How to use hotel wifi without instantly getting all your bank accounts hacked.

wifi logo

With wifi fast becoming a standard feature at even the shittiest of hotels, it’s important to know how to keep yourself safe while surfing the Interwebs on these horribly unsecured public networks.

Being paranoid about hotel wifi—and public wifi in general—is smart because more and more criminal types are targeting unsuspecting travelers and unsophisticated hotel networks, especially around tourist attractions and hotels.

As one of my many, many fans posed the problem to me recently:

Hi, Peter. Long time listener, first time caller…I’ve been planning a really long ski trip this winter and will bring my laptop, but am really concerned about wifi security on the road. I have been reading up on using a VPN but there are so many out there—and so much jargon each time I try to study about them—that I just don’t know where to start. So what VPN do you use?

Good question, loyal reader. And I can’t believe that I haven’t addressed this issue before now (considering that I work in the tech industry in Silicon Valley).

Good ways to protect your privacy online.

Here are a few of the things that I do to increase my personal online security when I’m using public wifi anywhere in the USA or foreign countries all around the world:

  • HTTPS Everywhere — This is a browser extension that forces your browser to seek out a secure connection between your laptop and the site you’re visiting (helpful when online banking and the absolute LEAST you should do—do it now).
  • Tether your mobile phone — T-Mobile’s Simple Choice Plan gives me unlimited international data coverage in a long list of foreign countries, so I sometimes tether my iPhone to my laptop and use its cellular connection instead of public wifi.
  • Use a VPN app — I use TunnelBear, a Virtual Private Network app that lets you create a safe, secure tunnel directly to the websites you want to visit.

None of these precautions are 100% effective all the time, but they make it harder for crackers to easily steal your passwords and usernames with which they can do horrible things.

The best way to protect your privacy online.

More importantly, and as a general precaution, I also use two-factor authentication for as many accounts as possible; Google, Apple, Amazon, and all the other sites you visit—the basic idea is simple and effective:

Your identity is confirmed based on two things instead of one. To access an account, someone would need something that only you would know (your password or security question answer) along with something that only you possess (your mobile phone, usually).

When using two-factor authentication, a Russian hacker who figured out your password and security question answers would also have to have access to your mobile phone to prove that he’s you. And since he likely wouldn’t have your phone, he wouldn’t be able to. Suck it, Dmitri!

Everybody should be using two factor authentication. Sure it’s more of a pain than single-factor, but the Interwebs are a dangerous place and you gotta be safe out there. Also, maybe wear a condom—that probably couldn’t hurt either.