FAQs

There are a number of other steps you can take to reduce your risk.

At home, users should do all of the following:

• Only buy products that are Wi-Fi CERTIFIED WPA2 security
• Always enable WPA2 security for your home network. Having WPA2 in the product is not enough. The security keys must be configured on the access point/router and each client device. Security is off by default in most products. Note that using WEP security is not sufficient.
• Re-name the home network to something unique, instead of the default name. This will prevent you from inadvertently connecting to a rogue access point which is broadcasting a seemingly-familiar network name.

At Wi-Fi Hotspots, be sure to take at least one of these measures:

• Only log-in to known hotspots using an SSL (https) connection. Your browser will typically show a lock icon at the bottom of the login page when you have a secure SSL connection. To be certain of the secure connection, check the digital certificate on the login page. You can do this in Internet Explorer by selecting File: Properties: Certificates. This will show the name on the digital certificate as backed by the Certificate Authority. These are very difficult to forge.
• Use the VPN tool provided by an employer. If the employer does not provide a VPN, users can download a commercially-available VPN based on the IETF's IPSec framework - there are a number of these available online. If you cannot
  make a successful VPN connection, there is a chance you've connected to a
  rogue network. You should disable your Wi-Fi card and inform your company's IT
  staff, as well as the hotspot operator.
• Connect through a hotspot service provider that provides a list of trusted hotspots
  and a smart software client that encrypts your user information before sending it
  over the Internet.
• Look for hotspots employing WPA2 security, which has mechanisms to ensure that the network to which users connect is authentic.
• Disable your laptop's Wi-Fi card unless you are planning to use it