Jump to content
  • Commercial Banner Advertisers

nothingbutquestions

Is Hotel wifi safe for internet banking?

Recommended Posts

cookie47

So, this is a Router between your laptop/ and the hotel router which adds a level of security.
Am i right.
I'm familiar with a normal home Wi-Fi router.
So plug and play after initial set up?


Sent from my Redmi Note 3 using Tapatalk

Share this post


Link to post
Share on other sites

DeedleNuts
1 hour ago, cookie47 said:

So, this is a Router between your laptop/ and the hotel router which adds a level of security.
Am i right.
I'm familiar with a normal home Wi-Fi router.
So plug and play after initial set up?


Sent from my Redmi Note 3 using Tapatalk
 

It's a multi-mode device but for the scenario in the OP, one would connect the micro-router to the hotel WiFi and then one would already presumably have the m-router AP stored in the computers and other devices that connectivity was desired for. This would NOT secure the m-router<->hotel link but most sites that matter are using https now anyway. 

  • Like 1

Share this post


Link to post
Share on other sites
cookie47
It's a multi-mode device but for the scenario in the OP, one would connect the micro-router to the hotel WiFi and then one would already presumably have the m-router AP stored in the computers and other devices that connectivity was desired for. This would NOT secure the m-routerhotel link but most sites that matter are using https now anyway. 
Thanks, I'm getting there.
We rarely stop in hotels now but i like to keep up the best i can

Sent from my Redmi Note 3 using Tapatalk

Share this post


Link to post
Share on other sites
nothingbutquestions

A big thank you to all who have shared their experience and thoughts to try and help me. I have read and reread all the posts to find the answer to my original question. What I have taken away from all this is regardless of how a traveler using a wifi connection connects to the internet whether it be an unsecured hotel wifi, a public wifi at McDonalds, a Globe Portable wifi, or a hotspot from their own phone all that matters is using a good VPN with  256 encryption and no logs, based outside the US.

Have I got it right, or did I miss something?

Share this post


Link to post
Share on other sites
DeedleNuts
50 minutes ago, nothingbutquestions said:

A big thank you to all who have shared their experience and thoughts to try and help me. I have read and reread all the posts to find the answer to my original question. What I have taken away from all this is regardless of how a traveler using a wifi connection connects to the internet whether it be an unsecured hotel wifi, a public wifi at McDonalds, a Globe Portable wifi, or a hotspot from their own phone all that matters is using a good VPN with  256 encryption and no logs, based outside the US.

Have I got it right, or did I miss something?

I wouldn't say all that matters, but that's probably sufficient, and one of the only things you can actually control. 

Share this post


Link to post
Share on other sites
Paddy

I do use hotel wifi to access online banking. I do so because the bank uses HTTPS which secures the connection between my browser and their server(s) and I do so because I am using my machine/device or another one I trust. My bank also uses 2 factor authentication - but that doesn't have any impact on whether I connect using a hotel's wifi. I also never store passwords on any machine or device I use (well I try not to - phone apps sometimes do without offering the choice) - but again this makes no difference to using hotel wifi or not. The things to consider are:

  1. Can someone else read my traffic? Yes if you are using wifi. Also yes if you are using a cabled ethernet connection but not so easily. Yes if you are using cellular data. Yes if you are using VPN. Yes if your machine / device is compromised by something like a keystroke logger.
  2. Is my traffic understandable? No if it is encrypted (perhaps yes if the reader is the NSA or similar) - provided that encryption is applied between where you type and where your traffic destination is. Yes if it isn't. If your machine/device is compromised, no amount of encryption will help.
  3. Can someone pretend to be me? Yes if they have your user ID and password. Still yes with 2 factor authentication but much more difficult because they might need your phone also.

No matter how you connect, you should assume that someone else can, if they wish, read your traffic and it's easier, for them, if you are using a wifi connection. However, reading it is one thing, understanding it is something else. You need to understand how and where encryption is applied to your traffic. You also need to ensure that your machine/device is not compromised and you do this both digitally (AV software, firewalls etc) and physically (keep your machine/device secure, don't store passwords and preferably don't use someone else's machine/device - especially public ones).

Using a VPN adds another layer of encryption to your traffic. This additional layer is applied after your browser, but before your traffic is transmitted from your machine/device and ends before your traffic arrives at your bank (unless the VPN server is actually at the bank). If the traffic between your browser/phone app and destination server is not encrypted, you have a risk that it can be understood even if you are using a VPN (albeit a very slight risk and certainly not by anyone at a hotel - unless, of course, your machine/device is compromised).

In all cases, protect your passwords, don't make them easy to guess and use two factor authentication (when it is offered). Also, only use trusted machines/devices to access sensitive applications.

 

 

  • Like 1

Share this post


Link to post
Share on other sites
DeedleNuts

Some other points:

  • Don't reuse user names unless you must.
  • Never reuse a password for anything you care about.

Many sites stupidly use your email address as your UID, so point 1 above is forced upon you, and a lot of people reuse passwords. This is one of the most common ways people end up having their account exploited. 

Applications like LastPass allow use of 2FA and will help you use secure and unique passwords every time. 

Share this post


Link to post
Share on other sites
rep1
On 5/18/2018 at 7:36 AM, nothingbutquestions said:

My previous room had an individual PLDT wifi. No longer. Now all I have available is the unsecured hotel wifi with a universal (hotel-wide) password.

Is this as safe as it is going to get for my Internet banking online?

an unsecured wifi is just as unsecured as wired network. Anyone can tap, discover where you connect to, and reroute you to a fake site or alter what you see, if that bank website is unencrypted, partially encrypted, or the certificate is broken and you'd bypass any security warning.

if you don't want any neighbors to know you're connecting to a banking site, use VPN.

Share this post


Link to post
Share on other sites
DeedleNuts
15 minutes ago, rep1 said:

an unsecured wifi ...

Now that I reread what was written, this doesn't seem to be an unsecured WiFi, if it has a password. It's a typical shared secure WiFi connection I guess. 

Share this post


Link to post
Share on other sites
DeedleNuts
2 hours ago, rep1 said:

an unsecured wifi is just as unsecured as wired network. Anyone can tap, discover where you connect to, and reroute you to a fake site or alter what you see, if that bank website is unencrypted, partially encrypted, or the certificate is broken and you'd bypass any security warning.

if you don't want any neighbors to know you're connecting to a banking site, use VPN.

Another reason to use a VPN is to vastly mitigate attacks like KRACK, where even a 'perfectly good' WPA2 connection can still allow an attacker to break into traffic. I like lots of layers in my armor. 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Commercial Banner Advertisers

  • Adsbygoogle

    Advert



  • Adsbygoogle

    Advert

×

Important Information

By using this site, you agree to our Terms of Use, Privacy Policy, Guidelines and use of We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue..