8 Tips to Protect your Laptop When Using Public Wi-Fi
So is using public wi-fi safe when travelling?
“If it seems too good to be true, it probably is. Free wi-fi is no exception to this adage. Security company Avast tested this theory by setting up a number of free fake Wi-Fi hotspots to see how many people would take the bait. They caught a lot of fish.” – Jen A Miller, CIO Magazine, 29 July, 2016.
On one day Avast set up a number of free, but fake, wi-fi hot spots during a Republican National Convention in Cleveland, USA. During the day, more than 1,200 people logged into the fake hot spots. Of those logging in, 68.3% exposed their identities when they connected and 44.5% checked their emails or chatted via messenger apps.
When travelling the temptation to access free public wi-fi is often difficult to resist. Hackers will often set up hotspots which are designed to appear as though they are provided by businesses or organisations.
So while a hotspot may look legitimate, you need to be vigilant. Here are eight tips to help you protect your information when using public wi-fi while travelling. I do not want to get technical so while there are technical terms in the article, I have attempted to explain them in plain language.
Tip 1: Protect Your Passwords
Your password gives instant access to your information such as your email, social media or online banking. It is therefore important to ensure that you put effort into selecting and protecting your passwords.
Do not use basic passwords. Examples of basic passwords include:
- Consecutive keyboard combinations such as qwerty, asdfg or zxcvb.
- Words that appear in the dictionary, common misspellings of those words or spelling those words backwards
- Common slang terms
Research by password manager, Keeper using an external, public data source examined about one million passwords from data breaches that happened. The results of that research included:
- Nearly 17% of people are using the password “123456” to safeguard their accounts
- The list of most-frequently used passwords has changed little over the past few years.
- Four of the top 10 passwords and seven of the top 15, are six characters or shorter.
- The top 10 most common passwords were – 123456, 123456789, qwerty, 12345678, 111111, 1234567890, 1234567, password, 123123, 987654321. I though number 12 deserved a mention – mynoob!
Do not reuse passwords on more than one account. If you use the same password and one of your accounts is compromised, you will have given access to your other accounts to the cyber-criminals.
Use passwords of more than eight characters that have a mix of lowercase and uppercase letters, numbers and symbols.
Check the strength of your password. Some websites you log into will analyse the strength of your password. If it is not a strong password, change it.
10 Most Common Passwords of 2019
Use a Password Manager
But how do you remember all those passwords if you have a different password for each account? Make use of a password manager such as LastPass. Password managers create strong passwords for you and will securely store your account information. That way you don’t have to remember every password. You select how many characters you want your password to be, what combination you need of upper and lower-case letters, numbers and characters and a password is generated for you. The reason password managers are so easy to use is that you need to remember one strong password and the software remembers the others. LastPass also allows you two factor authentication through Google Authenticator (see Tip 2). To access LastPass you can either log in via the web or via an app downloaded to your mobile phone. LastPass offers a free version with these features.
Using a service such as LastPass does take time to set up. You need to enter details of each of your usernames and passwords for each of your accounts. But after this is done, LastPass also provides the benefit of notifying you where passwords are used more than once, allowing you to update your password before heading off on your travels.
A Final Tip
A final tip in relation to passwords is to never save your username and password into your browser. Each time you enter user credentials into a website or online service the browser will often ask if you want to save the password. Whilst this is convenient if your computer is stolen it won’t matter how strong your password is as it will be automatically entered.
Tip 2: Use Two Factor Authentication
Entering your username and password is considered to be single factor authentication and if your password is compromised or lost, your account can be accessed. Two factor authentication requires an additional level of authentication which can include the receipt of an additional password / security code by text, use of a separate security token (key fob) or using a tool such as Google Authenticator on your mobile phone.
The use of a two-factor authentication does result in an additional step when logging in and therefore additional time. However, that additional time is minimal and the added security is worth it. Another benefit of two-factor authentication is that it can be a way of knowing that your password has been compromised. If you receive a text with a security token that you have not requested this is often a sign that someone has attempted to log into an account with your correct username and password. Without the token the attacker will not be able to access your account and the text message will warn you of which account password may have been lost.
But is there a downside? If using a security token / key fob, you may be charged by the issuer (eg. your bank) for it to be issued and it takes times for the token to be ordered and delivered. When you are travelling you also need to carry the token. You can usually now receive a security code by text or using a tool such as Google Authenticator. This requires you to have access to your mobile phone.
Before you travel, check if you can access two-factor authentication on accounts such as online banking and email, which you may need access to while away. If you can, arrange for this additional security.
If you receive a text with a security token that you have not requested this is often a sign that someone has attempted to log into one of your accounts with your correct username and password.
Tip 3: Run Strong Anti-Virus / Anti-Malware Software
Anti-virus software is an important tool that should be on every computer including your laptop. So how does anti-virus software work? It usually uses two methods to protect your computer. Firstly it examines your computer for files that are known viruses. It also tries to identify suspicious behaviour from any computer program that might indicate it is a virus.
So what should you look for in a good anti-virus software? These include:
- Persistent scanning – the software should scan all your activity all the time. It should not matter if you are reading an email, surfing the net or using a USB device the software should be able to scan your activity and detect virus’s before they infect the computer.
- Provide safe surfing advice – many anti-virus products will warn you if you are attempting to access a website that is known to be dangerous.
- If it finds a virus, it should alert you and advise it has either attempted to remove the virus or ask whether you want to “clean” the file (remove the virus).
So should you chose a free or paid anti-virus software? An anti-virus program such as Bitdefender offers both free and paid versions. As with any free v paid comparison, the free version will usually offer less features. You need to compare both versions and determine if the free version is sufficient for your needs.
Using public wi-fi is like having a conversation in public. Your conversation can be overheard.
Tip 4: Turn off automatic updates and sharing on your computer when traveling
Sharing files and printers with family on a home network can make life easier. But when you are travelling and accessing public wi-fi it can put data stored on your laptop at risk. Make sure that file and printer sharing is disabled.
To further protect your data, before travelling back up all files you do not need on your trip and remove them from your laptop.
Also, make sure you do all necessary application and operating system updates on your laptop. Avoid doing these updates using free / public wi-fi.
What is Encryption?
Encryption encodes your data so that only those authorised to have access to it, actually can access it. Encryption protects the confidentiality of digital data when it is stored on your computer and transmitted via the internet.
Tip 5: Use a VPN
So what is a VPN? A VPN is a Virtual Private Network. A VPN encrypts all traffic to and from your laptop which makes it difficult for any cyber-criminal to gain access to your data.
When you connect to the internet, you usually connect to an Internet Service Provider (ISP), which then connects to the website that you are wanting to visit. All of the internet traffic passes through the ISP’s servers and your ISP can view that traffic.
By using a VPN, rather than connecting to the ISP you connect to a server run by the VPN provider via an encrypted connection. This means that any data travelling between your laptop and the VPN server is encrypted.
When you are travelling and log into a public wi-fi, the internet connection between your laptop and the VPN server is encrypted. Even if a cyber-criminal accesses your data by you accessing an unsecure hot-spot, your data is safe because it is encrypted.
How do you set up a VPN? While you can run your own VPN, you do need to have a good IT knowledge. The other option is to use a reputable third party VPN provider. You can use either a free VPN provider such as CyberGhost or a paid VPN provider such as ExpressVPN or Vyprvpn. The free version of VPNs will usually be slower, may have some restrictions and have less servers around the world. Paid VPNs will usually have multiple servers around the world and are faster as well as being available on multiple devices.
Tip 6: Avoid automatically connecting to hotspots
While the option to automatically connect to a hotspot is usually not enabled by default, it is important to check that this is the case. You do not want your laptop to automatically connect to a wi-fi hotspot when you are travelling. You want to make sure that you make the decision on whether or not to connect to the wi-fi.
When connecting to public wi-fi with your laptop, make sure the connection is secured. In the image you can see that the first network is Open while the second is listed as Secured. Do not connect to an Open network. Rather connect to a Secured network which will mean you will need a username and password such as those networks you regularly find in hotels.
Tip 7: Make sure websites you visit have HTTPs protocols
Firstly, what is HTTPs? HTTPs protocol means that the flow of data or traffic between the browser on your laptop and the remote server where the website is stored, is encrypted.
When travelling you might think your web browsing is harmless. You might log onto public wi-fi to check opening times for a local attraction, check for a great bar or restaurant near your hotel or check the weather conditions. But when combined with other information, cyber-criminals could determine, for example, when your hotel room will be empty because you are going to a restaurant. But is that all you are doing on your laptop when travelling? Have you done any of the following:
- Logged into internet banking
- Booked a tour using your credit card
- Booked a restaurant providing your contact information
- Logged into your social media accounts
- Logged into your email
Having HTTPs on a website you visit is particularly important when visiting a website where you need to enter a username and password. But it also important to make sure that all pages on the website you visit use HTTPs and not just the login or home page.
How does a website show it’s protected?
So how do you know if a website is protected? You need to look to the area just next to the left hand side of the web address at the top of your web browser. Having a pad lock and the word “Secure” shows that the information you send or receive from the site is private. You may also find that rather than the word “Secure” is the name of the company who owns the website. However, even if this icon is present, always be careful if you are sharing your private information and make sure you know the site you are visiting.
Sites such as banks, web based email, airlines, hotel bookings and social media usually use secure sites.
The “i” in a circle means Info or Not Secure. The website is not using a private connection and some of your information might be able to be viewed. If you are visiting sites such as these, be aware about how you are interacting with the site. In this example, news.com.au is a news site and will usually be accessed to catch up on the latest news.
I have not included an example site with this warning as I do not want to visit a site that is not secure. The “Not Secure” warning means to proceed with caution. There could be serious issues with the privacy of this site and others may be able to see the information you send to or receive from this site. The “Dangerous” warning means to avoid the site. For example, if you are using Google Chrome, you may see a full-page red warning screen which means it has been flagged as unsafe by Safe Browsing and if you proceed to the site you will likely put your private information at risk.
Tip 8: Use Firewalls
A firewall is your first line of defence for you laptop when you log into wi-fi. It is designed to prevent unauthorised access to your computer. It screens incoming and outgoing access requests to ensure they are legitimate.
Both Windows and Mac operating systems have built-in firewalls. You should ensure the firewall is enabled prior to connecting to any wi-fi hotspot. You can see in the image that the “guest or public networks” is set at Connected (this is using Windows 10 operating system).
No matter how much protection you set up on your laptop, you need to remain vigilant when using public wi-fi. The rule is simple – if in doubt, don’t log on.
Thanks for such a useful post. I find myself wanting to work on my laptop away from home more and more but I’m always worried about connecting safely. I appreciate how explain cyber security in an accessible way for those of us less skilled. Thanks!
Happy to help Megan. It doesn’t need to be complex but it is also really important to protect our laptops when on wi-fi.
This is the post I never knew I needed! Thanks for writing it up! I use public wifi almost every day and definitely need to be more aware of my surroundings.
You’re welcome Kylee. With the amount of cyber crime around it is so important to be careful.
These are great tips, especially for those who are not completely computer savvy. Another thing many people do is use a common name or pet name. While this is easy to remember, it’s best if you do use this technique to change some letters to special characters and add numbers throughout.
Thanks Melissa. And so true about using pet names for passwords. That’s when a tool like Lastpass is really useful.
Sophie van der Meulen
This is great advice, thank you! I should definitely be more careful with this…
LisaSophie van der Meulen
Thanks Sophie. It’s one thing we are always so careful with when we travel.
Such a useful article! I am web developer and I know how often people forget about security! I am happy that someone wrote about it.
Thanks Zaneta. It’s so true that people forget about it but it is really important.
Good tips! It’s so easy to not think about it and just connect automatically.
Thank you Amy. It really is so easy but it doesn’t need to be complicated to keep safe.
This is so great. I use a VPN but I think I need to also implement some more of these steps in to my routine for security!! Thanks so much!
You’re welcome Cherene. Glad it could be useful.
It was nice to know that I already had most of your tips in place. But it had not occurred to me not to update software while overseas. I will be turning off updates when I travel in future.
Glad it was useful Joanna.
Security is uber alles! I have NordVPN installed on my router and all my gadgets are safe. Moreover, I use proxy additionally on my browser, and when out and connect to a public wifi I have Nord at my phone as well. See how paranoid I am? I have read millions of articles before choosing the most secure and stable provider, and Nord was highly recommended. So after using it for a while, I can say that it works like promised. There were no leaks, no connection problems. It could be cheaper, a little bit, but as far as I know, it’s still not the most expensive VPN provider on the market. And thanks for usefull tips, I’ll defenetly pay more to HTTPS sites.
Totally agree that security is so important Martin. Sounds like you are on top of it all too. And a great point about your phone. I think people forget about security on their phones.
These are all really good tips! So often I don’t think much about using public wifi or worry about making passwords too difficult, etc, but this is such a good reminder of how important it is to be vigilant!
Thanks Andrea. With so much cyber crime, we unfortunately always need to be vigilant.
I can’t believe people actually use 123456 as a password. LOL. What a helpful post, thank you!
Glad it was useful Nicole. And yeah, scary the passwords people use!.
You have some good tips here!
I always seem to re-use my passwords, I have such a bad imagination when it comes to coming up with new once. I could definitely use a password manager 😀
A password manager definitely helps Ann. You just need one really strong password and two factor authentication.
Logging into multiple public wifis on a daily basis these are some great reminders. I have finally made the decision to buy a VPN last year and now can’t believe I traveled without it for so long, honestly can’t go without it anymore!
So glad you find the VPN so good Odette. It really does help.
How very true! When I travel, I only use my laptop when I’m in the hotel/Airbnb. I never use it out in public. And if I need to access the internet via my phone while out exploring, it is for generic Google searches for the place I am visiting. I’m on vacation so emails can wait until the end of the day. But we should all be smarter about our Wifi access.
We tend to do the same April.
sarah de gheselle
These tips are so helpfull! I do nothing to protect my laptop when using public wifi, so I should really take some action. Thank you for your post!
Lisasarah de gheselle
Glad they are helpful Sarah. There is far too much cyber crime around not to protect yourself.
Wonderful, I tend to go to caffes and work abroad a lot. This are some useful tips taht I have to keep in mind! Thank you
Hopefully they are helpful Yina.
Thank you so much for sharing the information. I dont get it that so much people use those simple passwords haha
It really is amazing how many people use and reuse really simple passwords Kelly. A hackers dream!
Useful reminders that we all need from time to time – easy to forget about when we get a new laptop.
Another point would be to only log onto the internet when you are actually using it, rather than allowing it to run constantly in that background. Unlimited home broadband has got many of us into bad habits!
Great point Annie. It’s so easy to log into the internet and just leave it running.
A great article, thanks for the reminder. I use LastPass and really like it, but I haven’t been so successful to have this on my iPhone (I think I need the paid version).
We travel full time and to keep ourselves safe I hotspot off my iPhone and use a VPN to log into the internet.
Another thing I am considering is installing a privacy screen on my computer. It’s a plastic film that means you have to be directly in front of the computer to see the screen. Helpful when on an aeroplane.
I definitely like the idea of a privacy screen Ruth. A simple but very effective item.
Thank you for the great tips. I’ve used a few and implemented a few others now based on your recommendations. I especially take your password recommendations to heart. Overtime, I have migrated to lengthy, unique passwords as outlined here after finding an email of mine on the ‘Have I Been Pwned’ site. Nice to know that LastPass allows two factor authentication in the free version.
So glad it is helpful Lisa. Lastpass has been so good to have. And I”m like you, a very old password I’ve used was also on one of those sites thanks to a newsletter I had signed up to many years ago.
These are really great tips! Some you automatically thing about (for me VPN and not using basic passwords and the same ones across many accounts) and other you many not or need a reminder of (https and firewall). I don’t think you can ever be too careful this day and age when traveling.
Thank you for sharing this information!
Totally agree you can never be to careful Nina.