(MoneyWatch) COMMENTARY When you log into the Wi-Fi hotspot at your local coffee shop, your laptop is potentially an open book. That means everything you do is possibly being read, with varying degrees of ease, by a hacker sitting in the parking lot. That's not irrationally alarmist -- it's the reality of 21st century computing.
Indeed, it's surprisingly easy for anyone with moderate hacking skills and access to free software to sniff data, such as the websites you are visiting and the passwords you enter. If someone uncovers a password that admits them to corporate data, personal information, or your financial sites, Armageddon will come early for you this year.
But don't despair. Indeed, while no security is perfect, there are a few very simple things you can do to make sure that only an extremely determined hacker can breach your laptop's security. If you frequent coffee shops or anywhere that you tap into public hotspots, then you owe it to yourself to do all of these things:
1. Never lose physical custody of your laptop. This is the first and most important tip, because once someone has physical access to your computer, all bets are off. Never let your laptop out of your sight, and consider using some sort of laptop theft and alarm software just in case.
2. Run a current operating system with the latest updates. Windows XP is not a secure operating system, and if you're still using it, it's like leaving the back door to your house unlocked. In fact, apart from physically handing your computer to a thief, running an OS like Windows XP is the most dangerous thing you can do. There are lots of unpatched ways for hackers to get into your PC, and you'll never know until it's too late.
3. Run anti-virus software. I recommend Microsoft Security Essentials because it's free and highly effective.
4. Don't use the same password on all of your websites and accounts. If someone finds, cracks, spoofs, or sees your password, you've given away the single set of keys to your entire kingdom. Instead, use a password manager such as Roboform or LastPass to ensure every site you visit has a different password -- and you won't have to memorize them all.
5. When in public, only access encrypted websites (ones that start with https://). These days, virtually all professional, business, and financial sites should be secure, but any sites that you need to log into that start with http:// should wait for when you get to the office or home. Don't log into them in public over a public network.
6. Be sure you're logging into the right public network. Sometimes you might see several similar options, like "Free-Coffee-Wi-Fi" or "Coffee-Shop-Free-Wi-Fi." One of them is the shop's network -- the other one might be a hacker who has set up a "honeypot" to capture data from unsuspecting customers. If in doubt, ask someone who works there for the correct SSID (network name).
7. Make sure no one is looking over your shoulder. I try to sit with my back to the wall when I work in a coffee shop.
8. Avoid giving personal and financial information in public. Finally, be prudent. There's no reason you can't safely use your laptop on a public Wi-Fi network, but by the same token, don't take unnecessary risks. Log into Facebook or LinkedIn? Go for it. Enter your credit card to buy a pair of shoes on Zappos? Wait till you get home.