First the FCC slapped Marriott International with a $600K fine for Wi-Fi blocking and issued a follow-up enforcement warning to the masses. Now the FTC has issued a hotel Wi-Fi warning of its own.
This one, however, is aimed more at would-be Wi-Fi users rather than establishments offering or blocking Wi-Fi access. The warning begins:
When you travel, have you used your hotel's Wi-Fi -- maybe to pay a few bills or catch up on a report you need to read? You may want to think twice before logging in to accounts over hotel Wi-Fi. Hackers are using security vulnerabilities in hotel Wi-Fi to steal people's passwords and other sensitive information.
From there, the FTC goes on to explain that users can unwittingly load software from compromised hotel Wi-Fi networks that can result in a damaged network device or stolen data.
The FTC doles out the following basic but sound advice:
- When using a public Wi-Fi network, log in or send personal information only to websites you know are fully encrypted. Look for https in the web address -- the "s" stand for secure.
- When you've finished using an account, log out.
- Do not use the same password on different websites.
- Pay attention to warnings from your web browser about sketchy websites.
- Some Wi-Fi networks use encryption: WPA2 is the strongest.
- If you regularly need to access online accounts through public Wi-Fi networks, you may want to use a virtual private network (VPN).
- Installing browser add-ons or plug-ins can help. For example, Force-TLS and HTTPS-Everywhere are free Firefox add-ons that force the browser to use encryption, if available, on popular websites that don't normally encrypt.