23

In hotels or at airports, connection to the public WiFi requires you to start a browser session, which is then redirected to some log-in page. Due to security concerns, browsers now pop up warnings about such redirection, and if you're on a company laptop, you may not be able to proceed. Also, any HTTPS site won't allow redirect in the first place, and more and more websites start implementing HTTPS.

Is there a reliable way to get to the login page for a public WiFi network that doesn't require hoping you know a site that's still on HTTP, or even better, that won't be blocked by overzealous company security?

Jonas
  • 7,012
  • 40
  • 54

1 Answers1

28
  1. Your device may support this automatically - Particularly for Android, but probably also for several other systems, you may see a notification to "sign into the network" or similar. Click or tap it, and your device will open a web browser. Surprisingly, this even works with some non-web devices such as the Nintendo Switch (which does not have a "regular" web browser at all).
  2. If not, use a non-HTTPS website, such as http://www.example.com or http://neverssl.com/. example.com is particularly safe for this purpose because it is owned and operated by IANA and its domain is permanently reserved for use in software documentation. Chrome will also send requests to http://google.com/generate_204 over HTTP notwithstanding the use of HSTS (note that if your internet is working correctly, that URL will not cause a page to load, because Google responds with HTTP 204 No Content).

Finally, as some people have mentioned in the comments, you should be careful about trusting open networks. Once you have signed in, don't do anything sensitive unless the entire site uses HTTPS. People can steal your session cookies even if your username and password were encrypted, so just having HTTPS on the login page is inadequate.

Kevin
  • 996
  • 10
  • 11