1. You’re fine using the WiFi in a coffee shop, hotel or airport
“Yes, it is safe,” said Chester Wisniewski, a digital security specialist with the firm Sophos.
Five or 10 years ago, it wasn’t secure to use the shared WiFi in a coffee shop or another place outside your home.
But now, most websites and apps scramble whatever you do online. That makes it tough for crooks to snoop on you when you’re connected to public WiFi.
It’s not impossible, but criminals have easier targets.
Even Wisniewski, whose job involves sensitive information, said he connected to the WiFi at the airport and hotel on a recent business trip. He plans to use the WiFi at a conference in Las Vegas attended by the world’s best computer hackers.
Wisniewski generally does not use an extra layer of security called a VPN, although your company might require it. He avoids using WiFi in China.
You should be wary of public WiFi if you know you’re a target of government surveillance or other snooping.
But you are probably not Edward Snowden or Brad Pitt. (If you are — Hi! Thank you for reading.) For nearly all of us and nearly all of the time, you can use public WiFi without stress.
My colleague Tatum Hunter tested the security of public WiFi last year. Read about what she learned.
2. Don’t worry about public phone chargers
Law enforcement has warned us for more than a decade not to plug our phones into charging stations at airports, malls and other public places.
Crooks can plant data-stealing software on phone chargers to harvest your personal information when you plug in.
If you can, it’s better to bring your personal phone charger to plug it into an outlet. If you use a public charger, it’s safer to turn off your phone.
But we should put the risk in perspective. You and I live in the real world where we cannot be on guard for every threat. If we are, we lose focus on the risks that really matter.
Security experts told me that “juice jacking” is extremely unlikely. As with digital theft over public WiFi, a thief may have to physically go to the airport or mall to sneak in a rogue USB charger.
Don’t worry about the phone chargers unless you know you’re being targeted by criminals or spies.
3. It’s safe (and better) to lock your devices with your fingerprint or face scan
I know some of you are wary of technologies like iPhone’s face-scanning Face ID or fingerprint sensors on devices. But know that these are much safer than just using a passcode to lock and unlock your device.
If you’re worried about your loved ones losing access to your phone if something happens to you, then you can share your passcode with them. That’s always a backup option even if you use face scanning or fingerprint locks.
And if your fingerprint doesn’t work right on your phone scanner, that’s fine. Just use a passcode.
If you can, though, it is more secure to use fingerprint or face scans to lock your devices.
(Not sure if you’re right to worry about a digital security or privacy risk? Let me know and I’ll answer some of your questions.)
After I recently praised QR codes, I heard from many readers who don’t trust those black-and-white squares that you scan with your phone camera to open a website.
I understand your concerns. QR codes can be annoying, including in place of physical restaurant menus.
And it’s true that when you click on a link from a QR code at your local pizza shop, the restaurant might use that digital signal to connect the dots with a pizza promotion you saw on Instagram.
But really, don’t worry about the privacy and safety of QR codes.
The pizza restaurant will try to track you whether you scan a QR code or not. Be mad about America’s out of control arms race for your personal information. QR codes are not the problem.
Use your common sense. If you see a QR code printed on the restroom stall in a dive bar, yeah, don’t point your phone and click — just as you shouldn’t click on a link that a stranger texts you.
But if it’s a QR code on a leaflet at your public library or to pay your friend on Venmo, it’s fine.
5. It’s fine to give companies your phone number for account security
Gordon Miller of New Hope, Pa., asked me if it’s safe to give his phone number to financial apps. They asked for his number to text him a numeric code to log into his account in addition to his password.
It’s a good question. Facebook and Twitter had used phone numbers that we gave them for security purposes to also help advertisers pitch us their products. And crooks can intercept texts to break into our accounts.
But I suggested that Miller hand over his phone number. If the only option is giving an app your phone number for what is called two-factor authentication account security, it’s much safer than not using two-factor authentication at all.
This two-step process for logging into your accounts might be the single best thing you can do to protect yourself online. My colleagues and I keep repeating this advice because it’s true.
Focus your energy on digital security measures that really matter
- Set strong passwords for your online accounts, and don’t use the same password more than once. This is a pain. Do it anyway.
- Say yes to software updates including on your home internet router. Wisniewski suggested setting a reminder to check for software updates for your router and other internet-connected home devices every six months when the clocks change. You’re already changing the batteries on your smoke alarms, right?!
- Be suspicious of clicking on links. That’s an easy way for hackers to go after your money or your personal information.
- Use two-factor authentication on your most important online accounts.
One more thing: We want to hear about how and why you organize your phone’s home screen. Are you an Order Muppet who organizes all your apps by color? Do you have a folder labeled “Shame” for your most embarrassing apps? Send a screen shot of your home screen to yourhelpdesk@washpost.com
I know you love interesting conversations: The Washington Post and the 19th News are collaborating on a summit about gender and technology, justice and economic mobility. My fantastic colleague Nitasha Tiku will be one of the speakers. It’s free and you can RSVP here for the discussions on May 18-20.