Last Update: August 13, 2017
While SafeGadget has several tutorials geared towards using Wi-Fi securely, we still realize that this is a major problem area. On our recent trip, we encountered insecure Wi-Fi at several airports, hotels, and restaurants. This tutorial is designed to help all users utilize Wi-Fi safely and securely.
Free Wi-Fi is available in many locations, from airports, hotels, local café, Starbucks to McDonald’s and many other restaurants. Using these mostly unsecured, public wireless networks puts your information at risk. It is important to employ several safeguards when surfing at a public hotspot. If you are using a cybercafe’s shared computer, we would only use it to view information, not to even get your e-mail. Chance are high that it is compromised.
Many public wireless networks are completely unencrypted so that users can log on to them easily. Anytime you login to a free Wi-Fi hotspot that does not require a password, assume that a hacker can ease drop and see all information that is being sent and received.
Some Wi-Fi hotspots from vendors like AT&T and Comcast require you to log in with your username and password before you can get access. You need to understand that this is just access restriction and will not create a secure wireless connection.
This opens up a huge security hole as any hacker or sophisticated computer user could easily see all the sensitive data being transmitted. Passwords to online stores or email accounts can be easily captured by increasingly easy to use tools. In this article, we will help you access public wireless networks safely. Settings within your operating system may need to be optimized, additional software installed, and third party services may need to be subscribed to.
Finding Free Wi-Fi
- Boingo has a Wi-Fi locator. The Starbucks and McDonald’s entries are free.
- jiwire has a Wi-Fi hot spot locator
- There are several free apps that help you find Wi-Fi (Free Wi-Fi Finder on iPhones and WiFi Finder for Android)
Secure web browsing using HTTPS
Normal website access using HTTP:// causes information to be sent and received in plain text. This type of connection is not secure; a hacker could capture all the information being transferred and steal your data. While this is not important when you are casually surfing, you do not want your email or online trading information to be captured by others.
Force websites to use secure connections – It is important to utilize secure connections or HTTPS whenever possible. Several large websites have configuration options to force these secure connections. Here is more information on configuring HTTPS with: Gmail, Facebook, Twitter, Google. Google.com defaults to HTTPS if you are signed into your Google Account, if you are not, just manually add the s after http to force a secure connection ie – https://www.google.com
HTTPS causes a secure connection to be made using SSL security. Certificates are digital documents that verify a site’s identity. They are sold by certificate authorities. If a certificate is not signed correctly, your browser will pop up a warning. Recently, a Dutch certificate authority got breached, causing forged certificates to be created. To workaround issues like this, Internet browsers are updated to remove the forged SSL certificates. It is crucial that you keep your browser up-to-date.
If you have applications other than your web browser accessing the Internet (FTP client, desktop mail client, etc.), make sure you enable SSL secure connections within each application.
Use a password manager to create, use, and store passwords for websites. See our password manager guide for details.
Disable File Sharing
Prevent sharing of any files or folders that are unnecessary. This should be obvious, but becomes a large problem if you are connected outside the home, to a public network. When you are on a public network, you do not want to share files, printers, or any computer resources. To turn off file sharing under Windows 7 do the following:
- Click Start Button
- Type Network and Sharing Center into Start menu’s Search Box
- Select Network and Sharing Center from the results
- Select Choose homegroup and sharing options then select Files and Printers to be unshared, if necessary.
If you are using a Macintosh, consult this article on how to turn off sharing.
Enable your firewall
A firewall prevents unauthorized users from accessing your computer. Windows 7 and Windows Vista have a built-in firewall that is enabled by default. If you are running on the Mac, consult this article on how to turn on your firewall.
Connecting to a Public Wi-Fi Network
When you are setting up a new network connection, Windows will prompt you to choose what type of network this is. The choices are Home Network, Office Network, or Public Network. A Home Network is the most open network because all computers on the network will be treated as friendly, allowing for easy sharing of folders and files, and also allowing the creation of a Home Group for all computers on the network.
Office Network is slightly more strict, but the Public Network is the most strict. Selecting Public Network will hide your computer on the network and disable file and print sharing. This is recommended if you are running a notebook and connect to external networks often. If the computer is only used at home and file or printer sharing is used, do not change the setting.
Setup a VPN or virtual private network
A virtual private network (VPN) is a secure, encrypted tunnel for your computer to communicate with the Internet. All traffic travels over this secure connection, preventing hackers from eavesdropping. VPNs help secure Internet traffic that is not sent using SSL secure connections. The tunnel starts on your computer, travels over the public wireless network, and connects you with either a VPN server in your home or one that you subscribe to. Your data travels over a secure, private network even though you may be accessing a public insecure network. There are several free VPN options as well as many companies selling VPN access.
Be aware that using a VPN to order products online may cause some problems. The VPN will make your IP address appear to be located wherever the VPN server is located, which could be in another state or even country. If you order an item and have it shipped to a location different from where your VPN server was located, some fraud detection systems might flag the order as being fraudulent.
Here are some free VPN options:
- CyberGhost VPN free – Installs software on your machine to access their free service. This service is usually overloaded during daytime hours and requires users to wait in a queue for free access. They also have paid accounts that do not require the wait. One downside of this service is that we found several sites which are not accessible through this VPN. PC only; no Mac version.
- Ultrasurf – This free VPN service was mainly designed to circumvent the firewall in China. This VPN only supports web traffic and not other internet traffic like FTP or VOIP. We found that this VPN service does not support certain websites, including WordPress administration pages. PC only; no Mac version.
- Its Hidden – We could not get this service to work properly. Its Hidden is supposed to be a free VPN service that would encrypt all your traffic when using a PPTP VPN connection.
- Proxify – This web-based service helps you surf the web anonymously and securely. Proxify is limited to web access only. The free service has ads and does not support all file formats.
- Hotspot Shield – A free service for Windows that is slow and filled with ads, spys on you, but works. Paid version eliminates ads. Warnings
- Hide My Ass – A free service that includes a free Web Proxy, Facebook Proxy and more. Read the disclaimers.
- proXPN – Free version is bandwidth throttled and does not allow you to select a country.
All the free VPN services have limitations. If you can work within their limits, we suggest you utilize one. Most users require more robust VPN access and will have to either set up a VPN server on their home computer or sign up for a paid VPN service. Note that most VPNs and Proxy services will not tolerate illegal activities and will cooperate with authorities.
Some proxy servers intentionally strip HTTPS secure connections. Test your proxy at proxycheck.
Signing Up for a Paid VPN Server
Users who travel or are not satisfied by the options we listed above, should sign up for a paid VPN account. This type of VPN access gives the use maximum flexibility and compatibility with various applications.
PPTP protocol is built into Windows and is the VPN protocol of choice, but is easy to block. Open VPN requires a software download for installation. Open VPN will work in places where PPTP VPN is blocked, typically countries in the Middle East or China.
PPTP VPN typically offers less secure 128-bit encryption compared to OpenVPN based VPN servers who can offer up to 2048-bit encryption.
- Overcome geographic locks on website access. Hulu.com and Pandora.com are only accessible from within the United States. Users can purchase a VPN account from a service that makes you appear to be located in the U.S. even though you are abroad.
- Access the internet anonymously. Your IP address will be anonymous and cannot be tracked.
- Security. Use public wireless hotspots securely and prevent others from stealing your identity.
- Bypass firewalls. Access sites that are banned in your country. Log in to Facebook when you are in China.
- Skype discount. You can appear to be located in another country and make “local” calls within that country.
What to Look for in a VPN Provider
- Price – Obviously, the cheaper, the better, but the cheapest providers have a limited feature set and slow performance. Open VPN support cost more.
- Length of Contract – The longer period you commit to, the lower the price.
- Countries – Different VPN providers have servers in different countries.
- Encryption Strength – The stronger the encryption, the higher the price.
- VPN Software Compatibility – Some VPN servers require special client software for higher security access like OpenVPN.
- Logging – Make sure your VPN provider is not logging your Internet activities.
- Speed – Some lower cost providers overload their servers and Internet connections, slowing access.
Users should examine their needs and budget, and select a VPN provider that fulfills their requirements. It is wise to Google search the provider, looking for problems or disgruntled users before signing up. Google search for VPN providers.
When You are Finished Using a Public Wi-Fi Hotspot
When you have finished your online activities, it is important that you turn off your Wi-Fi connection to the public wireless network. Intentionally logging off will prevent any accidental data leakage. In Windows, you can simply right-click on the wireless signal bar icon in the task bar to disconnect from a wireless network.
With some attention to security, free public Wi-Fi can be a useful tool and a safe one.
This concludes our How to use Wi-Fi securely in Hotels, Airports, and Beyond article. Other articles on Safegadget.com help you secure the other aspects of your personal computer, including How to Set up a Secure wireless Internet Router, and How to Secure Internet Explorer article, or How to Secure Firefox Article. Please see our other articles on security tips for your e-mail, iPad, online banking, online shopping, smart phones, and more.