Does Logging Into Your WordPress Dashboard from a Public Wi-Fi Pose a Website Security Risk? Unlikely, Says Wired

We’ve always been told not to use airport Wi-Fi. But do we listen? Wired magazine says ignoring the advice might be OK.

Website security ranks high up on the list of things that make for a healthy online property.

Accordingly, Valet devotes much effort to helping you keep your site as secure as possible.

Mostly, that involves looking for weaknesses that hackers could potentially use to carry out their evil plans.

But it also involves reminding you to not do things that needlessly put website security at risk.

Like using an airport’s Wi-Fi network when you need to log into your WordPress dashboard.

Or, using a hotel’s Wi-Fi for that same purpose.

Ditto a coffee shop’s online onramp.

C’mon, you know why those are a bad move, right? It’s because Wi-Fi services in those public locations are, well, public.

And using a public Wi-Fi means that anyone else using that same network can potentially see your activities. As such, when you log into your WordPress dashboard, you risk exposing your user name and password.

The result? Ten minutes after you end that public Wi-Fi session your website about antiques turns into an off-track betting parlor.

Either that or every last drop of your customer data vanishes—hoovered up for use in a million criminal ways.

Website Security Helped by HTTPS

That said, this bit of news from Wired magazine will surprise you. Perhaps shock you, even.

In a Nov. 18 article, Wired gave readers the green light to start using public Wi-Fi free of worry. Here’s the lowdown.

According to Wired, you can thank HTTPS for making it possible to log onto your website (or any other) via a public network. And to do so without fear of throwing website security out the window.

Because of HTTPS, hotel and airport Wi-Fi networks pose less of a threat to website security than they used to. The networks themselves remain as risky as ever. But not the sites you want to visit. Those configured for HTTPS now offer pretty good security.

Perhaps you recall our recent post in this space about HTTPS. Read it here if you need your memory refreshed about HTTPS or if you missed the post.

Basically, HTTPS prevents prying eyes from looking at the website pages loaded onto your screen.

Sure, they still get to see the address of those websites. But that’s about all—unless the website security protocol of the property you’re visiting doesn’t include HTTPS. In that case, anything goes.

Cybercrooks Hunting Better Prey

The Wired article made the point that public Wi-Fi networks are safer today because cybercrooks lost interest in them. More effective for victimizing you are spear phishing and cryptomining. Neither of those requires thieves to lurk around airports, hotels, and cafes.

Wired quoted a website security issues researcher named Chet Wisniewski. He said this:

“A lot of the former risks, the reasons we used to warn people, those things are gone now. I’m telling people to enjoy public Wi-Fi.

“What’s in it for the adversary? Why would you choose monkeying with the Wi-Fi at the airport or the hotel over some other attack method? When you look at the profitability and the risk, it just doesn’t make sense other than an amateur to be doing it for giggles.”

According to another website security expert, the spread of HTTPS drives hackers to adopt other theft strategies. Tod Beardsley said this to Wired:

“If you’re in the U.S., the web is pretty well encrypted. It’s unusual to go to a website that matters and it’s not HTTPS. Because of that, the threat, and really the risk, of going on even sketchy local Wi-Fi has dramatically dropped.”

To support all this, Wired trotted out some interesting statistics. The magazine reported that just 20 percent of the Top 100 websites employed HTTPS as their default position in 2016. Today, the percentage stands at 70.

Other Website Security Ideas Related to Public Wi-Fi

Wired talked about two actions you can take to further play it safe when you use a public Wi-Fi network.

First, use a virtual private network. “A VPN sends all of your traffic through an encrypted connection, meaning that the hotel or anyone else can’t see where you’ve been or what you’re doing,” Wired wrote.

Second, create a private hotspot with the aid of your Smartphone. Wired offered no tips for making that happen. But it did say your phone needed an unlimited data plan in order for the private hotspot to work.

If you care to learn more about website security, please contact Valet. Valet can help you improve your website’s security. Improving website security is the foundational step to improving website health. And website health is foundational to making your online property the success you expect it to be.