Caution: Passwords on Public Computers
legacy

Caution: Passwords on Public Computers

The Risks of Public Internet

When you're traveling, you often rely on public WiFi at hostels, cafes, libraries, and internet cafes. These networks are convenient and free, but they're also security nightmares. Hackers specifically target these networks to intercept passwords, banking data, and personal information.

Public computers (in internet cafes or shared devices) add another layer of risk. Keystroke loggers, screen capture software, and malware on shared machines can steal everything you type.

Why Public WiFi Is Risky

Unencrypted networks: Most free public WiFi isn't encrypted. Anyone on the network can see what you're sending. Your passwords, emails, and banking data are readable to others.

Spoofed networks: Hackers create fake WiFi networks with names similar to real ones ("Free_WiFi" next to "FreeWiFi"). Connecting to the fake network lets them intercept all your traffic.

Malware-infected networks: Compromised routers can inject malware into your device.

Man-in-the-middle attacks: A hacker sits between you and the internet, intercepting and modifying data.

The Password Risk

Never enter passwords on public WiFi without protection. Hackers can see every keystroke if the connection is unencrypted.

Public computers are even worse. They may have:

  • Keystroke loggers: Software recording everything you type
  • Screen capture: Automatically photographing your screen
  • Malware: Programs stealing credentials and data
  • Compromised browsers: Modified to steal login information

Using a VPN While Traveling

A VPN (Virtual Private Network) encrypts your internet traffic. Hackers can't see what you're doing. Your data is secure even on unencrypted public WiFi.

How it works:

  • You connect to a VPN service
  • Your internet traffic is encrypted
  • Data passes through the VPN provider's servers
  • Your IP address is hidden; websites see the VPN provider's address
  • Hackers see encrypted data, not readable passwords or information

Best VPNs for travelers:

  • **Proton VPN**: Privacy-focused, decent speed, free option available
  • **Mullvad**: Privacy-first, open-source, no logging, affordable
  • **NordVPN**: Popular, good speed, user-friendly
  • **ExpressVPN**: Fast, reliable, higher cost
  • **Windscribe**: Good free option, reasonable paid tier

Cost: Free to $12/month depending on the service.

Important: Only use VPNs from reputable providers. Cheap or sketchy VPNs may log your data themselves.

What to Never Do on Public WiFi

  • **Don't enter banking passwords**: Never check your bank account on public WiFi without a VPN
  • **Don't access email with passwords**: Especially work or important personal email
  • **Don't make purchases**: Never shop online or enter credit card details
  • **Don't access cryptocurrency wallets**: Don't check or move crypto
  • **Don't do sensitive work**: Don't access files containing personal information

Essentially: anything requiring a password or involving sensitive information should only happen on secure networks or with a VPN.

Protecting Your Laptop While Traveling

Basic security:

  • **Keep it updated**: Install security updates immediately
  • **Use antivirus software**: Malwarebytes or similar
  • **Enable a firewall**: Windows/Mac built-in firewalls are fine
  • **Use a password manager**: Bitwarden or 1Password instead of remembering passwords
  • **Enable disk encryption**: BitLocker (Windows) or FileVault (Mac)

Advanced security:

  • **Use Linux**: If you're security-conscious, Linux offers better security than Windows
  • **Live USB**: Use a portable Linux system on a USB drive; leave no data on the device
  • **Whonix**: A virtual machine OS designed for anonymity

For most travelers, basic security (updates, firewall, antivirus) is sufficient.

Using Public Computers

If you absolutely must use a public computer:

  • **Use incognito/private browsing**: Prevents history and cookies from being saved
  • **Never save passwords**: Always manually enter them
  • **Log out completely**: Don't just close the browser tab
  • **Clear browser data**: Delete history, cookies, and cached files before leaving
  • **Disconnect from WiFi**: Don't leave connected
  • **Don't enter sensitive information**: Even with precautions, public computers are risky

Better approach: Don't use public computers for anything important. Use your own device with a VPN.

Two-Factor Authentication While Traveling

Two-factor authentication (2FA) requires a second verification step beyond your password, preventing account takeover even if your password is compromised.

Setup before traveling:

  • Enable 2FA on email, banking, and important accounts
  • Use an authenticator app (Google Authenticator, Microsoft Authenticator, Authy) instead of SMS when possible
  • Authenticator apps work offline; SMS requires cell service
  • Save backup codes in a secure location

If your phone is lost or broken while traveling, backup codes let you access your accounts.

Protecting Your Phone

Your phone is your primary internet device while traveling. Secure it:

  • **Use a strong PIN or biometric lock**: 6+ digits for PIN
  • **Enable auto-lock**: Screen locks after 5 minutes
  • **Install security apps carefully**: Only download from official app stores
  • **Update apps regularly**: Security patches are released constantly
  • **Avoid jailbreak/rooted phones**: Modification bypasses security
  • **Use a VPN on your phone**: Encrypt all your phone's internet traffic
  • **Disable auto-connect**: Don't auto-connect to WiFi networks

Connecting to WiFi Safely

If you must use public WiFi without a VPN:

  • **Turn off file sharing**: Ensure your devices aren't visible to other network users
  • **Disable Bluetooth**: Hackers can connect via Bluetooth
  • **Turn off cloud sync**: Prevent data uploads to the internet
  • **Only visit HTTPS websites**: Look for the lock icon in your browser
  • **Avoid downloads**: Downloaded files might contain malware
  • **Keep apps closed**: Close email, messaging, and social media apps

HTTPS encrypts the connection between you and the website. HTTP doesn't. Always check for HTTPS before entering any information.

What to Do If You Think You're Compromised

  • **Change passwords immediately**: From a secure network, change passwords for all important accounts
  • **Check account activity**: Look for unauthorized access or purchases
  • **Enable 2FA**: If you haven't already
  • **Monitor credit reports**: Watch for identity theft
  • **Contact your bank**: If financial accounts are involved
  • **Run a security scan**: Use Malwarebytes to scan your device

The Minimalist Security Approach

If you want the absolute minimum security setup while traveling:

  • Use a VPN on all public WiFi
  • Enable 2FA on important accounts
  • Use a password manager
  • Never check banking on public WiFi
  • Keep your device updated

This covers 90% of security risks for the average traveler.

Conclusion

Public WiFi and computers aren't inherently dangerous if you're cautious. Use a VPN, avoid entering passwords without protection, enable 2FA, and you'll be secure. Most traveler security breaches happen because of carelessness, not sophisticated hacking. Basic precautions protect you effectively.

Related Guides

IAMAT – Avoiding Medical Disasters

Adrian Cook – Round-the-World Traveler

Accommodation: Hostels & Hotels

The First-time Traveller