have been setup by hackers, in hopes that people will attempt to join them. Even if you’re paying attention, this is still an easy mistake to make, especially if you aren’t aware of these types of attacks.
Once you’ve logged in to someone else’s wifi network, this opens the gates for many different malicious activities they could do, such as redirecting your internet traffic to send you to fake log-in pages to steal your accounts, and much more. While you may trust Starbucks or the owners of a legitimate WiFi network, that trust goes out the window if you connect to a network that’s pretending to them.
Different vulnerabilities can fall into this category. As the name suggests, it’s essentially when the attacker intercepts data that’s being transmitted. For instance, it could be data being sent between a business and their clients, or between your device and a service you use.
This is a broad category, and being on public WiFi makes you more vulnerable to it since you’re sending and receiving data on a network that you don’t own or control.
If you’re used to using your home internet connection, you might have certain permissions setup to share folders or files on the network you’re connected to.
In practice, any folder you’ve shared on your home network shouldn’t instantly become available to everyone as soon as you log-in to a public WiFi connection. However, the settings and permissions that allow files and folders to be shared could also open you up to being more vulnerable from cyber attacks when you’re out and about.
And beyond just the files stored on your device, if an attacker gets access to your cloud accounts, they’ll have more than enough to work to achieve whatever their goal is with their attack.
Which brings us to an interesting question, before we cover the steps on how to protect yourself…
Why Do People Setup Attacks Over Public Wifi?
In extreme cases, they could be targeting a specific individual but chances are that if your device is hacked or compromised or otherwise involved in something malicious over public WiFi, it’s just a random attack.
There’s a black-market for peoples internet log-in credentials across a number of sites, or for stolen identities, or ransomware that hijacks your system and demands you pay a fee to regain access to your files.
Dangers of Public WiFi vs Home WiFi
The difference is that your home wifi password probably isn’t known to hundreds or thousands of people at any given moment, so while the potential risks and dangers of public wifi and home wifi can be similar, public wifi use demands a higher level of caution and diligence.
Here are some of the common risks that you could encounter while using public WiFi. What to do with this information? Just see what applies to you, and take reasonable steps to avoid the risks. For some of these threats, simply being mindful, such as looking at which network you’re connecting to or ensuring your files and folders aren’t publicly shared, can be enough to save you tons of trouble.
This Is How To Use Public WiFi Safely
If you take the following steps before connecting to public WiFi networks, you’ll be a lot safer and more secure. Nothing is ever 100%, but these small efforts will can make a big difference.
Don’t Use It For Anything Private!
There’s something ironic about the number one tip for staying safe on public being “well, just don’t use it…” but the reality is that you can use public wifi, just be careful what you use it for.
This means avoid logging into your banking apps, avoid entering important passwords, avoid sharing personal information, avoid sending sensitive emails, and anything else that you wouldn’t want to share publicly.
That’s a high bar to cross, of course. If you need to use public WiFi badly enough, it’s probably for something important, so if you’re still going to use it, then make sure to keep the rest of these tips in mind.
Is it safe to use public WiFi for banking?
No, it’s not safe to use public WiFi for banking unless you are taking additional steps to protect yourself.
If you follow the best-practices and take caution, however, you can use wifi in public to do important and sensitive things like banking. It’s still not the best idea, but sometimes you need to access your bank and your only option is WiFi in a public place.
If you’re making sure your connection is secure and encrypted, and that you’re on a legitimate wifi network, and all of the other stuff we’ll cover in this article, you should be okay.
Turn Off Sharing (Files, Printers, Network Discovery)
If your device is set to automatically scan for WiFi networks, you can turn this off in your settings, especially if it’s set to automatically join networks that it discovers.
Also, be sure to turn off any settings related to sharing files over your network or any open-ended shared folder permissions.
Your device might be scanning for networks to connect to, shared files and folders, or even wireless printers on the same network.
You don’t even want to connect to a random WiFi printer on a wireless network because that gives an entry for a would-be attacker, so be mindful of all of these things.
The exact menu names for these various settings will depend on your device and what version of software you’re running, but you should be able to pull them up by searching your device settings for phrases like “printer settings“, “shared files“, “sharing“, “networking“, “network discovery“, and similar phrases.
Only Browse SECURE Websites Using HTTPS While Using Public WiFi
When you visit any website, you can check the address bar (you might have to tap/highlight the website address sometimes to see the full URL). Does it start with “http://” or “https://”? The second version, with the S (https) means it’s secure. This signifies that the website you’re browsing is served over a secure, encrypted connection, making it significantly more difficult for a third party to intercept this traffic and actually be able to decrypt it to do anything malicious.
That doesn’t mean it’s impossible, but like everything else on this list, it’s a part of the bigger picture that can help. In this case, it helps a lot. If you only connect to https websites while using public WiFi, you’ll be a lot safer.
The good news is that the vast majority of websites are now served over a secure https connection, which wasn’t the case several years ago. Still, some sites are still served over http, without the extra layer of security, but your browser might even give you a warning before accessing one of those – that’s how commonplace and important it is to browse sites over https.
Further reading via Cloudflare: Why is HTTP not secure?
Avoid Accessing Your Bank Accounts on Public WiFi (Same Applies for Crypto Wallets, etc…)
Aside from your bank and financial accounts, there are plenty of other websites you might use without really thinking about it when you’re at home that contain private information you wouldn’t want to expose.
This has already been mentioned, but it bears repeating. Avoid doing anything super important on public WiFi as much as you can, and you’ll help reduce your risks a great deal. Now, if someone is able to gain access to your device, they’ll still be able to see everything, but if you can avoid directly transmitting sensitive data over a public WiFi network, you’ll be a lot safer.
Use Your Cellphone Data Instead of Public WiFi (Tethering, Personal Hotspot)
If you have a cellphone with a data plan, use that to create a personal hotspot or use your phone’s tethering feature to connect your other device to your phone’s data connection.
Just be careful about your data usage, since many of the things we do on a tablet or a laptop can chew through data pretty quickly, like watching high-definition videos, or even streaming music, depending how much data you have.
It’s a lot safer to connect to your own device via WiFi or Bluetooth to share an internet connection via a hotspot, when the alternative is to connect to a public WiFi hotspot or network.
If you want to do some banking and then watch Netflix, you could handle the banking stuff first over your data connection, close your banking apps/browsers, and then connect to the public WiFi connection, if you need to preserve your data.
These minor conveniences can add up to saving you from some massive headaches down the road. An ounce of prevention, as they say.
Keep Your Device Up-To-Date
If you have the latest updates to your device’s operating system and are using the latest versions of apps or software on your phone, tablet, PC, Mac, etc, then you’re safer using public WiFi.
There are people who will scan public networks, looking for devices that have security flaws that can arise in older software. These flaws or exploits are more likely to have been patched and repaired in newer versions, so keeping your device up to date is very helpful.
Granted, sometimes new updates can introduce new issues, but for the most part you’re going to be safer using an up-to-date device compared to one that’s running out of date software.
Does a VPN Protect you on Public Wifi?
As mentioned at the beginning of this guide, a VPN (virtual private network) can be an important piece of the puzzle, too. A VPN on public wifi works to encrypt all of the data as it leaves your phone or computer and makes its way onto the internet at large.
Does a VPN protect you on public WiFi 100%, no matter what? It’s not that simple, unfortunately.
Your internet data passes through the VPN company’s servers, then to it’s destination. For instance, the destination could be your bank, a random website that you like to post on, or really anything else.
If you were to use a VPN but disregard every other piece of advice, that’s not necessarily going to single-handedly make you super-safe, but you’d be a lot better off than if you didn’t have one. A quick search online will give you a number of candidates being promoted as the best VPN services, but it’s not always that cut and dry. Make sure you do your own comparisons and think about which features are important to you.
If you’re already avoiding using your financial apps and logging into your bank, and you’re ensuring that you’re only visiting HTTPS websites, and you’re turning off WiFi when you’re not using it and making an effort to use your phone’s data instead, then you’re already doing pretty well and may not need to rush to get a VPN.
With that said, a VPN can be an important layer of protection from prying eyes who are camping out a public WiFi connection and trying to steal people’s information.
If I had to do something important on a public network, and you asked me if I’d rather do that with a VPN or without, I would choose with.
Install or Enable Your Device’s Firewall
Having firewall software can also be helpful, and some operating systems will have that built-in. A firewall can make the browsing process a bit annoying, since you may have to manually approve which applications can communicate over the network, but that also helps seal up any leaky holes that could potentially be exposing your data to malicious actors on a public wireless internet network.
With that said, it’s still worth mentioning that VPNs are often sold in very aggressive ways, to make you feel like you’re an absolute moron for not having one. They pay huge commissions to influencers and shows to promote them, so just be mindful of this. It doesn’t mean don’t use one, it just means let’s temper our expectations a little bit and approach the dangers of public WiFi in a realistic, multi-faceted way instead of relying on one single product to miraculously do everything we need.
Turn Off WiFi When You’re Done Using It
Turn off your device’s WiFi if you aren’t using it. Even if you don’t connect to any networks, if your device is turned on and it’s WiFi is enabled, it’s still going to be sending out signals to see which networks are available. Instead, if your turn of WiFi when not in use (Not just disconnected from a network but actually using your device’s settings to turn off WiFi altogether), you’ll ensure that you aren’t communicating with any of the nearby WiFi networks.
Furthermore, if you’ve connected to a network in the past, your device could try to auto-connect to it at some point in the future, meaning you could end up on a public WiFi without even realizing it, if it ends up getting saved to your device as a trusted network, in particular.
So, when you’re out and about, it’s not a bad idea to keep WiFi turned off until you need to use it. It’s a good habit to have.
Be Aware of Your Surroundings
Aside from the actual public WiFi network itself, there are other ways that your data can be at risk when you’re in public. This veers a bit from the scope of the rest of this guide, but it’s still good to consider.
The main threat here would be somebody who is physically near you, looking over your shoulder to get a glance at your info. It could be that they’re trying to see you type in a password so they can try to access your accounts remotely, or even just looking at your phone’s unlock code os they can grab it, run away, and be able to access y our entire online activity including passwords, accounts, email addresses, and your contacts in your phone, on social media, and also having full access to all of your files, photos, messages, etc.
Take a look around and make sure nobody is watching you when you type in your passwords. This includes if you’re sitting with your back to a window in a cafe. These types of threats aren’t going to be as common as the mass, non-targeted types of threads that can exist on public internet networks, but they can be devastating.
If a would-be thief sees you enter the password for your device, they know that if they grab it and run away when you aren’t suspecting, they’ll be able to get into all of your stuff, maybe even place some orders on the internet using your money if you have your payment information saved to your device. Maybe they’ll log-in to your bank and send themselves a transfer?
Enable Multi-Factor Authentication
Many of your online accounts have probably prompted you to use 2FA or MFA, which stands for 2-factor authentication or multi-factor authentication. Some of them have probably made it mandatory, too.
An example of 2FA would be when you enter your password to log-in to a website and then they send a code to your cellphone or email, where you must also enter this code in order to finish logging-in. It’s an additional factor of authentication above and beyond your regular password.
Now, if someone snatches your device and runs away, or is able to gain access to your email account, then this is not giong to be as helpful.
However, if someone manages to get an important password from you over a public WiFi network, the 2FA adds an extra layer. Not only will they need to grab your password, they’ll also need to have access to your text messages or emails in order to enter the code.
There’s also another type of authentication where you have an app on your device that generates a new random code every minute or so. Google Authenticator is a popular example of one of these, and this is another great way to keep your accounts secure.
Important things to know about using multi-factor authentication on your accounts
When you add this extra layer to an account, they may give you a set of encryption keys that you can save, which will grant you access to your account even if you’re not able to enter the code from your authenticator app. Make sure you keep these save! You can print them off, and store them somewhere secure, or keep them in a password-protected folder on your phone, if you may need to access them when you’re out and about.
If you really want to step things up, you can use a password manager that also has storage built-in, then you can keep these keys in that storage, securely.
Just keep in mind that each extra layer of security that you add means that it’s going to be more and more difficult for you, yourself, to gain access to your account should you lose any of the multiple factors of authentication. If your phone number changes, you’ll want to update it for all the sites that text you as a log-in factor, or if your email changes, or if you lose access to your Authenticator device, etc.
If you decide to go down this route in regards to stepping up the security of your online accounts, make sure that you take the time to read into it a lot more to fully understand all of the steps to set this up correctly.
The nice thing about making it harder for somebody to log-in to your accounts is that even if your data does get snagged by somebody on a public WiFi network, it’s going to be increasingly difficult for them to do anything with it.
Securing Public WiFi For Your Guests
If you have a restaurant/cafe, if you run a hotel, or if you have any other business that offers public WiFi to your guests, it can be argued that you have a certain responsibility to keep them safe from all of the aforementioned threats, as much as you reasonably can.
You can’t control their phones and make sure they are taking the right precautions, but you can take steps to ensure that your own Wifi network is secure, even if it’s something as simple as periodically checking to ensure that there aren’t any other nearby WiFi networks trying to immediate the name of your network or using your business name, in order to trick customers into joining the malicious network instead of yours.
Final Thoughts on Staying Safe On Public WiFi Networks
All in all, the goal is to make it more difficult to attack you when you’re on public WiFi. If someone is trying to do something malicious on the network, they’ll be looking for the devices and computers that are easiest to break into.
If you’re not even connected to the network, you’re a very tough target. If you’re using public WiFi but you’re following all of the best practices, then they’ll be much more likely to go after someone who is much more exposed.
And finally, if they do manage to get access to your device or to intercept data, or even to trick you into entering your log-in on a spoofed/fake/scam website, there would still be other steps they’d have to undertake. So, once again, this makes you a less valuable target, and they’ll likely divert their attention to somebody who isn’t taking the same steps.
