Home > Articles > Security > General Security and Privacy

Securing Your Wi-Fi Hotspot Sessions

  • Print
  • + Share This
Unlike normal Wi-Fi networks, public hotspots can’t be secured with wireless encryption. Eric Geier, author of Wi-Fi Hotspots: Setting Up Public Wireless Internet Access, shares tips to keep your email, documents, and computer safe while using Wi-Fi hotspots.
Like this article? We recommend

As you may know already, there are some security concerns when using public Wi-Fi networks such as hotspots at cafes, hotels, restaurants, and other public places.

Wi-Fi wasn't specifically developed for public access. Other than certain national hotspot providers such as T-Mobile, wireless encryption (WPA/WPA2) isn't used on hotspots. This Wi-Fi encryption isn't practical for hotspots as it is with private networks in homes and businesses. Plus the sharing aspect provided by Wi-Fi works against us on public networks; you don't want to share files with strangers.

In this article, I'll discuss exactly how to secure your computer and communications while using Wi-Fi hotspots. Though wireless networking technology isn't designed for public use, it can still be safe and secure if hotspot providers and users follow a few precautions:

Use Secure Browsing and emailing practices

Just like when on the web at home or work, you should follow basic Internet security practices while using Wi-Fi hotspots. Many of the Internet protocols and services we use day-to-day are inherently insecure by default.

The login and communications for services such as HTTP web browsing, POP3/SMTP email, IMAP email, Telnet command-line access, and FTP file transferring are not encrypted and are sent and received in clear-text.

At home and work, the communications of these clear-text services can be encrypted and secured from local Wi-Fi eavesdroppers by using WPA or WPA2 encryption.

However, most Wi-Fi hotspots don't use encryption. For this reason, you should follow the practices described in the following sections.

Use HTTPS/SSL for Sensitive Logins and Sites

Make sure that any website you log in to is using Secure Socket Layer (SSL) encryption. The URL address should begin with https instead of just http. Plus the browser should display a pad lock, green address bar, or other notification.

Secure POP3/SMTP/IMAP Email Connections with SSL

If you use an email client such as Outlook or Thunderbird with the POP3, IMAP, or SMTP protocol, you should try to use it with SSL encryption.

Whether or not you can use encryption depends upon your email server or service. If it's supported, you can set it up on your email client. If the server doesn't support it, see if you can access your mail via the web (using HTTPS/SSL), at least when using public networks.

Use SSH Instead of Telnet

If you must remotely connect to a computer or server while on a public network, use a secure remote access protocol such as SSH.

Use SFTP/SCP Instead of FTP

Though it's usually easier to use plain FTP when downloading or uploading files from servers, it's not secure. Similar to the other plain-text protocols, Wi-Fi eavesdroppers can capture the login credentials and the transferred data of FTP connections.

You should use SSL encryption with FTP connections, which must be supported by the server and the client. You might also look into using the SCP protocol.

  • + Share This
  • 🔖 Save To Your Account