It’s easy for information sent using public Wi-Fi access to be intercepted, so you need to be careful about what information you send or receive while connected.
Your internet connection is a way for you to interact with the outside world, but it also provides a channel into your computer. If your internet connection isn’t secure someone may use it to steal your personal or financial information for malicious purposes.
Public Wi-Fi ‘hotspots’ in places like cafés, airports, hotels and libraries are convenient, but they can be risky.
Tip: Avoid sending or receiving valuable or sensitive information when connected to public Wi-Fi networks.
Remember: If you don’t take steps to protect your internet connection and network, they could be used illegally and without your knowledge.
Use this guidance to learn how to use public Wi-Fi networks safely.
It’s easy for information sent using public Wi-Fi access to be intercepted, so you need to be careful about what information you send or receive while connected.
There are a number of easy things you can do to make your internet connection and network more secure.
Computer security professionals refer to these steps as ‘hardening’ measures and they do just that—they make your software, your devices, your network and the connections between them harder to access and more resilient to attack.
Routers and modems #
A router is a small electronic box that creates a network for the devices in your home. A modem connects that network to the internet. Many internet providers offer a combined router/modem unit that performs both these functions in one device, and here we refer to the device simply as a router.
Setting up your router
- Ensure the network password provided by the ISP or router manufacturer is hard to guess, and if not change it to something more secure. Find out how to set and use strong passwords.
- Some manufacturers’ administrator passwords to access the settings for routers are publicly available online, so in this case it’s imperative you change the password on your device. Where possible, also change the default administrator username (typically ‘admin’ or ‘administrator’) to something hard to guess.
- Ensure remote management is disabled. Remote management on your modem or router can allow you to make changes to your internet connection, including passwords by logging into your device via the internet. By disabling this function, you are protected from unauthorised people remotely accessing your router and tampering with it.
- Consider enabling the ‘guest’ Wi-Fi feature on your network for visitors that may need access. This way you don’t need to share your actual Wi-Fi password with them and you can cycle the guest Wi-Fi password as needed without having to reset all your wireless devices in your house.
In many cases it is straightforward for a cybercriminal to determine the make and model of the device you are using, and then access your router.
Use the strongest encryption protocol #
Because wireless networks don’t need a wire between a computer and the internet connection, it is possible for anyone within range to intercept the signal if it is unprotected.
This means you need to use the strongest encryption protocol provided by your router, which is currently WPA2. You should be able to check this by looking at the device settings. The WPA2 protocol was introduced in 2006, so routers purchased on or before this date will not give you the option of selecting it.
Manufacturers often classify old devices as ‘legacy’ models and no longer develop firmware upgrades for them, and this can leave you exposed to known security flaws.
If that’s the case, you should consider replacing your router.
Not using the strongest encryption protocol increases the chances of your internet communications being intercepted by cybercriminals.
Make sure your router uses the latest ‘firmware’ available #
Firmware is the software embedded into your router that determines the functions it can perform. Just like new software updates for your computer, new firmware for your router will provide improved features and address any security vulnerabilities.
To find out which version of firmware is installed on your router, some have a button you can click to automatically check if a more recent version is available. If not, you can log in to the device and check its settings. Then if you go to the manufacturer’s website, it will tell you if there’s a more recent version of firmware for your device and allow you to download it.
Be careful when you do this. Make sure you follow the instructions in your device’s manual and select the correct firmware upgrade version for your model of router, because a failed update can render your device unusable and disconnect all your computing devices from the internet.
If you don’t feel confident to update your firmware, you could get in touch with a reputable computer technician. You could also think about replacing your router.
Upgrading to a current router model will offer you significant benefits such as additional features and configuration options, and most importantly, faster data transfer speeds.
It’s easy for information sent using public Wi-Fi access to be intercepted, so you need to be careful about what information you send or receive while connected.
Wherever you can, avoid using hotspots that are run by people or organisations you don’t know or trust.
Criminals have been known to set up Wi-Fi hotspots in order to steal users’ banking credentials, account passwords, and other valuable information.
- Confirm the ‘official’ hotspot name from venue staff and manually connect your device to it. Don’t let your device automatically connect to the first hotspot in its list.
- Turn off network discovery options like “Remember networks this device has joined.”
- Turn off file sharing. If you have file sharing turned on and you connect to a public Wi-Fi hotspot, your files could be accessed by others using the same hotspot.
- Install a reputable virtual private network (VPN) solution on your device. When enabled and configured correctly, a VPN is a service that uses encryption to keep your information secure when using public Wi-Fi, as well as providing a level of anonymity. That said, a VPN doesn’t secure your devices or online accounts, so it’s important that you still keep them up to date with the latest security software updates, and always use strong passwords. Also consider the following when selecting a VPN service provider:
- Look at independent reviews online. You’ll often find honest reviews from other users, so research the app on reputable blogs, websites or trusted sources that are not the app’s own website. You can also find out more about the app’s description, its content rating and the developer, and whether an app only encrypts some of your data, not all of it.
- Where the company is based. Make sure you select a VPN provider that is based in a country with strong privacy laws. This reduces the possibility that data collected by your VPN will be shared with others.
- VPN apps may provide your personal information to third parties. Many VPN apps are funded by advertising (which appears within the app) giving consumers the option to download the apps for free. In exchange, VPN apps may share your information with third parties. If you use a VPN app to keep your internet activity private, make sure you review its terms and conditions and privacy policy, to see if it shares information with third parties.
- Consider the app permissions. Apps will ask for access to certain information on your device to help improve how it operates for you. For example, the app may request permission to read your text messages or access your photos. These permissions will be outlined and explained on the app store or during installation. Generally, a VPN application should not require access to your personal data.
Don’t do your online banking or shopping, send confidential emails or enter your passwords or credit card details on public Wi-Fi. Wait until you’re using a secure home, office of mobile connection.
When you are using websites while on public Wi-Fi, make sure the websites are secure. Always look for a https (‘s’ stands for secure) in the website address and a padlock on the web browser.
Always remember to disconnect from the hotspot after you have finishing using. it.
But remember, no public Wi-Fi is 100% secure, so consider using your own mobile data for any sensitive transactions.
It’s easy for information sent using public Wi-Fi access to be intercepted, so you need to be careful about what information you send or receive while connected.
When accessing the internet at a public Wi-Fi location, you should take extra precautions.
- Ensure your phone, tablet or laptop has a reputable anti-virus installed.
- Keep software patched and up-to-date with the latest release version, to ensure that any identified security holes have been closed.
- Set-up two-factor or multi-factor authentication wherever possible. Online systems such as banks, Google Mail and Facebook offer this option for transactions or when logging into accounts. This way, a malicious hacker can’t log in without also having access to your phone or SMS inbox, even if they know your username and its associated password.
Find more information about securing mobiles and tablets.
