A free public Wifi connection can seem like a lifesaver when you’re on the go. But while Wifi hotspots in coffee shops, airports, hotels, libraries and other public spaces may offer convenience, it’s often not secure, which means someone else could access your information.
Is public Wifi safe?
According to the Federal Trade Commission, “encryption scrambles the information you send over the internet into a code so it’s not accessible to others.” Unfortunately, most hotspots aren’t secure because they don’t encrypt the information you send over the internet. If a public Wifi network doesn’t require a password, it’s probably not secure. If you do send information through websites while using a hotspot, be sure the websites you use are fully encrypted. To determine a website is encrypted, look for “https” at the beginning of the web address (the “s” is for secure). If the address starts with “https”, then that page is encrypted. If it’s just “http”, the site isn’t encrypted and your information in vulnerable to attack. It’s recommended that you look for “https” on every page you visit on a website as many sites only encrypt their home page or a sign-in page.
Is it safe to use mobile apps on public Wifi?
More than likely, it’s not. According to the Federal Trade Commission, researchers have discovered many mobile apps don’t encrypt information properly. If you use a mobile app to conduct financial transactions, avoid doing so when connected to unsecured Wifi (a network that doesn't required a password). It's best to use a secure wireless network or your phone's data plan.
Steps to help protect your information when using public Wifi
Follow these tips from the Federal Trade Commission to protect your information when you connect to hotspots or public Wifi:
- Check the validity of available Wifi hotspots. If more than one hotspot appears claiming to belong to the establishment you're in, check with the staff to avoid connecting to an imposter hotspot.
- Look for “https” at the beginning of the web address on every page of a website. Log in or send personal information only to websites you know are fully encrypted.
- Don’t stay permanently signed in to an account on a website. When you’ve finished using an account, log out.
- Don’t use the same password on different websites. Reusing a password could give someone who gains access to one of your accounts access to many of your accounts.
- Pay attention to web browser alerts. These warnings try to safeguard you when visiting fraudulent websites and protect you from downloading malicious programs to your devices. Keep your browser and security software up-to-date.
- Control when and how your device connects to Wifi. Consider changing the settings on your mobile device so it doesn’t automatically connect to nearby Wifi.
- Use a virtual private network (VPN) if you use Wifi hotspots on a regular basis. Consider using a VPN which will encrypt all transmissions between your device and the internet. Use your cellphone data plan instead of Wifi when transmitting personal or sensitive information as it’s usually more secure.