4 ways to stay safe on public Wi-Fi

Traveling is once again becoming common these days, whether to far-distant locales for a vacation or just down to the local cafe to enjoy the ambiance. That means it’s time to bring back old familiar practices, too.

Like everything else we’re having to relearn (how does small talk work again?), good practices security on public Wi-Fi might need a bit of a refresher, too.

People can snoop on what sites you access, which is a privacy issue as well as a potential security problem. Here are four quick tips that’ll keep you protected while out and about.

Be mindful about what networks you join

Your first line of defense is wisely choosing the public networks you join, especially if you’re lax about your other protective measures. Anyone can scan the traffic being passed on a network—they just have to install a program that captures data packets on their computer. Exchange unencrypted data with a website and your sensitive information goes up for grabs.

Your main goal should be avoiding open networks that are run by unknown administrators. You want to pass over obvious bad apples. Department stores, hotels, and airports are more sure bets—they don’t set up their Wi-Fi for the purpose of spying on the people who use it. (At least, not for the purpose of sussing out home addresses, credit card info, national ID numbers, and the like.) Also pay attention to the spelling of network names—don’t fall for imposters. 

Not sure if you’re on your location’s official Wi-Fi? Most public Wi-Fi run by big organizations immediately ask you to agree to terms and conditions before allowing you onto the network, while savvy small businesses require a password freely shared with patrons.

But since anyone on a network can sniff its traffic, you still need other protections. That’s where the remaining three tips in this article come in. And remember, any network accessible by the public counts as public Wi-Fi, even if you have to pay for access (like at hotels or airports).

Make sure your firewall is on

Leaving your computer’s TCP and UDP ports open is somewhat akin to leaving your home’s external doors unlocked and unmonitored. To keep safe from intrusion, you want something that hides those ports from traffic requests—effectively blocking view of the doors, so no one can approach and try the doorknobs. That’s what firewall software does.

In Windows 10 and 11, your PC should have a firewall turned on by default. But if for some reason you’ve been fiddling with your settings, ensure that it is still on before hopping on to public Wi-Fi. Just head to your Settings app, then type in Firewall & Network protection into the search field.

Use HTTPS everywhere

When visiting websites, make sure they’re transmitting data over an encrypted connection. Today’s websites should use this kind of secure connection, but some older (or outright malicious) sites won’t. 

Your browser should let you know when you aren’t, but you can manually check as well. Look for https at the start of the website address. 

If you instead use an unsecured HTTP connection (note the lack of an “s” in the acronym), the traffic exchanged between you and the site can be seen by anyone on your same network. That includes any sensitive info like user names, passwords, payment info, addresses, etc. (This Cloudflare page explains how this works in more detail.)

Obviously, when you’re on a public Wi-Fi connection, you’re sharing the network with a lot of people who could see what you’re up to—and without knowing who among them might have bad intentions. By conducting your browsing over a secure connection, you won’t stick out as easy prey.

As added protection, you can install the HTTPS Everywhere extension from the Electronic Freedom Foundation. It’s available for Chrome, Firefox, Edge, and other browsers, and further minimizes unintentional use of insecure sites.

Fire up a VPN

As mentioned above, when you visit a secure website while on public Wi-Fi, other people on your network can’t see the details of the data exchanged. However, they can see that you’re on that site.

If you’re using Google or killing time on TikTok, maybe you don’t care. But step that up to checking your bank balance on your PC or phone, and suddenly the stakes rise.

Since you can’t always wait until you get home to handle certain business, you can safeguard your privacy by routing your PC or smartphone’s internet activity through a virtual private network (VPN). To use one, you first connect to the Wi-Fi, then to the VPN. After both those connections are established, you then proceed with your normal internet browsing. All of your traffic goes through the VPN’s servers—someone monitoring network traffic will only see your computer sending and receiving data from the VPN, not the sites and services you hit up during that session.

Obviously, you must trust your VPN for this strategy to work. For that reason, most free VPNs don’t past muster—they often don’t guard your privacy as strictly as a paid service. Stick to vetted services, like those in our best free VPN roundup. To get better speeds and access to more servers around the globe, you must move up to one of our recommended paid services. Worldwide servers are important if you’re traveling internationally, as you’ll want local servers to lean on. Otherwise, having to route your traffic an ocean away and then back again will notably slow down your web browsing.