WiFi Security 101

To retain and also get new customers, bars and coffee shops are offering free WiFi because it is highly valued. Wireless routers have become very cheap and require minimal setup, which makes this sound great for the consumer but in reality you could be handing away data freely.

free wifi

Free WiFi is given away one of 3 ways. The first is where anyone can use WiFi as no password is needed. The second is where you have to have a password to use WiFi. The third is where the WiFi signal is private and you have to setup a free account to be able to use WiFi. If you were to grade how secure each of the 3 ways outlined above are, the first is the least secure with the third being the most secure.

WiFi with no password
When, no WiFi password is needed you can connect instantly especially if you have used the network before. Instant access sounds great but it has its very easy to hack. Hackers use software, called Sniffer Software which looks at traffic travelling to and from a wireless router to extract important information. If you plan to use this type of WiFi connection do not visit any websites or use apps that require you to log in. So stay clear of accessing your email, Facebook, Linkedin or online banking if you wish to use this WiFi connection.

Hackers also use the above setup to their advantage by setting up a fake WiFi hotspot hoping that people will use it and they can extract information going through it. If someone sees a free WiFi account they presume it’s from the coffee shop etc. that they are in especially if they see a free WiFi sign and they use it. The location of the fake WiFi hotspot can vary from a nearby building to a car or van parked nearby. Hackers can also monitor the network traffic of an entire bar, coffee shop etc. with an iPad-sized device hidden in a backpack

WiFi with a password
When the WiFi password is openly shown and shared it is easy to hack into the WiFi hotspot as the password is probably not changed on a regular basis and the WiFi hotspot is not closely regulated. Hackers using the Sniffer Software I mentioned earlier can easily hack into the system.

wifi password

Sometimes the WiFi password is printed on your receipt and is probably changed on a regular basis.If the WiFi password is changed on a regular basis then there is a lesser chance of the WiFi network being hacked and abused.

Private WiFi signal
The most secure WiFi hotspot makes you setup an account to use it and you also have to login everytime you go online. By forcing you to logon everytime you want to use WiFi, you are making it more secure. No hacker will want to intercept traffic on this hotspot as anything they do can be traced back to their account.

wifi login

This type of WiFi hotspot is the one I trust the most as everything done on it is traceable. Businesses don’t want customers downloading and viewing pornography or hacking so they make sure if anything like this happens, the customer’s accounts are cancelled and appropriate action is taken.

As I mentioned earlier business owners know that free WiFi is highly valued, which is why they are ripe targets for hackers. Most users will not realise this, and they will routinely expose valuable personal data over Wi-Fi hotspots. But all is not lost and there are some steps you can take to ensure your surfing is less likely to be compromised.

Make sure the WiFi connection is legit.
As I mentioned earlier, hackers sometimes setup fake WiFi hotspots. Make sure that you are connecting to the correct WiFi hotspot by confirming it with an employee of where you are.

Encryption on websites that you have to login to access
Encrypting the communication between your computer and any site you are visiting, will help maintain privacy and security. The most popular form of encryption is SSL encryption, and to check that it is active take a look at the website address. If it starts with https then you can breathe a sigh of relief. You will also notice your browser displaying a padlock icon. If you don’t see any of the above in a social media website, financial websites, an online shopping site or your email account, then don’t login. Also before the encryption process has even begun, the website authenticates its identity with your browser.

untrusted security cert

If your browser cannot verify that the site is actually what it claims to be, a pop-up window appears alerting you to an untrusted security certificate. If you see this, then do not visit the website.

Make sure all your software and browsers are up to date.
It is very important that you’re running the latest updates for your operating system and web browser as any weaknesses are easily exploited. The last thing you need is for your computer to be leaking data through a hole in your firewall, so make sure there are no holes.

File sharing.
Make sure that Windows File Sharing is turned off as you don’t want someone accessing the files on your computer. For instructions on how to disable file sharing in Windows XP go here. For instructions on to disable file sharing in Windows 7 go here. For instructions on to disable file sharing in Windows 8 go here.

WiFi security awareness needs to have businesses and users singing of the same hymn sheet. Businesses need to make sure that their WiFi is very secure and I am not talking about having their hotspots as secure as Fort Knox. Nothing is 100% secured and it has to be a less viable target. Users have to be careful with their surfing habits, and make sure they don’t use free WiFi hotspots unless it has a password which is changed regularly or it requires you to setup an account. As long as businesses and users are security conscious less damage can be done.