Scanning your connection...
Default PrivacyDefault Privacy
Back to Glossary
Networking

What is Public WiFi Safety?

Security practices for protecting your data when using public WiFi networks in cafes, airports, hotels, and other shared spaces — where unencrypted traffic can be intercepted, fake hotspots can steal credentials, and your device may be exposed to other users on the network.

Also known as: Public WiFi Security, WiFi Safety Tips, Hotel WiFi Security, Coffee Shop WiFi Safety

That free coffee shop WiFi is convenient — but it's also a hunting ground for attackers. Anyone on the same network can potentially see your traffic, steal your credentials, or infect your device.

The Risks

Evil Twin Attacks

  • Attacker creates a WiFi hotspot with a name identical to the legitimate one ("Starbucks_WiFi")
  • Your device automatically connects to the fake network
  • All traffic is routed through the attacker's device
  • They can see everything you do and inject malicious content

Traffic Interception

  • On unencrypted networks, anyone with basic tools can capture packets from other users
  • Login credentials, emails, and browsing activity can be seen in real time
  • Even on encrypted (WPA2) networks, shared passwords mean all users can potentially decrypt each other's traffic

Session Hijacking

  • Attackers capture your session cookies to impersonate you on websites
  • They gain access to your logged-in accounts without needing your password

Malware Distribution

  • Attackers exploit vulnerabilities in other devices on the same network
  • Fake captive portals that mimic the "agree to terms" page but install malware
  • File-sharing enabled on your device can expose your files to the network

How to Stay Safe

Essential (Do These Every Time)

  1. Use a VPN — Encrypts all traffic between your device and the VPN server. This is the single most important step.
  2. Verify HTTPS — Only enter sensitive information on HTTPS sites (padlock icon). Use the HTTPS Everywhere extension.
  3. Forget the network after use — Prevent your device from auto-connecting next time

Recommended

  1. Disable auto-connect — Turn off automatic WiFi connection in your device settings
  2. Use DNS over HTTPS — Prevents DNS queries from being intercepted (Firefox: enabled by default; other browsers: manual setting)
  3. Turn off file sharing and AirDrop — Close any sharing services on your device
  4. Enable your firewall — Block incoming connections

Advanced

  1. Use your phone's hotspot instead — Cellular data is much harder to intercept than WiFi
  2. Check the network name with staff — Verify the exact SSID before connecting
  3. Use a travel router — A portable VPN router creates your own encrypted network
  4. Run our DNS Leak Test to verify your VPN is working properly on public WiFi

The VPN Solution

A VPN is effectively a private tunnel through the public network:

  • All data between your device and the VPN server is encrypted
  • Even if someone intercepts your traffic, they see encrypted gibberish
  • Your browsing, logins, and activity are hidden from the local network
  • Use a reputable VPN provider (look for no-logs policies, independent audits)

Related Terms

DNS over HTTPS

A protocol for performing DNS resolution via the HTTPS protocol. It encrypts DNS queries, preventing ISPs, network administrators, and attackers from seeing which websites you're trying to visit.

Evil Twin Attack

A WiFi attack where an attacker creates a fake access point that mimics a legitimate network, tricking devices into connecting and exposing their traffic.

HTTPS

Hypertext Transfer Protocol Secure is the encrypted version of HTTP, the protocol used to transfer data between your browser and websites. HTTPS uses TLS encryption to protect the confidentiality and integrity of data in transit, preventing eavesdropping and tampering.

Man-in-the-Middle Attack

An attack where the adversary secretly intercepts and potentially alters communications between two parties who believe they're communicating directly with each other. MITM attacks can capture credentials, inject malware, or modify data.

Virtual Private Network

A technology that creates a secure, encrypted connection over a less secure network, such as the public internet. VPNs mask your IP address, encrypt your internet traffic, and can make it appear as though you're browsing from a different location.

Have more questions?

Use our guided flow to get the right next privacy step for Public WiFi Safety.

Open Guided Flow