Home → Guides → Integritet

Integritet

How to stay safe on public Wi-Fi

Airports, cafes, and hotels offer free Wi-Fi, and a free window into your traffic for anyone else on the network. Here's how to use public hotspots without handing over your data.

admin

Lead VPN Tester & Editor

Updated June 2026

6 Fact-checked

Free Wi-Fi is everywhere, and that’s exactly the problem. An open or shared network means you’re trusting strangers, the venue, and sometimes a fake hotspot set up to look legitimate. The good news: most of the risk comes from a handful of attacks, and a few habits, led by a VPN, neutralize nearly all of them. Here’s what actually threatens you on public Wi-Fi and how to shut each one down.

What can go wrong on an open network

Knowing the specific threats makes the fixes obvious:

Eavesdropping: on an unencrypted network, others can capture traffic that isn’t encrypted end-to-end.
Evil twin hotspots: an attacker sets up a network named “Airport_Free_WiFi” to lure you into connecting through their equipment.
Man-in-the-middle attacks: someone positions themselves between you and the site you’re visiting to intercept or alter data.
Malicious captive portals: the “sign in to use Wi-Fi” page can be faked to harvest credentials or push malware.

HTTPS helps, but it isn't enough

Most sites use HTTPS, which encrypts traffic to that site, good. But it doesn’t hide which sites you visit, doesn’t cover every app, and won’t save you from an evil-twin network steering you to lookalike pages. Don’t rely on the padlock alone.

A VPN is your best defense

A VPN solves the core problem of public Wi-Fi in one move: it encrypts all your device’s traffic before it ever touches the network. Even if you’re on an evil twin or someone is sniffing the airwaves, all they see is scrambled data heading to your VPN server. It turns a hostile network into a harmless pipe.

Everything is encrypted, not just HTTPS sites, but every app on your device.
Eavesdroppers and man-in-the-middle attackers see nothing usable.
The network owner can’t profile which sites you visit.

★ MOST PRIVATE

Proton VPN

9.5 · Excellent

The privacy benchmark — fully open-source, independently audited, and protected by Swiss privacy law. Fast servers unblock the major platforms, and there's a genuinely free plan with no data limit.

Open-source & independently audited Swiss privacy jurisdiction Genuine free plan

$4.49 + months free · 2-yr plan

Read full review Get Proton VPN

For public Wi-Fi, you want a VPN that’s trustworthy and reliable. Proton VPN is open-source, audited, and Swiss-based. NordVPN and Surfshark are strong alternatives with auto-connect features that turn the VPN on the moment you join an untrusted network.

Proton VPN — Best overall

NordVPN — Best all-rounder

Surfshark — Best budget VPN

See the best VPNs for public Wi-Fi

Turn on auto-connect

Most quality VPN apps can auto-connect whenever you join an unknown or unsecured network. Enable it once and you’ll never have to remember to flip the switch in a cafe again.

Set up your device before you travel

A VPN does the heavy lifting, but device settings close the remaining gaps. Get these right before you’re sitting in the airport:

1
Install and configure a VPN
Set it up and enable auto-connect for untrusted networks before you leave home.
2
Turn off auto-join for open networks
Stop your phone from silently connecting to any open hotspot, including evil twins, without your say-so.
3
Disable file and printer sharing
On public networks you don’t want your device discoverable. Switch your connection to the “Public” profile.
4
Enable your firewall
Make sure the built-in firewall is on so other devices on the network can’t reach yours.
5
Update your OS and apps
Patches close the security holes that man-in-the-middle attacks rely on.

Smart habits while you’re connected

Even with a VPN running, a little caution goes a long way:

Verify the network name with staff before connecting. Attackers count on you guessing.
Prefer your phone’s hotspot for anything truly sensitive, like banking. Cellular data isn’t shared with strangers the way Wi-Fi is.
Use multi-factor authentication everywhere, so a stolen password alone isn’t enough.
Watch for certificate warnings. If your browser warns that a site’s certificate is invalid, stop, that’s a classic sign of interception.
Forget the network when you leave so your device won’t auto-reconnect later.

No VPN handy? Use cellular

If you can’t connect to a VPN, fall back to your mobile data or personal hotspot for anything private. It’s a far smaller risk than an open Wi-Fi network you can’t vouch for.

The bottom line

Public Wi-Fi isn’t something to fear, it’s something to use carefully. A reputable VPN with auto-connect handles the biggest threats automatically, and the device settings and habits above cover the rest. Set it up once, and free Wi-Fi goes from a liability back to a convenience.

Do I really need a VPN if sites use HTTPS?

Yes. HTTPS only encrypts traffic to HTTPS sites and still reveals which sites you visit. A VPN encrypts everything on your device and protects against evil-twin and man-in-the-middle attacks HTTPS doesn’t stop.

Is my phone safer than my laptop on public Wi-Fi?

Not inherently, both face the same network risks. Using cellular data instead of Wi-Fi is safer, but on any shared Wi-Fi you should run a VPN on either device.

What’s the single most important step?

Use a trustworthy VPN with auto-connect enabled. It encrypts all your traffic automatically, which neutralizes the majority of public Wi-Fi attacks.

VPN Runner is reader-supported. If you sign up for a VPN through a link on our site, we may earn a commission — at no extra cost to you. It never affects our ratings or rankings: we test every service the same way and pay for our own subscriptions.