FTC Says Hotel WiFi is Dangerous

The New York Times just published an article on how travelers are fed up with being charged for WiFi use when they check into hotels. More and more, travelers are seeing WiFi access as a baseline amenity, something that they shouldn’t have to pay for.

What the Times didn’t point out, however, is how insecure hotel WiFi really is. The problem is that many of us assume that if we pay for WiFi access, or if we use WiFi at a high-end hotel, then it must be secure. But that’s not the case. Earlier this year, the FTC posted an article on their website illustrating just how dangerous hotel WiFi really is.

This is an important topic because traveler’s rank WiFi access at hotels as the number one amenity that they look for when booking hotel rooms.

Why Hotel WiFi is Dangerous

The FTC’s announcement is important because many travelers assume that using a WiFi network at a hotel is the same as logging into their network at home. That’s a dangerous view, because in actuality the risks in accessing a WiFi network at a hotel are exponentially greater than those experienced at home or in an enterprise setting.

Here’s the unvarnished truth about hotel WiFi networks: they are completely unsecured. Here’s another fun fact: when hotel WiFi networks get hacked, they don’t usually find out until months after.

There are two kinds of risks you should be aware regarding hotel WiFi networks:

  • All public WiFi networks are inherently insecure. Nothing new here, as I have been saying this for years, but it bears repeating: if a WiFi network is public, that means anything you do online can be tracked and captured. And this includes almost all hotel WiFi networks.
  • Even fully wired Ethernet connections are unsafe. This means even if you are plugging your computer directly into the hotel’s network, you are still in danger of being hacked.

The truth is that it’s difficult to make public WiFi safe, and most hotels are trading security for a WiFi network that is easy to login to and provides them a steady revenue stream. These facts are reflected in the recent Marriott WiFi debacle, in which the hotel conglomerate intentionally blocked personal WiFi hotspots of all guests. The brand maintained that it was doing this to protect guest security on WiFi networks but in reality, they were looking to protect their bottom line.

No matter which hotel you stay, or whether the purpose of your trip is business or pleasure, security on WiFi is up to you.

What the FTC Says You Should Do to Protect Yourself

The FTC offers pretty good advice on what you can do to protect yourself when accessing a hotel WiFi network. Below are some of the tips they offer:

  • When you have finished using an account, be sure to log out of that account.
  • Do not use the same password for all of your accounts. It could give someone who gains access to one of your accounts access to all of them.
  • Many web browsers alert users who try to visit fraudulent websites or download malicious programs. Pay attention to these warnings, and keep your browser and security software up-to-date.
  • If you regularly need to access online accounts through public WiFi networks, you may want to use a virtual private network (VPN).

Only a VPN like PRIVATE WiFi encrypts all your Internet communication from being intercepted by others, whether on a WiFi or Ethernet network.

This is a good rule to live by: never rely on hotels (or any other WiFi provider) to protect you when you use their networks.  Never assume that any network is safe, and especially don’t assume that just because you paid for access to it.

No one else is looking out for your security when you use WiFi networks. You need to protect yourself.

So while it’s true what the New York Times says about us expecting to get WiFi access for free, what’s left unsaid is just how unsafe this access can be.