Five Free Wi-Fi Security Mistakes To Avoid

Cafe or conference, we're all happy to lap up free Wi-Fi. However, the benefit of being connected comes with a responsibility not to do something stupid while you're using an unknown provider. These are five mistakes everyone should avoid when grabbing a little free connectivity.

Image courtesy of Shutterstock

We're certainly not opposed to free Wi-Fi and we've offered up plenty of advice on how to find it, but it's a resource that should be used with caution. For all practical purposes, a Wi-Fi network is an open network. You wouldn't yell your passwords at strangers in the street; you shouldn't offer up your life on a platter for the sake of five minutes' Facebook access.

5. Connecting To 'Free Public Wi-Fi'

No matter where you log on, chances are you'll see a network called 'Free Public Wi-Fi'. That might sound enticing, but it's a dead end at best and a trap at worst. As we've explained before, a quirk in Windows design means that many 'Free Public Wi-Fi' connections are just people attempting to connect to each other's systems in the mistaken belief that access is on offer. That problem was largely confined to Windows XP; these days, if you see that name, it could easily be someone malicious trying to grab personal information when you surf. The lesson? Find out the name of any available networks (ask the staff in the cafe or conference centre) rather than idly trying any available network.

4. Not Using HTTPS

Sites using HTTPS encrypt your data in transmission, so even if someone is attempting to capture your data, it will be meaningless. Most popular sites offer an HTTPS option, many enforce it as the default, and the HTTPS Everywhere extension ensures it gets used whenever it's available.

3. Not Using Two-Factor Authentication

Two-factor authentication means that you can't log into services using just a password; you also need a second piece of information, such as a one-time code sent as a text message. It's a good idea to use two-factor authentication all the time, but it's especially important on unfamiliar networks. That way, if someone is snooping on or monitoring the traffic, the information they log won't help. Check out our listing of services where you should enable two-factor authentication and the reasons why it matters.

2. Not Using A VPN

If you're connecting up for work purposes, then using a virtual private network (VPN) will often be an employer requirements. Even when it isn't, using a VPN adds an extra layer of security and privacy to your data (as well as potentially enabling you to access sites which are geoblocked). Check out our guide to why you need a VPN and how to choose one for detailed information.

1. Connecting To Highly Sensitive Sites

All these precautions should protect your data, but there's still no better means of staying safe than being alert and cautious. Quickly checking your Gmail (especially if you use two-factor authentication) is one thing, but I'd be very reluctant to log into my online banking on any public Wi-Fi network. Why take the risk? Use your phone (it's much harder to hack the phone network than Wi-Fi) or wait until you're on your home network.

Lifehacker 101 is a weekly feature covering fundamental techniques that Lifehacker constantly refers to, explaining them step-by-step. Hey, we were all newbies once, right?


    Question: Why would you not connect to your online banking or other sensitive site if you had a VPN in place and you were reasonably confident that other people and/or security cameras weren't watching what you type?

    As a side note, articles like this always remind me of Neighbours (which I watch religiously everyday)
    I'm quite amazed by the amount of business proposals, draft newspaper articles, bank transfers, etc that happen in the General Store or Charlie's Bar on Neighbours. LOL

    My guest at the top two wireless security mistakes :
    1) Not changing your password. Really is it that hard?
    2) Leaving WPS on, which is on by default in the vast majority of routers.

    If I was a bad guy wanting a botnet army, my first port of call would be wireless routers. They are always on, always online, rarely reconfigured, rarely updated and their activity is almost never monitored. Just my 2c

      what do you mean by wps being left on? isnt that a security type for wireless passwords?

Join the discussion!

Trending Stories Right Now