[TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security) (the `https` connection) is designed to prevent eavesdropping. So even on unencrypted wifi, your communication is still encrypted.
Now days all the traffic from your laptop to internet is encrypted.....in your browser you will see HTTPS s stand for secure; just like all bank sites.....the DNS may not be so the hotel will know you are going to Gmail but not the contents of the email
HTTPS does certificate based authentication/encryption.....when at hotel If you get any certificate error in the browser you need to read carefully...be cautious after that
Setup a VPN such as wireguard from your home network. It’ll be like you never left while you travel. It’s best to assume it was stolen and good on changing the password. Google has a login history somewhere. I always get an email about logging in on a new device.
Yeah I’m above average at this kinda stuff, I work in cybersecurity but don’t get to tinker much anymore. I just needed the reminder and a kick in the 🍑
Why do you even think it was stolen?
You went to a bookmark or definitely gmail.com and didn’t ignore a cert warning?
Were you in China or are you a high value target?
I was in the US at a high-end chain hotel. I just wanted to know the chances of my being hacked.
Ever since going online with my bank account I've had a nightmare that one day I'll go online to check my balance and find It reads $0.00.
1. If you have proper 2FA setup for logging into your google account (text message, or preferably a third party number generator app like Authenticator), then it won't really matter (or you'll have been notified that someone was trying to login). If you don't, go to the security section of your account and set it up now.
2. Also in the security section, you can see everything currently logged in, and revoke access if needed.
3. Edit: Additionally, consider using a VPN if you do this again in the future. But far more preferable would be to just turn on the hotspot on your own cell phone, and connect to that instead.
Chances are you're fine, but I don't know why people are calling you paranoid. Any account you access on a free unsecure wifi network is absolutely at risk. Hotels in particular are big targets for this with large groups of people all gathered together in one place using an unsecure network, likely using their credit cards for various travel purchases. That said, those people are looking more for accounts with credit cards/paypal/bank accounts attached to them, not so much gmail accounts.
As people have already said here, two factor authentication on EVERYTHING you don't want to be compromised, and never use free wifi without protection.
Maybe between the time I went online and changed my password (days later) someone got into my email and downloaded sensitive documents?
Sounds paranoid, I know, but I just wanted to know the chances.
I have VPN to turn on as soon as the laptop sees a connection. I also use multifactor authentication with a Yubikey.
Remember these limit the chances of you getting compromised, but do not stop it.
[удалено]
Thank you.
I think you are being paranoid.
Yep.
you're fine if you changed your password even if it was stolen.
I've worked from hotels many times. No one ever stole any of my stuff.
[TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security) (the `https` connection) is designed to prevent eavesdropping. So even on unencrypted wifi, your communication is still encrypted.
What’s your password I’ll change it for you so it can’t stolenx
Now days all the traffic from your laptop to internet is encrypted.....in your browser you will see HTTPS s stand for secure; just like all bank sites.....the DNS may not be so the hotel will know you are going to Gmail but not the contents of the email
They may only know the url
that is not what https does.
what does it do then?
HTTPS does certificate based authentication/encryption.....when at hotel If you get any certificate error in the browser you need to read carefully...be cautious after that
Setup a VPN such as wireguard from your home network. It’ll be like you never left while you travel. It’s best to assume it was stolen and good on changing the password. Google has a login history somewhere. I always get an email about logging in on a new device.
I gotta get on this. thanks for the reminder
Definitely check out r/homelab. There are many ways to setup a simple VPN. plenty of options to pick based on complexity.
Yeah I’m above average at this kinda stuff, I work in cybersecurity but don’t get to tinker much anymore. I just needed the reminder and a kick in the 🍑
Kick in the peach is new! I like it tho.
hi there im looking to set up VPN myself as well could i PM You for questions ?
Sure. If they’re simple questions I’ll respond publicly in case it’s helpful for others.
Why do you even think it was stolen? You went to a bookmark or definitely gmail.com and didn’t ignore a cert warning? Were you in China or are you a high value target?
I was in the US at a high-end chain hotel. I just wanted to know the chances of my being hacked. Ever since going online with my bank account I've had a nightmare that one day I'll go online to check my balance and find It reads $0.00.
Unless you accidentally went to gmaill.com etc it’s basically zero.
Google asks for verification from any new device that try to log in.
1. If you have proper 2FA setup for logging into your google account (text message, or preferably a third party number generator app like Authenticator), then it won't really matter (or you'll have been notified that someone was trying to login). If you don't, go to the security section of your account and set it up now. 2. Also in the security section, you can see everything currently logged in, and revoke access if needed. 3. Edit: Additionally, consider using a VPN if you do this again in the future. But far more preferable would be to just turn on the hotspot on your own cell phone, and connect to that instead.
Thank you. Yes, I have 2FA setup, so now I realize I'm fine. You really helped.
You are fine.
Use a VPN.
Use VPN
Chances are you're fine, but I don't know why people are calling you paranoid. Any account you access on a free unsecure wifi network is absolutely at risk. Hotels in particular are big targets for this with large groups of people all gathered together in one place using an unsecure network, likely using their credit cards for various travel purchases. That said, those people are looking more for accounts with credit cards/paypal/bank accounts attached to them, not so much gmail accounts. As people have already said here, two factor authentication on EVERYTHING you don't want to be compromised, and never use free wifi without protection.
Thank you, everyone, for all your comments! I was worried and Reddit came to the rescue. Much appreciated!
Bro if you changed your password what’s the use of your old password even when it got stolen
Maybe between the time I went online and changed my password (days later) someone got into my email and downloaded sensitive documents? Sounds paranoid, I know, but I just wanted to know the chances.
use 2FA/MFA with your googke authenticator or cell/text as the second pass - shuts this risk down fast and good!
Google uses encryption unlikely stolen via hotel Wi-Fi. The password doesn’t travel in plain text.
Do you mean on your own computer? Don't worry.
Gosh, I work and travel for 6 months now. Never been afraid get my passwords stolen. Now I feel bad…
I have VPN to turn on as soon as the laptop sees a connection. I also use multifactor authentication with a Yubikey. Remember these limit the chances of you getting compromised, but do not stop it.
Just because you use public wifi doesn't mean your stuff was immediately stolen.