When it comes to connectivity, wifi is one of the most widely available ports of entry to the vast internet. A few years ago, it was the only way to wirelessly access the internet, and people with laptops were glad to have it. Coffee shops started hosting free wifi and now some restaurants feature it. In the mobile age, most phones are able to access the internet via 3G or 4G connections through their carrier, but wifi is more reliable inside a large building and it won’t cost you anything for data. So, when it comes to finding or hosting wifi, which is better: secured connections or open connections?

Connecting to Wifi

You go to your favorite coffee shop, order your preferred drink in that funny sounding size, sit at the table and take out your phone. “Wifi connections available” pops up in your notification bar. You check the connections and see “Coffee Shop” which is secured and “Free Coffee Shop Wifi” which is unsecured. You can’t get on the secured connection without the password, but there’s another one here for the same place that’s open, so you connect to that.

Unbeknownst to you, that free connection wasn’t for the coffee shop at all. It actually belongs to some shady fellow in the coffee shop hosting a mobile hotspot with the name of the coffee shop and now he has access to anything you send or receive through the wifi connection. It’s possible he could extract confidential data from you via this method or he can manipulate messages you send and receive.

This is what’s known as a man­in­the­middle attack or MITMA. This is just one of many possible scenarios from connecting to an unsecured and unfamiliar wifi point. Not long ago, there was a scare for Samsung phones that could be taken over simply by connecting to an unsecured wifi point. The hacker could view and send text messages, activate the camera and microphone, or install applications without the owner even knowing.

The best thing to do when in a location that offers wifi is to ask the venue’s staff for the SSID (Service Set Identifier; the name of the network you’re connecting to) and if it’s a secured network, ask if they’ll give you the password to connect. Not all places offer free wifi, so don’t feel like an outcast if a place doesn’t let you connect.

Hosting Wifi

When you’re hosting a wifi network, even if you’re the most honest person in the world, you want to secure it. It’s not as much for the people you’re hosting it for, it’s more for protection of your network from those outside it. If you’re hosting an unsecured wifi access point, it’s just as easy for a determined hacker to break in and find what they’re looking for.

There are some tech myths out there that supposedly help you secure your network without actually creating an encrypted connection. Hiding your SSID is one of these methods. To the average computer user, a hidden SSID won’t show up and will never be thought about. To a hacker, a hidden SSID can be found and probably means there is something valuable on the network. Other myths include filtering MAC addresses and limiting the IP pool of devices. Some users lower the broadcasting power of their routers in an attempt to make the wireless “footprint” as small as possible so it can’t be found. Unfortunately, data thieves can still find the signal with a large enough antenna, so all you’re doing is hindering legitimate users.

Simply put, the only way to secure your wifi is to encrypt it. When you encrypt a network, you are essentially scrambling all of the data that transmits over it. Without the proper key or password, this scrambled data will remain scrambled.

Types of Security Encryption

Now let’s talk encryption. Wired Equivalent Privacy (WEP) encryption was the early method of encrypting data when wireless connectivity started becoming widespread. It was great back then, but now it can easily be broken in just a few minutes. Next was Wifi Protected Access (WPA), which was fairly unsecured. WPA2 came shortly after and has been continually used for about a decade now.

Some routers feature a Wifi Protected Setup (WPS) button. This button made connecting to a secured router fairly simple without needing to remember a complicated password. Simply try connecting with your computer, then press the WPS key. It’s convenient, but still vulnerable to brute force style cyber attacks.

WPA2, being the current standard, has two types of encryption: personal (PSK or Pre­Shared Key) and enterprise (RADIUS or Remote Authentication Dial In User Server). PSK encryption is good for home use and is pretty secure, as long as you use a strong password. Avoid using passwords that can be found in a dictionary or are the names of relatives, friends, or pets. Assigning a string of random letters, capital letters, numbers, and symbols makes for a very strong password. And though “2gi)$K#dp8” might be a lot harder to remember than “Chris&Jen2002”, it will definitely be a lot more secure. RADIUS encryption is much more secure than PSK and is often used by businesses and organizations. It also requires that you have a RADIUS server or hosted service.