Main Content Start

How To Stay Safe on Public Wi-Fi Networks

Man in café using a laptop to illustrate public-network safety tips
September 30, 2016

Use caution

Public Wi-Fi is convenient but, as a rule, not secure. Surfing the web, reading the news or watching some TV is fine, but if you send information while on public Wi-Fi, it might be readable by anyone sitting next to you in the coffee shop, airport or hotel lobby.

What You
Should Know

Most public Wi-Fi networks are not secure and criminals can use them to steal your info.

What You
Can Do

Assume all public Wi-Fi networks are unsafe and never exchange personal info over them.

What are the risks?

Thieves will be able to see the websites you visit as well as any account numbers (banks, credit cards) and passwords you type into unencrypted websites. Then they can use that information to steal your identity by logging into your accounts as “you” or using your credit cards for online purchases and more.

68% of public and unsecured Wi-Fi users fell victim to cybercrime in 2013.1

How to protect yourself:

  • Only use secure Wi-Fi hotspots (those that require a password) .
  • Send information to websites that are fully encrypted (website page URLs begin with “https:” not plain old “http:” without the “s”).
  • Avoid doing anything that requires transmitting personal or financial information.
  • You can also use your cell phone as a “hotspot” so that your computer is surfing via your phone’s network, not over a public Wi-Fi. (Check with your network provider to learn how.) Use this feature to access the Internet if you are unsure of the public network’s security.
Watch:Public Wi-Fi Networks
Runtime: 00:03:11

Stop Think Connect

Other best practices for public Wi-Fi:

Assume Wi-Fi hotspots are insecure – Since most Wi-Fi hotspots are not secure it’s best to assume that none of them are.

Don’t use apps on Wi-Fi – Many mobile apps don’t encrypt information properly it is a bad idea to conduct sensitive business on public Wi-Fi networks. If you must interact with a company you do business with, use your phone’s browser to access the company’s website instead.

Look for “https:” – Only send personal information to websites you know are fully encrypted (the “https:” before the webpage’s URL address). If you find yourself on an unencrypted page (no “s” after the http:), log out right away.

Don’t stay logged in – When you’ve finished using an account or a website, log out.

Do not connect automatically – Change your cell phone’s Wi-Fi settings so it does not automatically connect to nearby Wi-Fi hotspots. This will give you control over when and how your device uses public Wi-Fi.

Enable Windows Firewall – For Windows users, make sure Windows Firewall is enabled. Generally, it’s turned on by default. It can block viruses, worms and hackers from getting into your PC. If you’re unsure if it’s enabled, check your computer’s security settings.

Don’t reuse the same passwords – Use unique passwords for important websites such as banking, health insurer or financial advisor. That way, if thieves do obtain one password, they won’t be able to access your other accounts.

Use two-factor authentication – Gmail, Twitter and Facebook all support the extra step this login procedure calls for. With two-factor, even if someone steals your password from public Wi-Fi they need the second factor (like a PIN number, code or thumbprint) to log in.

Turn off file sharing – For Windows users this will ensure that shared files are no longer accessible to anyone who has virtual access to your computer.

Pay attention to warnings – Many web browsers alert users about fraudulent websites that may be infected with malware. Heed these warnings and keep your browser and security software up to date.

Skip to footer