How to Secure Your Portable Wi-Fi Hotspot

Hotspots make checking email, working, and shopping easier

Your mobile hotspot device lets you take the internet with you wherever you go. You can't beat the convenience, but that convenience comes with some security concerns. Fight back by selecting strong encryption for your hotspot and protect it with a robust password that you change frequently. These and other precautions will keep your hotspot unassailable on the internet.

Mobile Hotspot Security Concerns

Whenever you connect to the internet in public, you have some risks — no matter whether you're using a laptop, phone, or tablet. When you use a mobile hotspot in public, you may encounter travelers you don't know or hackers who use your mobile internet access without your permission. If you and everyone who shares access to the internet using your mobile hotspot (including strangers) exceed the data limit in your plan, you're the one who gets the bill for the excess data usage. Avoid this scenario by bolstering the security of your mobile hotspot.

Enable Strong Encryption on Your Hotspot

Most new portable hotspots come with some security turned on by default. Usually, the manufacturer enables WPA-PSK encryption and places a sticker on the unit with the default SSID and network key that was set at the factory.

The main problem with most default portable hotspot security setups is that sometimes the default encryption strength may be set to either an outdated encryption standard, such as WEP, or it might not have the most secure form of encryption enabled, even though it is available as a configuration choice. Some manufacturers opt not to enable the latest and strongest security standard in an attempt to balance security with compatibility for older devices that might not support the latest encryption standards.

Enable WPA2 as the encryption type on your mobile hotspot. It is the most secure of the available choices for most mobile hotspot providers.

Change Your Hotspot's SSID

As another security measure, change the default SSID—the wireless hotspot's network name—to something random, avoiding dictionary words.

The reason for changing the SSID is that hackers have precomputed hash tables for the preshared keys of the 1,000 most common SSIDs against 1 million common pass-phrases. This type of hack is not limited to WEP-based networks. Hackers are using rainbow table attacks successfully against WPA and WPA2 secured networks as well.

Create a Strong Wireless Network Password (Preshared Key)

Due to the possibility of rainbow table attacks, you should make your wireless network password (known as the preshared key) as long and as random as possible. Avoid using dictionary words as they may be found in the password cracking tables used with brute-force cracking tools.

Enable Your Hotspot's Port-Filtering and Blocking Features

Some hotspots allow you to enable port filtering as a security mechanism. You can allow or prevent access to FTP, HTTP, email traffic, and other ports or services based on what you want your hotspot to be used for. For example, if you never plan on using FTP, you can disable it in the port-filtering configuration page.

Turning off unnecessary ports and services on your hotspot reduces the number of threat vectors—which are paths in and out of your network used by attackers—and reduces your security risks. A Wi-Fi app that lets you scan for open ports is a great way to instantly see if you even need to worry about open ports.

Don't Give Out Your Network Password and Change It Often

Your friends may cozy up to you so that they can borrow some of your bandwidth. You might let them on your hotspot, and they might end up being responsible about using it on a limited basis. Then there are those friends who give the network password to their cubicle-mate who decides to stream four seasons of "Breaking Bad" on Netflix, and you end up footing the bill.

If you're in doubt about who might be using your hotspot, change the network password as soon as possible.

About Smartphone Mobile Hotspots

If you don't want a standalone mobile hotspot but you have a smartphone, you have the beginnings of what you need to carry your own mobile hotspot everywhere you go. It is built into the phone; you just need to talk to your cellular provider to activate it, find out the monthly fee, and negotiate data rates (unless you have an unlimited data plan, which has become hard to find).

Most smartphone mobile hotspots support up to 10 devices at a time on a 4G or 5G connection, but confirm this with your provider. With multiple connections, you can let nearby friends and family share the mobile connection while you are using it.

Take the same security protections with your smartphone hotspot as you would with a standalone unit.

Was this page helpful?