padlock

Don't expose yourself in public. We all do it: switch on a phone, laptop, or tablet and hop on to a Wi-Fi hotspot in airports, coffee shops, trains, hotels, and other public places. The problem is, those networks are open -- even if they require a login and password, you may be sharing your files or leaving doors open to data thieves. You can't secure the network, but you can raise siege walls between your private information and the barbarians. Follow these six tips to network more safely.

1. Lock down your security settings.

Go to the security and/or network settings in Windows or Mac OS X. Switch on the firewall, and switch off sharing for your files, printer, music library, and anything else you don't feel like giving your neighbors. Here are instructions for how to disable public sharing in OS X. And if you're not using the Internet, turn off Wi-Fi on your device.

2. Get a second firewall.

Though your OS probably has a built-in firewall, it doesn't hurt to get a second line of defense. Here are a few firewall options for Windows and Android, or you can get a security suite that also offers antivirus and malware protection.

Comodo Firewall for Windows
TinyWall for Windows
ZoneAlarm Free Firewall for Windows
Kaspersky Internet Security for Windows
Norton Internet Security for Windows

Android Firewall
Avast Mobile Security for Android
Lookout Mobile Security for Android

3. Browse through a VPN.

A virtual private network, or VPN, is another effective barricade. Hotspot Shield is a great option for all the major platforms, or search our library for alternative VPNs for Windows, Mac, iOS, and Android.

Hotspot Shield for Windows
Hotspot Shield for Mac
Hotspot Shield for iOS
Hotspot Shield for Android

4. Make every site an encrypted site.

As we learned the hard way with Heartbleed, even encrypted sites with OpenSSL can have vulnerable code that leaves websites and your private account information open to ransacking. However, it's still safer to browse an encrypted site than an unencrypted one. How you can tell that a site's encrypted: Your browser shows a padlock icon next to the URL, which starts with "https" rather than "http." With the Electronic Frontier Foundation's HTTPS Everywhere browser extensions, you can browse every site in a secure state.

HTTPS Everywhere for Firefox (Windows)
HTTPS Everywhere for Chrome (Windows)

5. Get a password manager.

A password manager stores all your online passwords in one app, controlled by a master password. That means you can create unique, complex, hard-to-crack passwords for each account (or let the password manager generate them for you), and you don't have to remember umpteen different logins. You also don't have to worry about other people on the network swiping your passwords. See our list of recommended password managers.

6. Use two-factor authentication.

Finally, for any website that offers it, enable two-factor authentication (aka 2FA). It's like asking for two forms of ID. You log in to Gmail with your password, for example, and then Google texts your phone a numerical code that you must enter before you can access email. You need both IDs to get in, so even if someone has stolen or figured out your password, they're locked out.

Check out CNET's FAQ on two-factor authentication, which has a sidebar with tips on setting up 2FA for specific sites, such as Google and Twitter. On your mobile phone, you can install an app like Google Authenticator or Authy for two-factor authentication.

Authy for iOS
Authy for Android
Google Authenticator for iOS
Google Authenticator for Android

All of the six methods above will make you safer on public Wi-Fi. But the best practice is good Internet hygiene. Use secure sites and networks whenever possible. Don't bank or shop on an open network. And keep your OS and all your other software up-to-date with the latest versions, patches, and service packs to spackle the security holes.


Julie is managing editor of Download.com and has been cooking up tech editorial since 1996.