Free wi-fi is a windfall, especially if you’re working from the library or airport, or if you just want to save data on your phone or laptop. Still, you do have to care about security when you’re out and about. Here’s how to surf safely, on any device.
#1 Practice Good Internet Hygiene
Perhaps the first and biggest piece of advice we can give you, beyond software, and beyond tools that promise to protect your privacy, is to practice good internet hygiene. Avoid working with — at least online — sensitive data when you’re using unsecured, public wi-fi. It may be a good time to check the news or read your favourite blogs, but it’s probably not the best time to do your online banking, if you catch my drift.
Of course, if you have methods to secure yourself like the ones we mention below, you can rest a little easier in this regard, but remember, you should care about security on that coffee shop network. It’s unlikely that someone’s snooping on it, but it only takes once to lead to identity theft, or worse.
#2 Use the Right Networks (and Avoid the Bad Ones)
Not every public wi-fi network is created equally. For example, that “Free Airport Wi-Fi” network lurking in the background is undoubtedly worse than any wi-fi network provided by one of the coffee shops, stores, or retailers in the airport. Opt for those instead. You’ll appreciate the added security (albeit really only security through obscurity, which is flimsy) as well as the likely improved performance.
If you’re curious, you can use tools like WiFox and its mobile apps to map out networks at your airport and choose which ones to use and when. Oh, and in case it needs to be said, if there are questionable networks like “Free Wi-Fi Here!” or “Absolutely Free Internet!” you should probably avoid them.
#3 Use Semi-Open Wi-Fi Networks Instead
You may not always have a choice when it comes to what network you use, but if you do have a choice, consider “semi-open” wi-fi instead of completely open networks, consider ones that serve airport lounges, nearby coffee shops that have hidden SSIDs or put their passwords on receipts instead of giving them out freely, and so on. Sometimes tools like Wi-Fox, which we mentioned above, have those in their database. You can also turn to Google Places, Yelp, or even good old FourSquare to find those passwords.
Alternatively, there’s nothing wrong with just asking at the airport information desk, library desk, or coffee shop counter, but if you want to be sneaky, we’ve covered more than a few tricks to get that premium, exclusive wi-fi and obscure yourself from the rest of the masses using the public networks.
#4 Turn Off File Sharing and AirDrop Options
You may not be able to control who’s on what network you’re using, but you can control your computer. Regardless of if you’re using a Windows PC or a Mac, your computer probably has some file sharing options that assume you’re on a trusted network, with other trusted computers. Turn off file sharing in Windows and macOS, enable your system’s built-in firewalls, and keep internet-connected apps and services to a minimum.
Mac users, take the extra step and set AirDrop to contacts-only. You should do this anyway, but now’s a good time.
Then, automate those settings so your machine is open when you’re at home or on a trusted network and then automatically switches to a more secure setup when you’re not.
#5 Turn Wi-Fi Off When Not In Use
One of the basic rules of security is that if you don’t need something connected to a network, don’t connect it. When you’re finished working online, turn wi-fi off on your laptop, tablet, or smartphone. It’s a nice security habit to get used to when you’re using untrusted networks (if you have to use them at all), and it will also save your battery.
You can take this a step further and download local copies of your email and documents to work with when you don’t have a connection, or use Google Drive offline (or a similar service) to work without internet access, or just grab that movie or playlist to listen to when you’re not connected at all.
#6 Keep Your Antivirus and Antimalware Up to Date
This list is in no particular order, but we’re willing to bet some of you may have expected to see this tip sooner. If you ever use public, untrusted networks, make sure your computer is running some kind of antimalware utility and complementary antivirus utility as well.
For the former, Malwarebytes is our favourite, and regularly comes out on top of tests. For the latter, you have options. We like Avira for Windows and Sophos for macOS (it’s also available for Windows). Whatever you choose to use, keep it up to date, and keep it running — especially when you’re out and about. Public wi-fi networks have been known to inject ads while you browse and we all know how bad malvertising can be.
#7 Install Privacy-Protecting Browser Extensions
Antimalware is great, but it only really protects you from things you download and execute, barring malvertising or malware winding up on your system through no fault of your own. The next step is to fortify your browser with tools designed to protect your privacy.
You probably already use an ad blocker, but a good, customisable one like uBlock Origin gives you control over what’s blocked and what isn’t when you want it, and can lock out just about anything when you need it to. Disconnect is another great option, and protects you from same-network attacks like session hijacking and clickjacking — both of which are still real threats and can give people access to things like your Amazon account or Facebook account, even if you’re browsing securely.
#8 Use HTTPS Everywhere You Can
Anywhere HTTPS works, use it — and HTTPS Everywhere, from the Electronic Frontier Foundation — can make sure you do. Of course, not every site supports it, but if it’s available, the add-on will try to bump you over to the secure version of the site, and if it’s not there, you’ll roll back to the plain HTTP version.
It’s not absolutely perfect security, but making sure your connection to a given site is secure means at the very least the information sent to you (and that you send to the site) is encrypted, which goes a long way to making sure that anyone snooping on your communications doesn’t get anything sensitive.
And by “snooping”, we really mean someone just soaking up packets from the network looking for credit card numbers, passwords, or session cookies to access logged-in accounts — not Notoriously Strong Adversaries, from which there’s little recourse (and honestly, not who we’re talking about here).
#9 Use a VPN (or Roll Your Own)
The best protection from an untrusted network when you have to use one, I think, is direct, encrypted access to a trusted one. That means using a VPN when you’re out and about.
Whether you use a third-party VPN service provider or you roll your own VPN at home and connect to it when you’re out and about, using one makes sure that all of your data is encrypted between you and the service provider, locking out anyone on the same network as you who might be snooping around.
Of course, if you roll your own at home and connect to it, the trusted network we’re talking about is your home network and your home ISP. It will likely be slower, but at least you know the equivalent experience is you surfing the web or working from home. If you use a VPN provider, you’ll need to make sure they’re trustworthy, don’t leak your IP address, or leak any other information about you. That goes double for mobile VPNs, which can be riddled with malware and soak up private information while you use them.
#10 Bring Your Own Wi-Fi Instead
The real best protection from an untrusted network is not using it at all. Of course, this isn’t a real way to make public wi-fi any safer, but if you can, consider ditching the public wi-fi entirely and bringing your own. Whether you use a mobile hotspot or you just tether to your smartphone and use your wireless carrier’s data, both approaches get you off of the sketchy public wi-fi at the airport while you’re waiting for your layover and onto cellular data instead.
This story has been updated since its original publication.