I have been hacked twice now that I used s hospital's open WLAN. The hacker got my pæssword to Google twice. I cha nged two times and have not used the WLAN since. Any ideaa why he was able to do that? Google uses secure pæges.

clear text intercept is my best guess.

I wish I knew what that meantmeant but I csn find out. Thanks.

It's a means of intercepting supposedly encrypted packets of network traffic, by essentially fooling some travel points in the middle that you are to be trusted, and then all the encryption falls by the wayside.
 
I have discovered on multiple occasions, folks camping out in airports using fake networks, to get unsuspecting business travelers to think they were getting onto free WiFi from the airport, or one of the shops, like a Starbucks or whatever, when they were really sucking up all kinds of network ID and password info.
 
Bob Bone
 

Thank you Bob. That was enlighting.

Here is a link to just one method that recently worked - don't know if it still does or not, and I don't use gmail:
 
https://sites.google.com/site/darkzonehackers/documents/_draft_post
 
The above method uses a design/processing flaw in the password retrieval process that Gmail uses, and shows how easily poor quality review of code can be exploited with someone intent on defeating security systems.
 
Many, if not most, of a kind of web hack attack called an SQL Injection Attack, works simply because of sloppy code release procedures and lazy coders that leave gaping holes in the security of their databases because of crappy editing and processing on web pages that access databases.  And now, every company that makes an appliance wants to be able to connect it to the internet - why my TOASTER or refrigerator needs access to my home network I will never know - and never allow.
 
Bob Bone

Thanks again Bob. You are like a superhero of it.

Nope - I did enjoy life as a computer programmer, but a lot of the security flaws are new - though based on fairly simple concepts.
 
The best advice I give folks is to pay attention, and if you encounter something you are not sure about - don't click on the scary message - look it up on a different computer - reboot without calling the phone number that is threatening you with some blue screen of death - READ each install screen prior to clicking on Next.  If you don't know who the email is from, don't trust it.  And, NO banks EVER will ask you to click on a link to validate any information.  ALWAYS type in your bank's web site info yourself, or store the site name as a bookmark/favorite, and I NEVER store passwords anywhere but in my head.
 
MILLIONS of people fall for really obvious scams, all the time, simply because they don't pay attention.
 
Bob Bone

Thanks again Bob. I have a habit of storing my passwords in just about everywhere out of reach. Though I do not always know which place is out of reach. For example I store passwords in my phones because it is so handy. Probably shouldn't do that.

Well, I think that phones are most likely the most likely exposure point to hacking attempts - they are ripe for exploitation and theft of personal data.
 
If I am not mistaken, there have been cases where police were able to do a warrantless search of people's phone data, REQUIRING the phone owner to give them access, simply because the courts looked at a fingerprint ID mechanism on a phone differently than a more traditional password.
 
But again, the real exposure is that your phone is exposed by potential flaws in ever-rapidly changing OS code for phones, as well as exposed because of web site flaws that allow things like Clear Case Intercepts to happen, AND, when you connect your phone through a public network, you have an even more insidious exposure.
 
I would urge you to rethink the notion of keeping passwords stored on your phone.  When I have some site I sign up for, where I need a user name and password, and I don't access that site frequently, I will often send an email to myself, with a subject line saying something like: Billy Bob's Crab Shack and Auto Detailing site account info, and then in the body of the email, I will add text that will clue me in to the user ID I used, and I will also add a password hint sentence that gives me and only me enough info to where I will understand what I used for a password.  So, even if my email gets hacked, nobody would be able to figure out any of my user ID's and passwords for any of the sites I have set up accounts on.
 
Best of it all for you - stay secure, 
 
Bob Bone