Wi-Fi networks and Bluetooth connections can be vulnerable points of access for data or identity theft.  Fortunately, there are many ways to decrease your chances of becoming a victim.

Encryption is the best way to keep your personal data safe. It works by scrambling the data in a message so that only the intended recipients can read it.  When the address of a website you're visiting starts with "https" instead of "http," that indicates encryption is taking place between your browser and site.

The two most common types of encryption are Wired Equivalent Privacy (WEP), and Wi-Fi Protected Access (WPA). The strongest one commonly available is WPA2, so use that if you have the option. Home Wi-Fi systems and public Wi-Fi access points, or "hotspots," usually will inform you of the encryption they use.

Public Wi-Fi Access

Public Wi-Fi Access

Consumer Alert: WPA2

The US Computer Emergency Readiness Team (US-CERT) recently announced a critical vulnerability in the Wi-Fi Protected Access II (WPA2) security protocol for wireless Internet connections. This vulnerability could allow hackers to inspect and manipulate confidential network traffic, like encrypted passwords. US-CERT recommends installing security updates to affected products and wireless networking hosts. For information about thisvulnerability and related resources from affected vendors, please visit US-CERT's vulnerability notice page at www.kb.cert.org/vuls/id/228519.

Many Wi-Fi users prefer choose to use public networks instead of their devices' data plans for accessing the internet remotely. But the convenience of public Wi-Fi can be risky.  If you're not careful, hackers may quickly access your connection and compromise sensitive information stored on your device and in online accounts. Here are some steps you can take to minimize the risk: 

  • Check the validity of available Wi-Fi hotspots. If more than one hotspot appears claiming to belong to an establishment that you're in, check with the staff to avoid connecting to an imposter hotspot.
  • Make sure all websites you exchange information with have "https" at the beginning of the web address. If so, your transmitted data will be encrypted.
  • Install an app add-on that forces your web browsers to use encryption when connecting to websites -- even well-known sites that may not normally encrypt their communications.
  • Adjust your smartphone's settings so it does not automatically connect to nearby Wi-Fi networks. This gives you more control over where and when you connect.
  • If you use public Wi-Fi hotspots on a regular basis, consider using a virtual private network, which will encrypt all transmissions between your device and the internet. Many companies offer VPNs to their employees for work purposes, and individuals may subscribe to VPNs on their own.
  • When transmitting sensitive information, using your cellphone data plan instead of Wi-Fi may be more secure.

Bluetooth Security

Bluetooth Security

Bluetooth connections to your mobile devices can be used to connect to wireless headsets, transfer files, and enable hands-free calling while you drive, among other things.  Most of the time, a user must allow a Bluetooth connection to occur before data is shared - a process called "pairing" - which provides a measure of data security.  But just like Wi-Fi connections, Bluetooth can put your personal data at risk if you are not careful.  Here are some steps you may wish to take when using Bluetooth:

  • Turn Bluetooth off when not in use.  Keeping it active enables hackers to discover what other devices you connected to before, spoof one of those devices, and gain access to your device.
  • If you connect your mobile phone to a rental car, the phone's data may get shared with the car.  Be sure to unpair your phone from the car and clear any personal data from the car before you return it.  Take the same steps when selling a car that has Bluetooth.
  • Use Bluetooth in "hidden" mode rather than "discoverable" mode.  This prevents other unknown devices from finding your Bluetooth connection.

Home Wireless Network Security

Home Wireless Network Security

Home wireless networks enable computers and mobile devices to share one broadband connection to the internet without having to use up minutes on cellular data plans. But like all other wireless network technologies, home wireless networks present vulnerabilities that could be exploited by hackers. To help protect your home wireless network from unwanted users, consider the following steps:

  • Turn on encryption. Wireless routers often come out of the box with the encryption feature disabled, so be sure it is enabled soon after the router is installed. 
  • Change the network's default network name, also known as its service set identifier or "SSID."  When a computer with a wireless connection searches for and displays the wireless networks nearby, it lists each network that publicly broadcasts its SSID. Manufacturers usually give all of their wireless routers a default SSID, which is often the company's name. For additional security, choose a unique and hard to guess name as your SSID.
  • Change the network's default password. Most wireless routers come with preset passwords for administering a device's settings (this is different from the password used to access the wireless network itself). Unauthorized users may be familiar with the default passwords, so it is important to change the router device's password as soon as it is installed. Longer passwords made up of a combination of letters, numbers and symbols are more secure.
  • Consider using the Media Access Control, or "MAC," address filter in your wireless router.  Every device that can connect to a Wi-Fi network has a unique ID called the "physical address" or "MAC" address. Wireless routers can screen the MAC addresses of all devices that connect to them, and users can set their wireless network to accept connections only from devices with MAC addresses that the router will recognize. To create another obstacle to unauthorized access, consider activating your wireless router's MAC address filter to include your devices only.
  • Turn off your wireless router when it will not be in use for any extended period of time.
  • Use anti-virus and anti-spyware software on your computer, and use similar apps on your devices that access your wireless network.

Passwords

Passwords

Remembering all of your assorted passwords can be a pain. Web browsers and other programs may offer to remember passwords for you, which can be a significant timesaver. However, certain password shortcuts can leave you less safe secure. The following best practices may help keep your personal information safer:

  • Don't use the same password for multiple accounts, especially for the most sensitive ones, such as bank accounts, credit cards, legal or tax records and files containing medical information.  Otherwise, someone with access to one of your accounts may end up with access to many others.
  • Don't have your web browser remember passwords and addt them for you, particularly for your most important financial, legal and medical accounts. If an unauthorized person gains access to your computer or smartphone, they could access any account that your browser automatically logs into.
  • Don't use passwords that can be easily guessed, such as common words and birthdays of family members. Instead, use a combination of letters, numbers and symbols. The longer and stronger the password, the safer your information.

 

File a Complaint with the FCC

 

Visit our Consumer Complaint Center at consumercomplaints.fcc.gov to file a complaint or tell us your story.

Request Alternate Format

To request this article in an alternate format - braille, large print, Word or text document or audio - email or write the address or call the phone number at the bottom of this page.

Consumer Help Center

Learn about consumer issues - visit the FCC's Consumer Help Center at www.fcc.gov/consumers.

 

Date Last Updated/Reviewed: 
Friday, October 20, 2017