How to connect to public WiFi












23















In hotels or at airports, connection to the public WiFi requires you to start a browser session, which is then redirected to some log-in page. Due to security concerns, browsers now pop up warnings about such redirection, and if you're on a company laptop, you may not be able to proceed. Also, any HTTPS site won't allow redirect in the first place, and more and more websites start implementing HTTPS.



Is there a reliable way to get to the login page for a public WiFi network that doesn't require hoping you know a site that's still on HTTP, or even better, that won't be blocked by overzealous company security?










share|improve this question


















  • 4





    Browsers often have some built-in http url that they try to load to see if they get redirected to a login page. Firefox has detectportal.firefox.com/success.txt

    – Nate Eldredge
    Nov 18 '18 at 15:32






  • 4





    Much of this seems like it's something you have to take up with your company's IT department.

    – Nate Eldredge
    Nov 18 '18 at 15:33











  • I'd go in the other direction and not use it. Such kind of Wifi is a great way to get the computer taken over by someone. The warnings are there for a reason.

    – deviantfan
    Nov 18 '18 at 16:08






  • 1





    Take a HTTP-only site and bookmark it?

    – Federico Poloni
    Nov 18 '18 at 16:18






  • 7





    This isn't a travel question. How many corporate laptops are set up is there's a VPN client that automatically connects and always tunnels 100% of traffic back to the company. New clients detect captive portals and handle appropriately. Old or misconfigured clients don't, in which the answer is too bad, its working as designed.

    – user71659
    Nov 18 '18 at 19:03
















23















In hotels or at airports, connection to the public WiFi requires you to start a browser session, which is then redirected to some log-in page. Due to security concerns, browsers now pop up warnings about such redirection, and if you're on a company laptop, you may not be able to proceed. Also, any HTTPS site won't allow redirect in the first place, and more and more websites start implementing HTTPS.



Is there a reliable way to get to the login page for a public WiFi network that doesn't require hoping you know a site that's still on HTTP, or even better, that won't be blocked by overzealous company security?










share|improve this question


















  • 4





    Browsers often have some built-in http url that they try to load to see if they get redirected to a login page. Firefox has detectportal.firefox.com/success.txt

    – Nate Eldredge
    Nov 18 '18 at 15:32






  • 4





    Much of this seems like it's something you have to take up with your company's IT department.

    – Nate Eldredge
    Nov 18 '18 at 15:33











  • I'd go in the other direction and not use it. Such kind of Wifi is a great way to get the computer taken over by someone. The warnings are there for a reason.

    – deviantfan
    Nov 18 '18 at 16:08






  • 1





    Take a HTTP-only site and bookmark it?

    – Federico Poloni
    Nov 18 '18 at 16:18






  • 7





    This isn't a travel question. How many corporate laptops are set up is there's a VPN client that automatically connects and always tunnels 100% of traffic back to the company. New clients detect captive portals and handle appropriately. Old or misconfigured clients don't, in which the answer is too bad, its working as designed.

    – user71659
    Nov 18 '18 at 19:03














23












23








23


4






In hotels or at airports, connection to the public WiFi requires you to start a browser session, which is then redirected to some log-in page. Due to security concerns, browsers now pop up warnings about such redirection, and if you're on a company laptop, you may not be able to proceed. Also, any HTTPS site won't allow redirect in the first place, and more and more websites start implementing HTTPS.



Is there a reliable way to get to the login page for a public WiFi network that doesn't require hoping you know a site that's still on HTTP, or even better, that won't be blocked by overzealous company security?










share|improve this question














In hotels or at airports, connection to the public WiFi requires you to start a browser session, which is then redirected to some log-in page. Due to security concerns, browsers now pop up warnings about such redirection, and if you're on a company laptop, you may not be able to proceed. Also, any HTTPS site won't allow redirect in the first place, and more and more websites start implementing HTTPS.



Is there a reliable way to get to the login page for a public WiFi network that doesn't require hoping you know a site that's still on HTTP, or even better, that won't be blocked by overzealous company security?







wifi






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Nov 18 '18 at 15:16









JonasJonas

6,3463152




6,3463152








  • 4





    Browsers often have some built-in http url that they try to load to see if they get redirected to a login page. Firefox has detectportal.firefox.com/success.txt

    – Nate Eldredge
    Nov 18 '18 at 15:32






  • 4





    Much of this seems like it's something you have to take up with your company's IT department.

    – Nate Eldredge
    Nov 18 '18 at 15:33











  • I'd go in the other direction and not use it. Such kind of Wifi is a great way to get the computer taken over by someone. The warnings are there for a reason.

    – deviantfan
    Nov 18 '18 at 16:08






  • 1





    Take a HTTP-only site and bookmark it?

    – Federico Poloni
    Nov 18 '18 at 16:18






  • 7





    This isn't a travel question. How many corporate laptops are set up is there's a VPN client that automatically connects and always tunnels 100% of traffic back to the company. New clients detect captive portals and handle appropriately. Old or misconfigured clients don't, in which the answer is too bad, its working as designed.

    – user71659
    Nov 18 '18 at 19:03














  • 4





    Browsers often have some built-in http url that they try to load to see if they get redirected to a login page. Firefox has detectportal.firefox.com/success.txt

    – Nate Eldredge
    Nov 18 '18 at 15:32






  • 4





    Much of this seems like it's something you have to take up with your company's IT department.

    – Nate Eldredge
    Nov 18 '18 at 15:33











  • I'd go in the other direction and not use it. Such kind of Wifi is a great way to get the computer taken over by someone. The warnings are there for a reason.

    – deviantfan
    Nov 18 '18 at 16:08






  • 1





    Take a HTTP-only site and bookmark it?

    – Federico Poloni
    Nov 18 '18 at 16:18






  • 7





    This isn't a travel question. How many corporate laptops are set up is there's a VPN client that automatically connects and always tunnels 100% of traffic back to the company. New clients detect captive portals and handle appropriately. Old or misconfigured clients don't, in which the answer is too bad, its working as designed.

    – user71659
    Nov 18 '18 at 19:03








4




4





Browsers often have some built-in http url that they try to load to see if they get redirected to a login page. Firefox has detectportal.firefox.com/success.txt

– Nate Eldredge
Nov 18 '18 at 15:32





Browsers often have some built-in http url that they try to load to see if they get redirected to a login page. Firefox has detectportal.firefox.com/success.txt

– Nate Eldredge
Nov 18 '18 at 15:32




4




4





Much of this seems like it's something you have to take up with your company's IT department.

– Nate Eldredge
Nov 18 '18 at 15:33





Much of this seems like it's something you have to take up with your company's IT department.

– Nate Eldredge
Nov 18 '18 at 15:33













I'd go in the other direction and not use it. Such kind of Wifi is a great way to get the computer taken over by someone. The warnings are there for a reason.

– deviantfan
Nov 18 '18 at 16:08





I'd go in the other direction and not use it. Such kind of Wifi is a great way to get the computer taken over by someone. The warnings are there for a reason.

– deviantfan
Nov 18 '18 at 16:08




1




1





Take a HTTP-only site and bookmark it?

– Federico Poloni
Nov 18 '18 at 16:18





Take a HTTP-only site and bookmark it?

– Federico Poloni
Nov 18 '18 at 16:18




7




7





This isn't a travel question. How many corporate laptops are set up is there's a VPN client that automatically connects and always tunnels 100% of traffic back to the company. New clients detect captive portals and handle appropriately. Old or misconfigured clients don't, in which the answer is too bad, its working as designed.

– user71659
Nov 18 '18 at 19:03





This isn't a travel question. How many corporate laptops are set up is there's a VPN client that automatically connects and always tunnels 100% of traffic back to the company. New clients detect captive portals and handle appropriately. Old or misconfigured clients don't, in which the answer is too bad, its working as designed.

– user71659
Nov 18 '18 at 19:03










1 Answer
1






active

oldest

votes


















28
















  1. Your device may support this automatically - Particularly for Android, but probably also for several other systems, you may see a notification to "sign into the network" or similar. Click or tap it, and your device will open a web browser. Surprisingly, this even works with some non-web devices such as the Nintendo Switch (which does not have a "regular" web browser at all).


  2. If not, use a non-HTTPS website, such as http://www.example.com or http://neverssl.com/. example.com is particularly safe for this purpose because it is owned and operated by IANA and its domain is permanently reserved for use in software documentation. Chrome will also send requests to http://google.com/generate_204 over HTTP notwithstanding the use of HSTS (note that if your internet is working correctly, that URL will not cause a page to load, because Google responds with HTTP 204 No Content).


Finally, as some people have mentioned in the comments, you should be careful about trusting open networks. Once you have signed in, don't do anything sensitive unless the entire site uses HTTPS. People can steal your session cookies even if your username and password were encrypted, so just having HTTPS on the login page is inadequate.






share|improve this answer



















  • 17





    @deviantfan: If you know of a way to forcibly download and install malware without the user's consent, please report it to the developers of the browser(s) concerned. It is a security bug and must be seriously investigated.

    – Kevin
    Nov 18 '18 at 17:19






  • 11





    @wizzwizz4 no. A drive by infection that worked against any win10 machine with Office installed would be big headlines.

    – vidarlo
    Nov 18 '18 at 18:35






  • 1





    @Kevin: Thanks - the question was prompted by my go-to site going https. Good to know that www.example.com will stick around.

    – Jonas
    Nov 18 '18 at 19:41






  • 4





    Oh, please do publish how edge can cause an bsod...

    – vidarlo
    Nov 18 '18 at 20:52






  • 9





    Please, don't spread FUD in the comments section.

    – Burhan Khalid
    Nov 19 '18 at 4:57











Your Answer








StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "273"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2ftravel.stackexchange.com%2fquestions%2f125926%2fhow-to-connect-to-public-wifi%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes









28
















  1. Your device may support this automatically - Particularly for Android, but probably also for several other systems, you may see a notification to "sign into the network" or similar. Click or tap it, and your device will open a web browser. Surprisingly, this even works with some non-web devices such as the Nintendo Switch (which does not have a "regular" web browser at all).


  2. If not, use a non-HTTPS website, such as http://www.example.com or http://neverssl.com/. example.com is particularly safe for this purpose because it is owned and operated by IANA and its domain is permanently reserved for use in software documentation. Chrome will also send requests to http://google.com/generate_204 over HTTP notwithstanding the use of HSTS (note that if your internet is working correctly, that URL will not cause a page to load, because Google responds with HTTP 204 No Content).


Finally, as some people have mentioned in the comments, you should be careful about trusting open networks. Once you have signed in, don't do anything sensitive unless the entire site uses HTTPS. People can steal your session cookies even if your username and password were encrypted, so just having HTTPS on the login page is inadequate.






share|improve this answer



















  • 17





    @deviantfan: If you know of a way to forcibly download and install malware without the user's consent, please report it to the developers of the browser(s) concerned. It is a security bug and must be seriously investigated.

    – Kevin
    Nov 18 '18 at 17:19






  • 11





    @wizzwizz4 no. A drive by infection that worked against any win10 machine with Office installed would be big headlines.

    – vidarlo
    Nov 18 '18 at 18:35






  • 1





    @Kevin: Thanks - the question was prompted by my go-to site going https. Good to know that www.example.com will stick around.

    – Jonas
    Nov 18 '18 at 19:41






  • 4





    Oh, please do publish how edge can cause an bsod...

    – vidarlo
    Nov 18 '18 at 20:52






  • 9





    Please, don't spread FUD in the comments section.

    – Burhan Khalid
    Nov 19 '18 at 4:57
















28
















  1. Your device may support this automatically - Particularly for Android, but probably also for several other systems, you may see a notification to "sign into the network" or similar. Click or tap it, and your device will open a web browser. Surprisingly, this even works with some non-web devices such as the Nintendo Switch (which does not have a "regular" web browser at all).


  2. If not, use a non-HTTPS website, such as http://www.example.com or http://neverssl.com/. example.com is particularly safe for this purpose because it is owned and operated by IANA and its domain is permanently reserved for use in software documentation. Chrome will also send requests to http://google.com/generate_204 over HTTP notwithstanding the use of HSTS (note that if your internet is working correctly, that URL will not cause a page to load, because Google responds with HTTP 204 No Content).


Finally, as some people have mentioned in the comments, you should be careful about trusting open networks. Once you have signed in, don't do anything sensitive unless the entire site uses HTTPS. People can steal your session cookies even if your username and password were encrypted, so just having HTTPS on the login page is inadequate.






share|improve this answer



















  • 17





    @deviantfan: If you know of a way to forcibly download and install malware without the user's consent, please report it to the developers of the browser(s) concerned. It is a security bug and must be seriously investigated.

    – Kevin
    Nov 18 '18 at 17:19






  • 11





    @wizzwizz4 no. A drive by infection that worked against any win10 machine with Office installed would be big headlines.

    – vidarlo
    Nov 18 '18 at 18:35






  • 1





    @Kevin: Thanks - the question was prompted by my go-to site going https. Good to know that www.example.com will stick around.

    – Jonas
    Nov 18 '18 at 19:41






  • 4





    Oh, please do publish how edge can cause an bsod...

    – vidarlo
    Nov 18 '18 at 20:52






  • 9





    Please, don't spread FUD in the comments section.

    – Burhan Khalid
    Nov 19 '18 at 4:57














28












28








28









  1. Your device may support this automatically - Particularly for Android, but probably also for several other systems, you may see a notification to "sign into the network" or similar. Click or tap it, and your device will open a web browser. Surprisingly, this even works with some non-web devices such as the Nintendo Switch (which does not have a "regular" web browser at all).


  2. If not, use a non-HTTPS website, such as http://www.example.com or http://neverssl.com/. example.com is particularly safe for this purpose because it is owned and operated by IANA and its domain is permanently reserved for use in software documentation. Chrome will also send requests to http://google.com/generate_204 over HTTP notwithstanding the use of HSTS (note that if your internet is working correctly, that URL will not cause a page to load, because Google responds with HTTP 204 No Content).


Finally, as some people have mentioned in the comments, you should be careful about trusting open networks. Once you have signed in, don't do anything sensitive unless the entire site uses HTTPS. People can steal your session cookies even if your username and password were encrypted, so just having HTTPS on the login page is inadequate.






share|improve this answer















  1. Your device may support this automatically - Particularly for Android, but probably also for several other systems, you may see a notification to "sign into the network" or similar. Click or tap it, and your device will open a web browser. Surprisingly, this even works with some non-web devices such as the Nintendo Switch (which does not have a "regular" web browser at all).


  2. If not, use a non-HTTPS website, such as http://www.example.com or http://neverssl.com/. example.com is particularly safe for this purpose because it is owned and operated by IANA and its domain is permanently reserved for use in software documentation. Chrome will also send requests to http://google.com/generate_204 over HTTP notwithstanding the use of HSTS (note that if your internet is working correctly, that URL will not cause a page to load, because Google responds with HTTP 204 No Content).


Finally, as some people have mentioned in the comments, you should be careful about trusting open networks. Once you have signed in, don't do anything sensitive unless the entire site uses HTTPS. People can steal your session cookies even if your username and password were encrypted, so just having HTTPS on the login page is inadequate.







share|improve this answer












share|improve this answer



share|improve this answer










answered Nov 18 '18 at 17:09









KevinKevin

42646




42646








  • 17





    @deviantfan: If you know of a way to forcibly download and install malware without the user's consent, please report it to the developers of the browser(s) concerned. It is a security bug and must be seriously investigated.

    – Kevin
    Nov 18 '18 at 17:19






  • 11





    @wizzwizz4 no. A drive by infection that worked against any win10 machine with Office installed would be big headlines.

    – vidarlo
    Nov 18 '18 at 18:35






  • 1





    @Kevin: Thanks - the question was prompted by my go-to site going https. Good to know that www.example.com will stick around.

    – Jonas
    Nov 18 '18 at 19:41






  • 4





    Oh, please do publish how edge can cause an bsod...

    – vidarlo
    Nov 18 '18 at 20:52






  • 9





    Please, don't spread FUD in the comments section.

    – Burhan Khalid
    Nov 19 '18 at 4:57














  • 17





    @deviantfan: If you know of a way to forcibly download and install malware without the user's consent, please report it to the developers of the browser(s) concerned. It is a security bug and must be seriously investigated.

    – Kevin
    Nov 18 '18 at 17:19






  • 11





    @wizzwizz4 no. A drive by infection that worked against any win10 machine with Office installed would be big headlines.

    – vidarlo
    Nov 18 '18 at 18:35






  • 1





    @Kevin: Thanks - the question was prompted by my go-to site going https. Good to know that www.example.com will stick around.

    – Jonas
    Nov 18 '18 at 19:41






  • 4





    Oh, please do publish how edge can cause an bsod...

    – vidarlo
    Nov 18 '18 at 20:52






  • 9





    Please, don't spread FUD in the comments section.

    – Burhan Khalid
    Nov 19 '18 at 4:57








17




17





@deviantfan: If you know of a way to forcibly download and install malware without the user's consent, please report it to the developers of the browser(s) concerned. It is a security bug and must be seriously investigated.

– Kevin
Nov 18 '18 at 17:19





@deviantfan: If you know of a way to forcibly download and install malware without the user's consent, please report it to the developers of the browser(s) concerned. It is a security bug and must be seriously investigated.

– Kevin
Nov 18 '18 at 17:19




11




11





@wizzwizz4 no. A drive by infection that worked against any win10 machine with Office installed would be big headlines.

– vidarlo
Nov 18 '18 at 18:35





@wizzwizz4 no. A drive by infection that worked against any win10 machine with Office installed would be big headlines.

– vidarlo
Nov 18 '18 at 18:35




1




1





@Kevin: Thanks - the question was prompted by my go-to site going https. Good to know that www.example.com will stick around.

– Jonas
Nov 18 '18 at 19:41





@Kevin: Thanks - the question was prompted by my go-to site going https. Good to know that www.example.com will stick around.

– Jonas
Nov 18 '18 at 19:41




4




4





Oh, please do publish how edge can cause an bsod...

– vidarlo
Nov 18 '18 at 20:52





Oh, please do publish how edge can cause an bsod...

– vidarlo
Nov 18 '18 at 20:52




9




9





Please, don't spread FUD in the comments section.

– Burhan Khalid
Nov 19 '18 at 4:57





Please, don't spread FUD in the comments section.

– Burhan Khalid
Nov 19 '18 at 4:57


















draft saved

draft discarded




















































Thanks for contributing an answer to Travel Stack Exchange!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2ftravel.stackexchange.com%2fquestions%2f125926%2fhow-to-connect-to-public-wifi%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







Popular posts from this blog

Guess what letter conforming each word

Port of Spain

Run scheduled task as local user group (not BUILTIN)