Originally published: February 12, 2011
Last updated: February 12, 2011 - 10:47am
The Federal Trade Commission released tips to help people protect their personal information while they use public wireless networks Wi-Fi hotspots in coffee shops, libraries, airports, hotels, universities, and other public places.
While convenient, public Wi-Fi networks often are not secure. When using wireless networks, it’s best to send only personal information that is encrypted either by an encrypted website or a secure network. Encryption scrambles information sent over the Internet into a code so that it’s not accessed by others. An encrypted website protects only the information sent to and from that site. A secure wireless network encrypts all the information sent over it. To determine if a website is encrypted, look for https at the beginning of the web address (the “s” is for secure), and a lock icon at the top or bottom of the browser window. Some websites use encryption only on the sign-in page, but if any part of the session isn't encrypted, the entire account could be vulnerable. Look for https and the lock icon throughout the site, not just at sign in. Most Wi-Fi hotspots don't encrypt the information sent over the Internet and are not secure. If a person uses an unsecured network to log in to an unencrypted site or a site that uses encryption only on the sign-in page other users on the network can see what is sent. New hacking tools available for free online make this easy, even for users with limited technical know-how. A Wi-Fi user’s personal information, private documents, contacts, family photos, and even login credentials could be up for grabs.
Use these tips to tell if a Wi-Fi network is secure:
- If a hotspot doesn't require a password, it’s not secure.
- If a hotspot asks for a password through the browser simply to grant access, or asks for a password for WEP (wired equivalent privacy) encryption, it’s best to proceed as if it were unsecured.
- A hotspot is secure only if it asks the user to provide a WPA (wifi protected access) password. WPA2 is even more secure than WPA.
Use these tips for a safer Wi-Fi experience:
- When using a Wi-Fi hotspot, only log in or send personal information to websites that you know are fully encrypted. The entire visit to each site should be encrypted from log in until log out. If you think you’re logged in to an encrypted site but find yourself on an unencrypted page, log out right away.
- Don't stay permanently signed in to accounts. After using an account, log out.
- Do not use the same password on different websites. It could give someone who gains access to one account access to many accounts.
- Verizon changes tune on Wi-Fi
- New York case underscores Wi-Fi privacy dangers
- Google Adopts More Stringent Privacy Policies After Wi-Fi Snafu
- Comcast Binges on Wi-Fi Hotspots in California
- Packet-Sniffing Laws Murky as Open Wi-Fi Proliferates
- Canada Finds Google Violated Privacy Laws
- AT&T acquires Wi-Fi access provider Wayport for $275M
- Wi-Fi Networks and Consumer Privacy
- More Americans borrow neighbor's Wi-Fi connection
- Sniffing open Wi-Fi networks is not wiretapping, judge says
- KDDI makes Wi-Fi major component of mobile broadband network
- Google cuts $7-million settlement with states over Street View
- Minneapolis Delivers Free Internet Access to More Than 100 Wi-Fi Hotspots
- New software, services help you manage passwords, protect online identity
- Why connecting to a Wi-Fi hotspot is about to get easier