How to stay safe on public Wi-Fi
by Oliver Haslam
Working on the go has become the norm, and while public Wi-Fi is everywhere, it isn’t always secure — but luckily, it isn’t too difficult to protect yourself. Here’s what you need to know to work safely on the move.
The chances of your data being intercepted on public Wi-Fi may be relatively low, but it can and does happen. When you connect to any Wi-Fi network, at home or in public, you need to be aware of the level of security that’s in use.
There are a few different security levels you are likely to encounter when connecting to public Wi-Fi:
If you can at least connect to public Wi-Fi without initially entering a password, it’s wide open. That’s pretty self-explanatory, and you probably shouldn’t connect to any network like this, although there are caveats. There are some Wi-Fi connections that you receive as part of your home Internet package, or perhaps via your cellular provider. These normally require you to install a profile on your device, or complete a registration and login process once connected. If you trust the Wi-Fi connection and have these measures in place, that’s a decision only you can make.
Wired Equivalent Privacy, or WEP, was at one point the most widely used Wi-Fi security protocol. The level of security offered by WEP was always debatable, and after numerous flaws were discovered, the Wi-Fi Alliance officially retired WEP in 2004.
Following its arrival in 2003, WPA was thought to be the answer to the WEP problem. A standard WPA configuration makes use of WPA-PSK, or Pre-Shared Key. The keys used by WPA are 256-bit, a huge improvement over the 64-bit and 128-bit keys used in the WEP system. That means that the data transmitted over the airwaves is substantially more “scrambled,” making it almost impossible to break into. However, the fact that there was a level of backward compatibility meant that some WEP frailties were carried over to WPA and, as a result, it too was heavily compromised.
The answer to all of this was WPA2, a replacement for WPA that arrived in 2006. To date there is one primary security vulnerability relating to the standard, although attackers would need direct access to the access point in order to take advantage of it. This is currently the safest option available to those setting up Wi-Fi networks and should be deemed a minimum requirement by most.
However, no matter how good the security of the Wi-Fi connection happens to be, there are still things that can go wrong, and for that we have VPNs.
A VPN or Virtual Private Network allows users to connect their device to the internet via a secure, encrypted tunnel. An example here would be a user in an airport who needs to do some work but doesn’t trust the network she is connected to. In order to secure that connection she can connect to her company’s VPN, effectively creating a secure tunnel between her computer and those of her company. Nobody can see what’s happening within that tunnel and the data sent through it is encrypted, too.
This is fine if you have a company whose VPN you can use, but if not there are plenty of free and paid-for VPN services available. They’re a great way to make sure your internet traffic is secure and hidden from prying eyes, even when you can’t be completely assured that the Wi-Fi network you’re using is as secure as it could be. However, a word of warning: free VPN services are possibly making their money from your data, which may be a concern for some.
Your 1Password data is safe no matter where you connect from because the data we transmit is always end-to-end encrypted. This means your 1Password data is always stored encrypted, stays encrypted while it’s being uploaded or downloaded, and is only ever decrypted locally on your devices once you unlock 1Password. Even if someone were to get a copy of your data, it would remain encrypted, making it useless because they wouldn’t have your Secret Key or Master Password. And remember, 1Password has never been hacked.
It’s for this reason that you do not strictly need to be connected to a VPN in order to feel confident that your 1Password data is safe. We would however suggest a VPN for all other internet access, especially if the safety of the Wi-Fi network is unknown.
These tips will help you to stay safe while browsing the internet using public Wi-Fi.
Look for the padlock in your web browser’s address bar or the “https” prefix in the URL.
Security issues are often found, and subsequently fixed, before anyone can take advantage of them. Be sure to update your software so you too have those fixes in place.
If you’re not 100% sure of a Wi-Fi network’s security, use a VPN. There are lots to choose from.
Not only do you risk theft, but if the computer is unlocked a passerby could access important data without your knowledge.
When entering your 1Password Master Password or, indeed, any passwords, take care that nobody is watching you type. While it’s rare anyone would do so, or have the additional access required to make use of it, it’s an easy “safety first” policy to follow.
Public Wi-Fi is perfectly safe so long as you take the relevant precautions. Be mindful of the security levels employed by the connection you are using, and remember that the small takeout food place around the corner probably isn’t spending a fortune to ensure its free Wi-Fi network is as secure as can be. A common-sense approach allied with a VPN as and when required should mitigate any potential risks to your data, and thankfully more and more websites are moving to SSL-only connections in order to reduce the risk.
For the ultimate in security a VPN from a well-known and established company is hard to beat, no matter whose Wi-Fi you happen to be connected to. If you’d like to be able to connect to the internet with minimal fuss and maximum security, adding a VPN to your security arsenal is absolutely recommended.