.

Public WiFi – Great in a pinch – but far from secure!

Do you use public WiFi? You could be at risk for being hacked!

For the third time in fourteen months my family, as well as many others in the northeast, found themselves without power for a week or more. Unlike last time, we were prepared with an automatic generator that worked beautifully! We made sure that the cable devices coming into the house were also on the generator lines, incase it was only electricity that was out. Unfortunately several large trees came down on our street wiping out power, cable, and unfortunately part of a house. We had no way of leaving since we live on a dead end street.

What does this have to do with technology? Actually a lot! I manage the websites and social media for several businesses, including a school system. I needed to post school closures and other emergency information on the web and Twitter.

Since I had the electricity to power my electronics, I only needed to get connected. Fortunately, I was able to turn my phone into a “hotspot”, that is a WiFi connection using my cellular plan. While not ideal, it served the purpose! You can check these sites out for your Android or iPhone.

One day while checking on a neighbor, she indicated that she was headed over to the library to use their WiFi as she had some bills to pay. My safe surfing tentacles immediately sent out a code red! Public WiFi + Banking = Potential disaster!

By now, most of you know to look for the https when logging onto password-protected sites. The “s” at the end of the http assures you that any information entered will be encrypted. However, you need to input a password to get to the https! It is that password that anyone with access to the public WiFi can steal. In addition, when you log onto the public WiFi, you might actually be logging onto a “hotspot” that someone else has created and made to look like the library, donut shop or other free WiFi. Once they have your password, they can log into your accounts!

There are a few solutions that should protect you.

  1. If you have the ability to use your cell phone data service (not WiFi) use that. It is more difficult for hackers to gather your information from the cell network.
  2. If your bank offers a “Pass Key” use it. A Pass Key is a onetime use code that is transmitted to either a tag or your phone. Unfortunately, many small area banks do not offer this. I do not recommend switching to a mega-bank just for this feature!
  3. Use a VPN. VPN stands for “Virtual Private Network”. From your computer, you are logging onto another computer that you know is secure. Many people already have this through work, but you can set up your own.

 

One final word – A good rule of thumb when using free WiFi – do not do anything or post anything that you would not put on a postcard for all to see!

By the way, my friend decided to pay her bills the old fashion way – snail mail!

This post is contributed by a community member. The views expressed in this blog are those of the author and do not necessarily reflect those of Patch Media Corporation. Everyone is welcome to submit a post to Patch. If you'd like to post a blog, go here to get started.

Mr D. November 27, 2012 at 06:49 PM
Public Wi-Fi can be made safer with a few simple steps: * Make sure your laptop has firewall software installed and running. Windows 7 has a built-in firewall, and major antivirus packages offer an optional firewall (Norton, etc.) * Make sure the Guest account in Windows is disabled, and that all accounts on your computer have robust passwords. This helps keep fellow Wi-Fi users connect to your PC and access your documents. * Speaking of antivirus, you do have one and keep it up to date, right? * Force encryption on any website you connect to by replacing "http" with "https" in the URL. Bank websites are encrypted, but many public websites are not by default. For example, https://www.google.com does work and this will keep another Wi-Fi user from "sniffing" your Google searches.
Mr D. November 27, 2012 at 06:57 PM
Regarding the OP's comment about entering password before a site is encrypted: This is absolutely correct. For example www.cl-p.com is not encrypted yet they expect you to enter your username and password on that page in order to access your account. By forcing encryption (reword the URL to https://www.cl-p.com, with an "S" after "http") you can make sure your password is protected from the start. I recommend you do this with any site that requires login (banks, vendors, social media site) and preferably with any site that supports it, even if connecting from home.
Catherine Larson November 27, 2012 at 07:05 PM
You can only force encryption if the site actually has a secure server. Many do not! But definitely good points!

Boards

More »
Got a question? Something on your mind? Talk to your community, directly.
Note Article
Just a short thought to get the word out quickly about anything in your neighborhood.
Share something with your neighbors.What's on your mind?What's on your mind?Make an announcement, speak your mind, or sell somethingPost something
See more »