Portable hotspots have become a must-have for business travelers and others who want internet connectivity on-the-go on multiple devices. Most mobile hotspots support up to 5 devices at a time, allowing nearby friends and family to share your mobile connection as well.
Unfortunately, you may encounter traveling Wi-Fi freeloaders and hackers who want to get mobile internet access on your dime.
Wi-Fi freeloaders might not pose a problem on your home network (other than slowing you down) since you likely have no imposed Gigabyte limit from your home ISP.
With a mobile hotspot, things are different. Unless you have a mobile hotspot with an unlimited data plan (which are now an endangered species), you probably want to do everything you can to conserve the precious mobile bandwidth you're paying big bucks for. You don't want to end up paying data overages for bandwidth that someone stole from you.
What can you do to protect your mobile hotspot from hackers and freeloaders?
1. Enable strong encryption on your hotspot
Most newer portable hotspots come with some security turned on by default. This is a good thing as it ensures that the manufacturer at least provides some form of out-of-the-box security protection. Usually the manufacturer enables WPA-PSK encryption and places a sticker on the unit with the default SSID and network key that was set at the factory.
The main problem with most default portable hotspot security setups is that sometimes the default encryption strength may be set to either an outdated encryption standard, such as WEP, or it might not have the most secure form of encryption enabled, even though it is available as a configuration choice. Some manufacturers opt not to enable the latest and strongest security standard in an attempt to balance security with compatibility for older devices that might not support the latest encryption standards.
You should enable WPA2 as the encryption type as it is currently (at the time this article was published) the most secure of the available choices for most mobile hotspot providers.
2. Change your hotspot's SSID
Another security measure you might consider is changing the default SSID (wireless hotspot's network name) to something random, avoiding dictionary words.
The reason for changing the SSID is because hackers have precomputed hash tables for the pre-shared keys of the top 1000 most common SSIDs against 1 million common pass-phrases. This type of hack is not limited to WEP-based networks, hackers are using rainbow table attacks successfully against WPA and WPA2 secured networks as well.
3. Create a strong wireless network password (Pre-shared Key)
Due to the possibility of rainbow table-based attacks, as mentioned above, you should make your wireless network password (known as the pre-shared key) as long and as random as possible. Avoid using dictionary words as they may be found in the password cracking tables used with brute-force cracking tools.
4. Consider enabling your hotspot's port filtering / blocking features
Some hotspots, such as the Verizon MiFi 2200, allow you to enable port filtering as a security mechanism. You can allow or prevent access to FTP, HTTP, e-mail traffic, and other ports / services based on what you want your hotspot to be used for. For example, if you never plan on using FTP, you can disable it in the port filtering configuration page.
Turning off unnecessary ports and services on your hotspot helps to reduce the number of threat vectors, (paths in and out of your network used by attackers) which helps to reduce your security risks.
5. Don't give out your network password to anyone and change it often
Your friends may cozy up to you so they can borrow some of your bandwidth. You might let them on your hotspot and they might end up being very responsible about using it on a limited basis. Then there are the 'friends' who might also give the network password out to their cubicle-mate who might decide to stream four seasons of Breaking Bad using Netflix and you might end up eating s few hundred dollars in data overages for the month.
If you're in doubt over who might be using your hotspot, change the network password as soon as possible.