Sometimes, if you get a new device, or if you connect to a network you’ve never connected to, you can receive a message that says your Wi-Fi is not secure. Why does my wifi say not secure? Here’s why, and also why you shouldn’t ignore that message.
That message got your attention, didn’t it? It’s designed to get your attention. And it’s really easy to dismiss it as being alarmist. People have a tendency to either greatly overestimate or underestimate how much interest someone might have in attacking them. Especially if I tell you that the security that you’re getting a warning about has much more to do with privacy than it does with viruses. That message does not mean that this network is any more or less likely to infect you with a viruses.
But you need to do something about it when you see this message. First let me tell you why, then I will tell you what you need to do.
The expectation of privacy
There was a huge dust up in the early 1990s when people realized that it was possible to listen to conversations on cordless phones with a cheap scanner you could get at Radio Shack. For around $25, you could get a small battery operated device that let you listen to your neighbors phone conversations. Of course, this was a huge invasion of privacy. But it could be worse than that. It’s one thing if someone over here is a mundane phone conversation. It’s another thing if you are buying something over the phone, and giving out your credit card number.
It took a while for it to occur to anyone that a cordless phone wouldn’t have the same degree of privacy as a wired phone. So for a couple of years at least, this was something you heard about on the news any day there was a slow news day. If you didn’t have anything else to talk about, you just talked about the looming threat to your privacy that might be sitting Right on the end table next to your couch. It was a good way to get people to tune in at 11:00.
My dad steadfastly refused to talk on a cordless phone. I only saw him talk on a cordless phone once in his life. He would talk on a cellular phone, which had exactly the same problem, but for whatever reason, no one ever talked about cellular phones back then. Probably because more people had cordless phones. Cell phones were still uncommon.
Electronics companies solved the problem by encrypting the radio signal. The phone and the base station agree on a mathematical equation. The phone does some math on the signal before transmitting it, and the base station does some math to decode it before sending the audio down the phone line. The person on the receiving end can hear you just fine, but if your neighbor is listening with that $25 device from Radio Shack, all they hear is static.
Virtually any cordless phone made since the mid 1990s is encrypted, including modern DECT 6.0 phones.
What this has to do with wifi being secure
Wireless computer networking has the same problem, and the same solution. To keep other people within listening range from being able to see what you are doing on your computer, you have to encrypt the signal.
That message that your Wi-Fi is not secure means one of two things. Either the signal is not encrypted, or it is encrypted using obsolete technology.
Encryption is just math. If you can guess the equation, then you can decode the message just as easily as the recipient can. The main reason the Allies won World War II was because Alan Turing figured out how to build a computer that could decrypt German messages quickly enough that there was still time to do something about whatever the Germans were about to do.
Generally speaking, as computers get faster, the math needs to get harder. Encryption that was good enough 20 years ago might not be good enough against a fast computer of today. The faster modern computer can just try lots of combinations against the gobbledygook until it finds something that turns the gobbledygook into something recognizable.
What to do when your device says your wifi isn’t secure
What you do when your Wi-Fi isn’t secure depends on whether you are at home or someplace else.
If you are at home, you need to reconfigure your router. How you go about reconfiguring a router is more than I can explain, because there are hundreds of different routers, and you probably don’t have the same one I do. If you happen to use DD-WRT, here’s a guide for DD-WRT. In the likely event you have a different kind of router, you will need to refer to your manual, but the setting that trips up more people than anything else I’ve seen is the setting that says WPA2 AES plus TKIP. That sounds like double or maybe even triple protection, but it’s not what it sounds like it is. AES is good. It’s literally military grade. Yes, I know it’s a horrible overused term. But TKIP is obsolete. And AES plus TKIP means either, not both. Both would be fine. But TKIP on its own is not fine.
Generally speaking, if you configure your Wi-Fi to use WPA2 and AES, with a passphrase that is hard to guess, your security on your Wi-Fi is fine. A good enough password is at least 12 characters long, and should have upper and lower case letters, a number or two, and a couple of non-alphanumeric characters. Make it something that isn’t easy to guess. Your favorite Bible verse is a lousy password, because everyone always picks one of about 14 Bible verses. If I’m being generous. The real number is probably more like three.
What to do if it says your Wi-Fi isn’t secure and you’re not at home
If you are at a hotel or coffee shop, or some other Wi-Fi network out in public, and you get the message that your Wi-Fi is not secure, your options are more limited. Pick a different Wi-Fi network if you can. Sometimes people stand up rogue networks to see who will connect to them. So try the official one.
If you are using the official one and it is not secure, the best thing to do is not use it. Use your cellular network instead. Turn off the Wi-Fi on your phone if you are using your phone, or, if you were using a tablet or a computer, tether your tablet or computer to your phone and let your phone provide the Wi-Fi connection. As long as your phone has signal, it can provide a secure network connection.
One more thing
There is one more precaution you need to take. When you are doing anything on Wi-Fi, make sure you are using an HTTPS connection, not just an HTTP connection, especially if you are doing anything that requires a username and password, or anything involving a credit card number. These days, the majority of the internet uses HTTPS, even in cases where it is not super necessary, such as this website. The thing about encryption is that if even mundane communications use it, that helps to secure the less mundane. If only important communications are encrypted, they stand out, because it’s the only traffic that’s encrypted. When all of it is encrypted, then you have to decrypt all of it to figure out what’s important. And nobody’s got time for that.
So when I encrypt my drivel about encryption, I may be helping to protect someone’s credit card number. Or I might be protecting someone else’s drivel about sports. But that’s okay.