by John Nicholas
It is easy for those of us who are “computer geeks” to forget that most other folks have no idea what we are talking about. All of these terms and all of this technology, which literally change daily, is overwhelming and confusing for most. To be honest, it is hard for those of us in the field to keep up. But we live in a digital world and that is not going to change. We are entering the third decade of the 21st century and we can no longer afford to party like it’s 1999. I hope these articles will help the less technical among us to obtain a basic grasp on this brave new world.
Since Wi-Fi is everywhere, let’s start there. What is Wi-Fi? Wi-Fi is wireless technology that uses radio waves to provide high-speed access to the internet and computer networks. For those of us who were raised on radio, it is a similar idea. However, with radio and television we could only receive, and with Wi-Fi we are both receiving and transmitting. Cellular technology — which is what powers the data plans on our phones — works the same way.
Nearly everywhere we go today, we see a Wi-Fi connection begging us to join it. The lure of free access to the Internet is a temptation we cannot refuse. Not all Wi-Fi, free or not, is created equal. There are some Wi-Fi basics that we can use to protect ourselves from all of the dangers that exist today, such as identity theft, hacking bank accounts, and spying on our digital conversations — and that doesn’t even scratch the surface. The wolf is always outside the door.
Let’s start with some basic terms. Our phones are all transmitting data all of the time. Sometimes that data contains personal information that a criminal can use to harm us, financially or otherwise. One of the best ways to protect yourself is to encrypt your data. Think of encryption like the “Little Orphan Annie Decoder Ring” in A Christmas Story — the letters are scrambled in such a way that only someone who knows the secret code can read the message.
When you get the warning that this Wi-Fi network or this website is unsecured, your data is being transmitted in plain text or clear text. That means if someone captures your data — which is very easy to do — they can read your username, password, social security number, bank info, et cetera, in plain text, just as easily as you are reading this right now.
A Wi-Fi network that uses encryption will usually require you to enter a password. A website that is encrypted will use HTTPS — HTTP is how websites transmit data, the S on the end means “secure” — and most browsers (Chrome, Firefox, and Safari, for example) will put a little lock next to the name of the site at the top of the screen. We will cover browser security, including a description of HTTPS in a future article.
The same goes for connecting to Wi-Fi. There are built-in standards to encrypt your data from your device to the Wi-Fi access point. You have seen them before: WEP, WPA, WPA2, all of those “I don’t know what these are and I don’t know which one to choose” things you see when you pull your home Wi-Fi router out of the box and try to set it up. These are different encryption standards for wireless routers. Of the three, WPA2 is the strongest.
When you do set it up on your home network, do not use an easy-to-guess password. Use a passphrase or a part of a sentence, like your favorite Bible quote or book passage. If you use a password, make it no less than 20 characters — yes, 20 — using uppercase, lowercase, numbers and special characters. For example: Four score and seven years ago today, could be 4#and SevenY3arsA9o2day. (Don’t use that one now, it is public). This is true for ALL of your passwords everywhere. A password manager will help organize and protect your passwords. Many IT professionals use LastPass or Norton Password manager, but there are many options available.
Finally, turn off the “auto-join networks” setting on all of your devices. Use “ask to join networks” instead. This will slow you down some, but you will know which network you are joining and whether or not it is secure.
That is a lot to think about for now. Next time we will talk about ways to protect yourself from unencrypted data using a Virtual Private Network (VPN). In the meantime, use the tips above to start protecting yourself, and if you have a topic you’d like to see if a future article, please contact me at email@example.com.
Dr. John B. Nicholas is a Professor of Computer Informations Systems and Co-Founder of the Cybersecurity Degree Track at The University of Akron. Dr. Nicholas has over 30 years experience in the technology field in both the private sector and higher education.