If you use a MacBook at cafes, hotels, airports and other places with public Wi-Fi, how do you protect it from hackers, people spying on you, malware and other threats? Here is what to do.
When using a computer in the home or office, you are surrounded by relatives or work colleagues and you are protected to a certain degree by bing on a local network that outsiders cannot access.
None of this is true when using a laptop computer at a public Wi-Fi hotspot. It is most probably safe and it is unlikely to be a problem working in public, but safety and security cannot be guaranteed. You cannot be certain that someone is not eavesdropping on network traffic at a cafe, hotel, airport and other places.
It is possible for hackers to set up fake hotspots or to intercept internet activities, connect to your computer through the network, and more.
Don’t panic! You are not likely to be sharing a coffee with a hacker on the next table, but that does not mean you can afford to be complacent. A few simple tweaks to the MacBook’s settings will make it much more secure and safe to use in public.
1 Encrypt the Mac’s drive
Laptop computers are sometimes accidentally left on trains, buses, in cafes, hotels and other places. There is also the possibility that it could be stolen. You put your laptop bag down for a moment and the next thing you know is it is missing, or you leave it in your car and it gets broken into.
Of course you are extra careful when out with your MacBook and it is unlikely that you will lose it it have it stolen, but as the saying goes, hope for the best but prepare for the worst.
If someone else got their hands on your MacBook you would not want them to be able to access the contents of the drive. A good way to ensure this is by encrypting the drive contents so that only you, with the password, can access it.
If you have not done so already, open System Preferences and click Security & Privacy. Select the FileVault tab and enable it. Bear in mind that it could take several hours to encrypt, even with an SSD, but you can continue to use the Mac while it does it. Don’t even ask about times for very old MacBooks with hard disk drives.
2 Enable the firewall
A firewall is designed to prevent access to the computer from people or software on the network you are connected to. It isn’t very likely but it is possible for hackers to hang around public Wi-Fi hotspots and see if they can access any computers or devices. Flaws in the security could then be exploited.
Go to System Preferences and click Security & Privacy. Select the Firewall tab and enable the firewall in macOS to block network attacks.
Click the Advanced button in the bottom right corner and there is an option to enable stealth mode. This prevents the Mac from responding to network activity designed to locate and identify devices and computers. It does its best to make the Mac invisible.
That should be sufficient but if you happen to be staying at a hotel where a hackers convention is being held it is possible to lock down network access even tighter. Select the option at the top to Block all incoming connections in the Advanced Firewall settings.
3 Stop sharing services
The MacBook is able to share a variety of things over a local network, including access to the drive, printers, scanners, the internet and more. It is not a good idea to use a MacBook in public with a bunch of sharing services enabled. You could use the ultimate firewall blocking setting in the last tip, or you could disable the sharing options while out and about.
Go to System Preferences and open Sharing. Turn everything off.
4 Turn off Bluetooth
Bluetooth enables devices to connect to each other over short distances and exchange information. If it is enabled, it is a temptation for a hacker or troublemaker at the Wi-Fi hotspot and you may see requests to connect or to receive files and so on. Don’t! It could be malware, a hack attack or who knows what?
Go to System Preferences, open Bluetooth and turn it off.
5 Make sure to join the right Wi-Fi
It is a fairly easy task to turn a phone or computer into a Wi-Fi hotspot. Hackers and criminals have been known to set up Wi-Fi hotspots at Wi-Fi hotspots with the same name. For example, they could create a hotspot called Starbucks inside or close to a Starbucks cafe. People might then connect to the fake hotspot instead of the real one.
All their internet activity would then flow through the hacker’s computer and could be captured and analyzed. That would be bad if you logged into sites and services, banked or shopped online.
There isn’t a anything specific that you can do to protect yourself. Just keep your wits about you and be careful what networks you connect to. If you are in any doubt, don’t connect.
6 Use a VPN
A VPN is a utility that provides an encrypted connection to the internet and it is a great way to ensure your security, privacy and safety at public Wi-Fi hotspots. If you are out with a MacBook and are at all concerned about these issues, get a VPN.
Free ones are available, like ProtonVPN, but they are often limited in some way, such as restricted performance or data limits. It’s hard to find a good free one. Go with a company you trust and know works well. There are a lot of VPNs out there and the huge choice can be confusing. I have used NordVPN and Ivacy VPN, but there are many more.
Save $$$ on a VPN with our Offers and Recommendations page.
7 Require a password
Passwords are compulsory for some features on the Apple Mac, but not for all of them. Some are optional, but they are recommended if you use your MacBook in public places. So which passwords are optional? Open System preferences and enter ‘password’ into the search box.
Disable automatic login, which logs into your account without having to enter a password. Imagine if this was not set. Someone could start your MacBook or wake it from sleep and go straight into your account.
Another essential setting is that a password is required immediately after sleep or the screen saver kicks in. If you walk away from your MacBook, you want it to be locked in case someone sits down and tries to access it. Set a short timeout for the screen saver in System Preferences > Desktop & Screen Saver > Screen saver tab > Start after. The minimum is one minute.
You may find this irritating and if the phone rings, something else interrupts you, or you just pause to think, the screen saver starts and then you have to enter the password again.
You might want to set a longer screen saver timeout, such as 5 minutes, and configure hot corners so that pushing the mouse pointer into the corner of the screen locks it. Configure this in System Preferences > Desktop & Screen Saver > Screen saver tab > Hot Corners. Select a corner and select Start Screen Saver or Put Display to Sleep.