How do I set up the MiFi 6620L so I know no one else can get into my laptop and phish for passwords etc.

> I got some messages that another device had connected to the jetpack with an IP address in Minneapolis

This message wouldn't have come from your Jetpack, at least I am not aware of any kind of feature that provides that kind of feedback.  Instead what likely happened is that you have Antivirus software on your PC that was detecting external/remote connections to that PC instead.  Devices can only connect to the Jetpack if they are within the physical WiFi service area of the Jetpack, no one in Mpls could connect directly to that device.

If you notice these strange IP addresses connecting to your PC then perhaps it is time to update your antivirus or run a full scan.  Perhaps if you could capture a screenshot of this warning message we could help you figure out more about what is happening.

> Wouldn't anyone wanting to connect to the hotspot need the password?

Yes.  Users have to be within the physical limits of the Jetpacks WiFi broadcast area, which is relatively small compared to normal home routers. 

> What do I need to do to be assured that I can do online banking, etc. safely?

Make sure that you are using strong passwords using password best practices.  Only connect to https:// (secured) websites when performing online banking tasks.  Don't click on email links for anything related to your bank, always manually navigate to the URL that you know and are familiar with.

If your PC has been compromised then the only thing you can likely do is run antivirus.  If that doesn't clean it and the connection is truly malicious then you would have to consider a reload and start over from scratch.