The “will always work” page to use is neverssl.com which, as the name says, will never use SSL or other fancy things. Your browser will not throw a security fit if you are redirected from there to a portal page. (The lack of a security fit is one of the reasons you should use SSL/TLS for everything else.)
The problem of poorly implemented WIFI portals extends beyond hotels, of course. This morning I was at the tire shop, and my Android phone connected to the WIFI and clicked through the portal without any difficulty. My IOS tablet would connect and go to the portal, and seem to work fine, but after about 2 minutes it would stop working. Instead of fighting with it, I just hot spotted my phone to the tire shops WIFI, and connected my iPad to my phone. A stupid solution, but easier than fighting with it.
The other thing I frequently find is that the business’ WIFI portal might not work for me, but they’re getting Comcast Business internet, and so they have an xfinitywifi or XFINITY connection that works fine.
Most places seem to think that WIFI portals are necessary for some reason, but I’m sure most places just do it because other places do it, too. I mean, is there really any security in requiring somebody to enter any string of characters which contains an @ in order to access the WIFI? Or do they think that a page of text nobody has ever read will protect them in court from something?
It would certainly be easier for the guests and employees to just not have the portal, and let people connect at will. If freeloaders really are a concern, just use a standard WPA password that rotates every week or so.
A few years ago I went through Heathrow Airport. They had big signs up all over the airport telling you to try connecting to http://www.bbc.co.uk (HTTP not HTTPS) if you had trouble getting into their free airport WiFi. That’s where I learned that trick.
I use www.google.com; I long ago turned off the option to automatically attempt an HTTPS connection regardless of what was input, leaving it to the sites themselves to do that if they are so coded.
I had no idea, though, that http://192.168.178.1 was a standard address for a router or bridge or whatever. If you’d asked me, I would have guessed 192.168.1.1 …
You can get almost any wifi to work if you do the following:
Turn off any privacy features such as VPN, private dns, etc
Turn on airplane mode so your phone won’t ignore the wifi
Turn on wifi, connect to the free wifi you want
Open a browser and go to neverssl.com
Fill out the form that shows up, then you can turn off airplane mode, etc.
I love complaining about shitty internet but have to share a tip that will generally improve your accessibility and experience when away from home: get a lightweight travel router to sit between the on-site internet and your devices. I’ve used this one for several years.
You connect to the router via web browser and have the router connect to the on-site wifi (or physically via ethernet). I haven’t encountered a network it can’t connect to provided I have the password or authorization. Then you configure the router to rebroadcast the business connection as a standard wifi connection with a password of your choosing. Or you just connect the router to your device via ethernet cable on the outbound port if that’s an option for you.
The travel router can also be configured to use a VPN which will get around any content restrictions and (maybe) improve your security. Additionally, no matter how many devices you connect to the router, the on-site network will only see one connection–the router, so you won’t run into extra device restrictions. Note, however, that this won’t increase the bandwidth available to your devices.
This won’t make wifi passwords shorter or magically appear to you but it’s otherwise been a game changer during business trips. I get all my devices connected, my personal streaming box playing on the hotel TV, and I’m far less pissed off.
edit: I should add that connecting to the router via web browser doesn’t actually require an active internet connection. Also, it sounds more complicated than it really is.
I presume it’s about legal liability. That portal page is intended to serve as an EULA (end-user license agreement), the same thing you see on a lot of software. And it legally does not matter if people read EULAs.
I suspect it has to do with the previous practice where you’d drive around just find an open access point and just use it. I seem to remember places being treated as liable because they hadn’t secured their wi-fi.
Nowadays, instead of having open wi-fi, it seems that consumer routers often include a public access point, and it is a captive portal If you have the same ISP, then your login for that ISP can be fed into that portal, and you get wi-fi. It works well enough that I actually never lose wi-fi signal completely while walking down my street. (There are only two ISPs, and only one of them is truly broadband, i.e. 25mbps or higher.)
I’m honestly surprised that the rise of this didn’t include a change in how captive portals work. It seems odd that my phone is connecting to each one and opening a web page in the background to log me in.
They don’t always want it to be invisible. The captive portal often includes an upsell for faster service. It also contains advertising for other hotel services.