When you connect to a Wi-Fi network on your iPhone, you may see the words “Security Recommendation” appear beneath its name. This is a warning that you’re connected to either an unsecured network or one encrypted with weak WEP security.
Unsecured Networks and Weak Security
If you tap the name of the Wi-Fi network displaying “Security Recommendation” once you’re connected to it, you’ll see a more informative message.
In most cases, your iPhone will tell you that the current network is an “Unsecured Network”, also known as an open network. These networks don’t require any passphrase to connect and, therefore, don’t have any encryption.
You can tell which networks are secured with encryption and which ones aren’t by looking at the list of networks before you connect. Any network with a lock icon next to it is encrypted and requires a passphrase. Any network without a lock icon is open (or “unsecured”) and won’t require a passphrase.
This message will also appear when you connected to a hotspot encrypted with outdated WEP encryption instead of modern WPA2 encryption. You’ll instead see a “Weak security” message that says “WEP is not considered secure”.
That’s because WEP is an older encryption scheme that can be very easily compromised. You shouldn’t be using WEP, if possible. Modern WPA2 security with AES encryption is ideal.
Why Unsecured (and Weakly Secured) Networks Are Bad
As the error message explains, “Open networks provide no security and expose all your network traffic.” This means that anyone nearby can connect to the Wi-Fi network without entering a passphrase. If this is your home network, that’s is a big problem—it means that anyone nearby can connect and possibly do illegal things that would be traced back to your IP address. This is why we seriously recommend against hosting an open Wi-FI network.
This lack of encryption also means there’s no protection against someone snooping on your web browsing traffic. Anyone nearby can capture your traffic and examine it. Thankfully, there is still protection when you visit websites encrypted with HTTPS encryption. However, any website that uses HTTP encryption would not provide any security against someone eavesdropping. And, even if you were accessing services that used HTTPS encryption, anyone nearby could tell which websites you were connecting to.
In other words, by not using any encryption security features, these networks allow anyone to connect and anyone to snoop.
WEP is bad for the same reason. It’s very easy for anyone to crack WEP encryption if they want to. After someone has broken they weak encryption, they can connect or snoop as easily as if it were an open network.
How to Safely Use Unsecured (and Weakly Secured) Networks
You’ll often see this message when connecting to public Wi-FI networks, such as those in airports, hotels, and coffee shops. Unfortunately, these networks are often configured with no security to allow anyone to easily connect and use them.
In this case, there’s no way you can “fix” the problem with the network. Your iPhone is just informing you that you should be careful of what you do on the network. All your unencrypted network traffic will be fully exposed. You may want to take extra caution when doing private things on that public network, or invest in a VPN solution that will securely encrypt all your traffic and allow you to safely use these public hotspots without being snooped on. Anyone who tries to snoop on you when you’re using the VPN will just see a single connection to the VPN server transmitting a lot of encrypted data they won’t be able to decode.
If you connect to a public network and it wants you you’re using WEP encryption, you’re faced with a similar problem. WEP provides very little security, so you will want to use a VPN if possible and otherwise behave as if you were connected to an open Wi-Fi network.
In the future, more public Wi-Fi networks will hopefully use the Hotspot 2.0 network standard to allow for both easy connectivity and secure encryption at the same time.
How to Secure Your Home Network
If you see this message when connecting to your home network, that means your home network is either open for anyone to connect to, or using outdated WEP encryption that people can easily compromise. This is a serious security and privacy risk. That’s why your iPhone is warning you—so you know to do something about it.
Thankfully, this is easy to fix. You’ll need to access your router’s settings page and change the Wi-Fi network’s settings. Different routers allow you to access the settings page in different ways, so you may want to consult the manual for your specific model of router for instructions on accessing your router’s settings and changing Wi-Fi security details. If you don’t have the manual, you can examine your Wi-Fi router to find the model number and search the web for the model number and “manual”.
Look for a Wi-Fi setup page and choose the “WPA2-Personal” encryption method with “AES” encryption for best security. You will also need to choose a passphrase, which is a code you’ll need to enter when connecting to your Wi-Fi network for the first time on each of your devices. Write this code down somewhere safe and refer to it when you need to connect a new device on your network. If your router creates separate Wi-Fi networks for 2.4 GHz and 5 GHz devices, make sure each is secured with WPA2 encryption and a passphrase. You can use the same passphrase for both networks, if you like.
After you make these changes and save the settings on your router, you’ll need to reconnect to your Wi-Fi network on all your devices and enter the passkey on each. Don’t worry—after you connect once, your devices will remember the passphrase.