5 ways to secure your data while using public Wi-Fi
This post contains references to products from one or more of our advertisers. We may receive compensation when you click on links to those products. Terms apply to the offers listed on this page. For an explanation of our Advertising Policy, visit this page.
Editor’s note: This post has been updated with additional Wi-Fi safety tips. It was originally published on Aug. 2, 2019.
While there’s less risk these days when connecting to legitimate public networks, such as those found in pretty much every hotel in the world, risks still do exist. For example, an open network is susceptible to sniffing and spoofing, whereby an attacker could follow your trail around the internet or even work to redirect you from a site like Amazon to a page that looks like Amazon to steal your login credentials — and we all know what happens next in this story.
That’s why, when you’re connecting to an unfamiliar network or a public network that’s open to the masses, it’s important to pause and make sure you’re surfing responsibly to keep your information as secure as possible.
Here are actionable tips to keep in mind when connecting to Wi-Fi in hotels and other public places.
For more TPG news delivered each morning to your inbox, sign up for our daily newsletter.
First, Look for a secure hotspot
Before you resort to logging on to a potentially insecure public Wi-Fi network, check to see if you have access to any nearby — and free – hotspot. Many phone companies like AT&T offer their customers free hotspots nationwide in places like airports. Consult your phone company for more information before your trip and you may find no need to log in to a public network.
Surf wisely on public networks
If you are connecting to public Wi-Fi, be judicious about where you surf and the type of activities you pursue while online. Pick options from known sources like, say, a Starbucks or a retail store you frequent often. Try to limit the number of networks you register for. The less information out there during public Wi-Fi membership sign-ups — i.e., your name, phone number, address — the better.
Once you have picked a public network to use, avoid logging in to your bank or investment accounts, your doctor’s patient portal or any other site that archives a lot of sensitive personal data. Even an app like Facebook’s Messenger can transmit a lot of personal identifying information.
Whenever you visit a website on a public network, glance at your browser bar and look for a closed lock icon and “https” at the beginning of the URL. This indicates a layer of security on the site’s side. If the lock icon is open and the URL starts with http, give the site a pass while on a public network. When that lock is open, it’s easier for hackers to surreptitiously snoop on the data being transferred between your computer and the servers of the websites you visit.
Use virtual private network (VPN) software
The easiest way to gain peace of mind when transmitting data over a public network is to first install a virtual private network or VPN. These are secure tunnels between your device (laptop, tablet, smartphone, etc.) and the internet. VPNs help protect data from snooping, interference and censorship. Additionally, VPNs can serve as a proxy, allowing you to mask or change your location while surfing anonymously.
On a trip to mainland China, I downloaded and installed ExpressVPN on both my MacBook as well as my iPhone before leaving the U.S. China’s “Great Firewall” blocks popular services like Google, making it difficult for visitors who rely on such entities to function while there.
ExpressVPN is a reputable VPN that creates fast, secure tunnels regardless of where you connect from. Crucially, there’s an option in the program to halt all traffic from your device if the VPN connection fails for any reason. Then, you can reconnect or select a different location to resume your internet session. VPNs generally cost around $10 to $15 per month, with many (like ExpressVPN) providing discounts for annual subscriptions.
If you travel frequently for work, your employer may reimburse these charges. Many corporations install Cisco AnyConnect on company-issued laptops. If this is installed on your machine, you’ve already got a VPN at your disposal.
Even if you trust a network, such as a hotspot at a Delta Sky Club, using a VPN adds additional safeguards from cyber threats.
Be careful connecting to open networks
Not only should you activate a VPN before connecting to an open and unsecured network, but you should think twice before doing so at all. Open networks are easy to spot — they’re the ones without that little lock icon beside them that we mentioned above.
Most hotels and lounges use open hotspots, so it’s unfair to accuse all open hotspots of being surreptitious, but caution is advised if you don’t know who operates the open network you want to connect to.
If you’re instructed to connect to an open hotspot in a coworking space, hotel on an airplane or at an airline lounge, you should notice a pop-up window once connected where you can enter login credentials or accept terms and conditions before getting online.
Err on the side of caution when thinking about connecting to questionable networks. I’d steer clear of these:
- [Person name]’s iPhone
- Any open network that looks oddly close to a legitimate network (think: a network that appears to have been created specifically to fool you into connecting)
- Any network resembling “Free Wi-Fi” or similar
If you accidentally connect to a Wi-Fi network deliberately established to capture internet traffic (say, HamptonInn-FreeWi-Fi instead of the official Hampton Inn option), the attacker would then be a person in the middle and able to access all information flowing out of your computer. Passwords, sensitive files, etc. would all be at risk of being captured.
Disable Sharing and network access when not in use
For iPhone and Mac users, visit your system settings and ensure that “Everyone” isn’t checked under AirDrop. You should never leave your phone or laptop open for others to find and attempt to send files to. We recommend keeping it disabled altogether unless you need to transfer files with someone, and disabling it again after the transfer is complete.
If you’re on a PC, limit sharing by going to the Network and Sharing Center and turn off printer and file sharing.
The same goes for Wi-Fi. If you’re working on an offline project and have no need to be connected, consider disabling all network access while traveling. Not only does this prevent anything from leaving your device unintentionally, but it’ll probably help you focus as well.
Don’t live in fear of the internet bogeymen, but whether it is triple checking the source of the network, using a VPN or even using your smartphone as a hotspot, there are ways to responsibly stay connected while on the go.
Featured photo by the author.
Welcome to The Points Guy!
WELCOME OFFER: 80,000 Points
TPG'S BONUS VALUATION*: $1,600
CARD HIGHLIGHTS: 2X points on all travel and dining, points transferrable to over a dozen travel partners
*Bonus value is an estimated value calculated by TPG and not the card issuer. View our latest valuations here.
- Earn 80,000 bonus points after you spend $4,000 on purchases in the first 3 months from account opening. That's $1,000 toward travel when you redeem through Chase Ultimate Rewards®.
- 2X points on travel and dining at restaurants worldwide, eligible delivery services, takeout and dining out & 1 point per dollar spent on all other purchases.
- Get 25% more value when you redeem for airfare, hotels, car rentals and cruises through Chase Ultimate Rewards. For example, 80,000 points are worth $1,000 toward travel.
- Get unlimited deliveries with a $0 delivery fee and reduced service fees on orders over $12 for a minimum of one year on qualifying food purchases with DashPass, DoorDash's subscription service. Activate by 12/31/21.
- Earn 5X points on Lyft rides through March 2022. That’s 3X points in addition to the 2X points you already earn on travel.