How Can I Protect My Online Accounts At Internet Cafes When Traveling?

• 13 years ago

That’s a question I hear often and there’s lot of confusion on how to keep your email and other online accounts safe. Whether you’re in an Internet cafe to make use of a desktop or simply paying for some quality wifi, there are a few ways you can stay safe in unfamiliar digital territory.

Scoping The Landscape: The Basics

Basically there are two points of vulnerability you need to be concerned about at Internet cafes. One is the computer you’re using and the network you’re on. If you happen to be on your own iPad, laptop, or other mobile device, you mostly need to worry about the network, so skip right along to the next section. Everyone else, stay with me so we can make that Internet cafe computer a bit safer.

Add Layers Of Protection With A USB Stick

Keep in mind you’re in unfamiliar territory and security is never absolute. That said, the most secure way to go at an Internet cafe is to bring along your own USB drive to create a little quarantine for your browsing. You can carry around your own virtual computer on a USB drive using PendriveLinux (here’s how) which gives you an entire operating system you know hasn’t been tampered with.

• Tweaking Firefox – Say you’re not going to go the extra step and plug Linux onto a USB drive, you can simply load Portable Firefox instead (with HTTPS Everywhere – here’s how to set it up).
• Click And Paste Passwords – Along with Portable Firefox, use KeePassX to store your passwords and copy-paste them for your online accounts. By avoiding typing them, you work around ‘keystroke loggers’ which are nasty little programs that record everything that’s typed on a a computer.
• Load SafeKeys – This program creates a virtual keyboard you can use to type passwords with so you don’t have to use the keyboard for logins.
• Logout From Your Accounts – I know you can’t wait explore Berlin but be sure to log out of your online accounts first and have the courtesy to do so for others who may have forgotten.

Don’t have a USB drive handy?

You can still cover your tracks with the Firefox installed on the computer you’re using with Private Browsing mode. As Mozilla clearly points out, it won’t protect you from keystroke loggers but will make sure you don’t leave behind any passwords, user names, or cookies behind. Another crude, but effective way to copy-paste passwords is to type a string of random characters in Notepad (or equivalent); then select the characters you need individually. For example: 3wivfjL9O5VdjEwMYdsDqqo54aq!$G  = (iLOVEMYDoG)

While we’re at it, remember that USB drives have a habit of getting lost. Some basic encryption can go a long way to protecting the data on those drives if they’re lost or stolen. Several drives come with encryption built-in like the IronKey S200, Corsair Flash Padlock, or the Patriot BOLT. Of course, there’s always the do-it-yourself free method of encrypting any old drive with TrueCrypt (here’s how).

• Finally, it’s worth mentioning that many banks like HSBC and online services like Paypal offer hardware tokens for a few dollars or in some cases free. (They’re not usually advertised well so call and ask your bank.) These small devices generate a random series of digits every minute or two, required with your password to login online.

In effect, they make your passwords useless without the device; that is unless you use the same password for all your online accounts – a common traveler tech mistake.

Surfing The Waves Of An Unsecured Network

There’s a bit of a misunderstanding about wireless networks, the main one being that ‘secured’ connections are always secure. Any network, wired, wireless, with or without passwords is only as secure as the people and programs who are and have been on it – relying heavily on what security measures exactly are in place. A wireless password helps keep people out but in an Internet cafe everyone has the password.

• On Your Own Device? Turn off file sharing and make sure your firewall is up and running. (How to check on Mac OS X and Windows.) Another good step is to make your laptop hidden on the network – both Windows and Mac OS X make this easy.

• Use A VPN – Business travelers you company network might have a VPN you can use (or at least request from you IT department). Otherwise if you’ve got a computer at home you can turn your desktop into a personal proxy for free or use on of these online VPN services.

• Verify The WiFi Network – Don’t just connect to any old open wireless network floating around the Internet cafe, confirm the establishment’s connection with staff.

I can’t stress enough how important it is to have separate passwords for every single one of your online accounts. That helps minimize the damage a bad hacker can do if they happen to get a hold of one.

• Type In URLs Directly – With the huge caveat that you know exactly what they are. Start off with https:// and go to Amazon.com or whatever from there. (Remember https – with the “S”.) It’s not perfect but better than letting the browser guess the link for you. Type it out completely!
• Limit What You Access – Don’t go into all of your sensitive online accounts when you sit down at an Internet cafe; check what you need to.
• When In Doubt, Don’t – Familiar websites that don’t quite look right, links in emails, and other pop up ads should be avoided. Questionable content or fake versions of popular websites designed to steal you logins are common online tricks so if things don’t feel or look right…don’t take chances.

Digitally Insulate Yourself At Each Level

Security is never perfect and this post is really only the beginning – there are far more complex and varied tactics you could use in Internet cafes. That said, your best protection is insulation against the most common threats. Separate your online accounts and cover your tracks so once you leave that Internet cafe, it’s like you were never there.

[photos by: jared (Internet cafe fish eye view), whl.travel (surfing Isla Grande Panama)]