Tips for safely using public Wi-Fi

Bad actors can take advantage of you online. Read below for some tips to consider if you need to use public Wi-Fi.

In response to the Coronavirus outbreak and the closure of businesses and libraries, many of us are spending more time online. As a result, we may need to use public Wi-Fi to connect to the internet. If you do find yourself needing to use public Wi-Fi, please consider the following recommendations from the state Chief Privacy Officer to help protect your data (Language translations including Deutsch, Español, Français, 日本語, 한국어, 简体中文 and русский язык)):

1. Confirm you have the correct network.

Make sure you are connecting to the right network. Bad actors may create networks that look harmless based on their name but are in fact directing you to connect with a network set-up to see your internet surfing. This means if you enter login credentials or passwords into websites, the hacker will be able to steal your information. To protect against this, read the network name very carefully and if possible, ask an employee or check signage of the business to make sure the network is legitimate.

Well-known networks, like those of familiar coffee chains, are likely less suspect because the company is operating the network as a service with their business. Known networks are generally safer than random free Wi-Fi networks that may show up on your phone in a public place.

2. Turn off auto-connect.

Many devices (smartphones, laptops, and tablets) have automatic connectivity settings. This setting allows your devices to conveniently connect to nearby networks. This is okay with trusted networks, but it can also connect your devices to networks that may be unsafe. You can disable this feature through the settings feature on your device. Keep these settings turned off, especially when you are traveling to unfamiliar places. As an extra precaution, you can check "forget network" after using public Wi-Fi.

You should also monitor your Bluetooth while in public places. Bluetooth connectivity allows various devices to communicate with each other, and a hacker can look for open Bluetooth signals to gain access to your devices. Keep this function on your phone and other devices turned off when you are in an unfamiliar area.

3. Turn off file sharing.

Make sure to turn off the file sharing option while on public Wi-Fi. You can turn off file sharing from the system preferences or control panel, depending on your operating system. AirDrop is an example of a file sharing feature you will want to turn off. Some operating systems like Windows/PC will turn off file-sharing for you by choosing the "public" option when connecting to a new public network for the first time.

Steps to turn off file sharing

On a PC:

  1. Go to Network and Sharing Center.
  2. Then Change advanced sharing settings.
  3. Turn off file and printer sharing.

For Macs:

  1. Go to System Preferences.
  2. Choose Sharing.
  3. Unselect everything.
  4. Next in Finder, click on AirDrop, and select Allow me to be discovered by: No One.

For iOS, just find AirDrop in the Control Center and turn it off.

4. Use a VPN.

Consider installing a VPN (Virtual Private Network) on your device. A VPN is the most secure option for digital privacy on public Wi-Fi. It encrypts your data as it passes to and from your device and acts as a protective "tunnel" so that your data is not visible as it passes through a network.

5. FBI warning about encrypted websites - HTTPS.

The FBI has warned about websites with addresses that start with "https." The presence of "https" and the lock icon are supposed to indicate the web traffic is encrypted and that visitors can share data safely. However, cyber criminals are now banking on the public's trust by luring people to malicious websites that incorporate https and appear secure when they are not.

FBI's Recommendations:

  • Do not simply trust the name on an email: question the intent of the email content.
  • If you receive a suspicious email with a link from a known contact, confirm the message is legitimate by calling or emailing the contact. Do not reply directly to a suspicious email.
  • Check for misspellings or wrong domains within a link (e.g., if an address that should end in ".gov" ends in ".com" instead).
  • Do not trust a website just because it has a lock icon or "https" in the browser address bar.

6. Accessing sensitive information not recommended.

Even if you have a VPN it is still not recommended to access personal bank accounts, or similar sensitive personal data like social security numbers on unsecured public networks. Even public secured networks can be risky. Use your best judgement if you must access these accounts on public Wi-Fi. For financial transactions, it may be better to use your smartphone's hotspot function instead.

7. Secured vs. unsecured.

There are basically two kinds of public Wi-Fi networks: Secured and unsecured.

Whenever possible connect to secured public networks. An unsecured network can be connected to without any type of security feature like a password or login. A secured network usually requires a user to agree to terms and conditions, register an account, or type in a password before connecting to the network.

8. Keep your firewall enabled.

If you are using a laptop, keep your firewall enabled while on public Wi-Fi. A firewall acts as a barrier that protects your device from malware threats. Users may disable the Windows firewall because of pop ups and notifications and then forget about it. If you want to restart it on a PC, then go to the Control Panel, "System and Security" and select "Windows Firewall". If you are a Mac user, go to "System Preferences", then "Security & Privacy", then "Firewall" tab to enable the feature.

9. Use antivirus software.

Also make sure to install the latest version of an antivirus program on your laptop. Antivirus programs can help protect you while using public Wi-Fi by detecting malware that might get into your system while using the shared network. An alert will warn you if known viruses are loaded onto your device or if there is any suspicious activity, attack, or if malware gets into your system.

10. Use two-factor or multi-factor authentication.

Use multi-factor authentication (MFA) when logging into websites with your personal information. This means you have a second verification code (texted to your phone or provided by an app or physical key) which further protects you. So even if a hacker gets your username and password, they can't access your accounts without an authentication code.

11. Keep track of your personal devices.

Don't leave your laptop, tablet, or smartphone unattended in a public place or vehicle. Even if you are taking precautions on a Wi-Fi network, that won't stop someone from taking your property or sneaking a peek at your information. Be aware of your surroundings and mindful about those around you.

12. Other online safety tips.

Here are a few tips for staying safe online, especially if you're using a public Wi-Fi connection:

  • Use strong passwords.
  • Encrypt your devices.
  • Beware of phishing emails.
  • Be careful what you post on social media. Too many personal details can help hackers guess passwords.
  • Delete old information that you don't need anymore.
  • If a network asks you to install any extra software or browser extensions do not connect.
  • Ensure latest patches and software updates are installed on your devices to protect against known issues.