You open the Settings app to connect your iPhone to Wi-Fi, and everything is fine until you notice “Security Recommendation” underneath the name of the Wi-Fi network. “Uh-oh,” you think. “I’m hacked!” Don’t worry: you’re not — Apple’s just looking out for you. In this article, I will explain why you see Security Recommendation in your iPhone’s Wi-Fi Settings and why Apple included Security Recommendation to help keep you safe online.
Check out our other article if your iPhone says Weak Security instead of Security Recommendation!
What is “Security Recommendation” in iPhone, iPad, and iPod Wi-Fi Settings?
Security Recommendation only appears in Settings -> Wi-Fi on your iPhone, iPad, or iPod when you’re about to connect to an open Wi-Fi network — a network without a password. When you click the blue information icon, you’ll see Apple’s warning about why open Wi-Fi networks can be unsafe and their recommendation about how to configure your wireless router.
Tap the information button (pictured) to the right of the network’s name to reveal Apple’s explanation for this warning. The explanation reads:
Open networks provide no security and expose all network traffic.
Configure your router to use WPA2 Personal (AES) security type for this network.
What’s The Difference Between An Open And Closed Network?
An open network is a Wi-Fi network that doesn’t have a password. This is generally what you’ll find in coffee shops, airports, and just about anywhere else that free Wi-Fi is offered. Open networks can be dangerous because anyone can access them, and if the wrong person joins the network, they may be able to view your searches, web logins, and other sensitive data without your permission by “spying” on your iPhone, iPad, iPod, or computer.
On the other hand, a closed network is — you guessed it — a network with a password. Apple says that you should “configure your router to use WPA2 Personal (AES) security”, which is a very secure form of Wi-Fi network security. The WPA2 Personal security type is built-in to most modern routers and allows for strong network passwords that are very hard to crack.
Are Open Wi-Fi Networks Unsecure?
Theoretically, anyone connected to any Wi-Fi network can “spy” on the internet traffic being sent and received by other devices on the network. Whether they can do anything with that traffic depends on whether the connection to a specific website is secure.
You can rest assured that any reputable website that requires you to transmit your password or other personal information is using a secure connection to encrypt the data that is sent from your iPhone to the website or app, and vice versa. If someone was capturing the internet traffic coming to and from your iPhone from a secure website, all they would see is a bunch of encrypted gobbledy-gook.
However, if you’re not connected to a secure website, the hacker may be able to see everything that is sent and received by your device, including your passwords and the pages you visit. For a lot of websites, it doesn’t really matter. Here’s why:
If you’re just reading an article on a website that you don’t need to log into, you’re not sending or receiving any personal information that would be worth stealing. The New York Times and a lot of other major news websites and blogs don’t encrypt the articles on their websites for that very reason.
How Can I Tell If A Website Is Secure On My iPhone, iPad, or iPod?
You can easily tell whether you’re connected to a secure website in Safari on your iPhone, iPad, or iPod by looking at the address bar at the top of the screen: If the website is secure, you’ll see a little lock next to the name of the website.
Another easy way to tell whether a website is secure or not is to check whether the domain name begins with http:// or https://. The extra “s” stands for secure. Websites that begin with https are secure (unless there’s a problem, in which case you would see a warning) and websites that begin with http are not.
What’s The Difference Between A Black Lock and A Green Lock In Safari?
The difference between a black lock and a green lock is the type of security certificate (also called an SSL certificate) that the website uses to encrypt traffic. The black lock means the website uses a Domain Validated or Organization Validated certificate and the green lock means the website uses an Extended Validation certificate.
Is The Green Lock More Secure Than The Black Lock In Safari?
No — the encryption can be the same. Both the green and black locks can have the same level of encryption. The difference is that the Green Lock generally means that the company that issued the SSL certificate to the website (called a certificate authority) did more research to verify that the company who owns the website is the company who should own the website.
What I mean is this: Anyone can buy a SSL certificate. I could register bankofamerlcaaccounts.com (notice the lowercase “L” that looks like an “i”) today, clone the Bank of America website, and buy an SSL certificate so people would see the black lock next to the address bar at the top of the screen.
If I tried to buy an Extended Validation certificate, the certificate authority would quickly realize that I am not Bank Of America and deny my request. (I’m not going to do any of this, but I mention it as an example of how easy it is for hackers to take advantage of people online.)
The rule of thumb is this: Never enter any sensitive personal information on a website that doesn’t have the lock in the address bar at the top of the screen.
If You Want To Stay Really Safe On Wi-Fi Networks
Now that we’ve discussed why it is safe to connect to secure websites and apps over Wi-Fi, I’m going to caution you about it: If you’re in doubt, don’t. The best way to stay safe is never to log into your bank or other important online accounts when on an open network. The information is encrypted, but some hackers are really good. Trust your gut.
What Should I Do When I See “Security Recommendation” On My iPhone?
My recommendation is: follow Apple’s recommendation! If you’re getting the Security Recommendation notice when on your home Wi-Fi network, add a password to your network as soon as possible. You’ll do this using your Wi-Fi router. It would be impossible for me to explain how to do that for every router on the market, so I’ll recommend a quick skim of your router’s manual or Googling your router’s model number and “support” to get help.
Stay Safe Out There!
We’ve talked about why your iPhone says Security Recommendation in Wi-Fi settings, the difference between open and closed Wi-Fi networks, why you’re usually safe whether you’re connected to an open or closed Wi-Fi network — as long as the website you’re connecting to is secure. Thanks for reading, and if you have any other comments, questions, or concerns about this problem, feel free to leave a comment below!