Traveling? Beware of Unsecured Hotel Wi-Fi Networks
Nearly every hotel nowadays offers free wi-fi, but a surprising number of them use unsecured wireless networks. Most commonly, the unsecured networks use a captive portal to access the wi-fi network, where a splash screen pops-up in a web browser window before you are granted further access to the network. Often there’s some marginal login requirement, like entering your room number, or email address. Captive portals are different from entering a wi-fi password to join the wireless network, which is necessary when joining a secured network.
But once connected, these networks are usually completely insecure, with no wi-fi security protocol in place at all. This means that any unencrypted data is transmitting openly over the wireless network potentially in plain text format, potentially revealing that data to any nefarious actors or snoopers on the network.
While it may be improbable or unlikely that someone is sniffing around the wireless network for unencrypted data, it’s still wise to proceed with caution when using any unsecured network.
How can you tell if your internet connection is unsecured or secure? The simplest way is to use a Mac, then do the following:
How to Determine if a Wi-Fi Network is Unsecured
The Wi-Fi menu will let you know if you’re on an unsecured network by having a triangle with a ! Exclamation symbol in the dropdown. You can also further confirm this by specifically looking at the security type, or lack thereof:
- Hold down the OPTION key
- Click the Wi-Fi menu bar item while continuing to hold the OPTION key
- Locate the network name you are connected to in the list, then look for “Security”
- If the ‘Security’ says “None”, the network is insecure with no encryption used
As you can see in the screenshot, this is an unsecured wi-fi network, not using any encryption type.
If the wireless network was secured, you’d see something like WPA, WPA2, WPA3, or WEP, rather than ‘None’.
So, let’s assume you’re on an unsecured network, what should you do? Here are some things to keep in mind.
Tips for Behaving on an Unsecured Wi-Fi Network
If you are on a wireless network with no network security, as is common at many hotels, you’ll want to protect yourself as best as you can. Some good advice is:
- Don’t enter any sensitive data into any website that is not HTTPS
- You may want to reconsider doing activities like online banking (online banks use HTTPS but still often better to be safe)
- Consider using a privacy-centric search engine and browser, like Brave
- Beware of unsecured communication methods, like SMS text messages (iMessages are encrypted, as are WhatsApp, Signal, Telegram, and most other messaging platforms)
This is obviously focused on the Mac and using the hidden wireless options within the Wi-Fi menu. If you’re on an iPhone or iPad, it turns out there is not any similar feature available, but you can always look for the lock icon next to the wi-fi signal strength indicator within Wi-Fi Settings, and if that lock icon is absent you can be sure the network is not secured.
If you enjoyed this tip, you may appreciate additional tips about security, where we cover a broad range of security related topics, from messaging to more.