Quote:
Originally Posted by ensurconnect@gmail.com
It is never a good idea to connect to an open wifi you find even if it says McDonalds or Hilton-Guest. For a few hundred dollars a bad actor can buy a small device that advertises a fake wifi signal that you connect to. You think everything is ok because they pass you through to the real open wifi. This is called a man-in-the-middle attack. Every username and password you type in can be captured even if it is a strong password.
With Gmail, you can setup two factor authentication (2FA) which is using your password and something like a text code to your phone or better yet is an authentication app like Google Authenticator app. Without both, no one can login to your account.
All of this security is free. I know it is easier to just use just a password and usually the same password for multiple logins, but you set yourself up for a problem sometime in the future. A little inconvenience now, will save you a ton of inconvenience in the future.
|
I agree with most of your post except the bolded. If you are on a secure connection to a website via https, no one is snooping on your link even on an open wifi connection. Gmail, every bank, and in fact every real website uses security certificates.
Could they use wireshark and read the packet header to see what site the https request goes to? Sure. Not much they can do with that information. It's just encrypted garbage after that point.