Is public Wi-Fi still risky?
Public Wi-Fi is not automatically dangerous, but it gives you less control over the network and the people operating it. An airport or hotel network may be shared by hundreds of guests. A convincing hotspot name can also belong to someone other than the venue.
The useful response is not panic or a blanket ban. Verify the network, prefer encrypted connections, reduce unnecessary sharing, and add a VPN when you do not trust the network path. If you can use a reliable mobile connection for a sensitive task, that is often the simpler choice.
What HTTPS already protects
HTTPS encrypts the connection between your browser and the website. On a correctly configured HTTPS page, another person on the same Wi-Fi should not be able to simply read the password, message, or card details you send to that site.
Check for https:// and pay attention to browser security warnings. Never bypass a certificate warning just because the network is public. HTTPS is powerful, but it protects the connection to a site; it does not prove the site itself is honest.
Before signing in
Confirm the domain name, let password managers fill only recognized sites, and stop if the browser reports a certificate problem. A polished phishing page can still use HTTPS.
What public Wi-Fi can still expose
Even with HTTPS, the network may learn connection details such as when your device connected and which services it contacted. Unencrypted apps or pages can expose more. Devices with sharing enabled may also reveal services to other people on the local network.
The first risk often appears before normal browsing: a fake hotspot can imitate a venue name, and a captive portal can ask for more information than it needs. Ask staff for the exact network name when possible. Treat unexpected downloads, configuration profiles, and repeated login prompts as warning signs.
When a VPN helps
A VPN creates an encrypted tunnel from your device to the VPN provider. That can reduce what the local hotspot and nearby network users can observe about your traffic, and it is useful when you must use a shared or untrusted network.
A VPN also changes the public IP address websites see to the VPN server’s address. It does not remove all identifying signals, and it shifts some trust from the local network to the VPN provider. Choose a provider deliberately, connect before opening sensitive apps, and confirm the VPN remains active.
What a VPN does not fix
A VPN cannot make a fake bank page genuine, stop you from entering a password into a phishing form, or repair an outdated device. It does not prevent tracking inside accounts you are logged into, and it cannot guarantee that every ad, tracker, or malicious download is blocked.
Keep HTTPS, software updates, strong unique passwords, and two-factor authentication in the plan. See what a VPN does and does not protect for the full boundary.
Public Wi-Fi safety checklist
- Confirm the exact network name with the venue; avoid lookalike hotspots.
- Prefer HTTPS sites and do not bypass certificate warnings.
- Avoid banking, password changes, or other sensitive actions on an unknown network when you have a safer connection.
- Keep your operating system, browser, and apps updated.
- Use unique passwords and enable two-factor authentication.
- Disable auto-join for unknown networks and turn off file or device sharing.
- Use a VPN on shared or untrusted networks, and check that it stays connected.
- Forget the network when finished, then run the adblock test after enabling privacy tools.
A sensible final setup
For an occasional café visit, HTTPS, a verified hotspot, an updated device, and careful account habits cover a great deal. Add a reputable VPN when the network is shared or untrusted, especially if you expect to stay connected for a while or use multiple apps.
An ad blocker or DNS filter can reduce some advertising and tracking requests, but it solves a different problem. The strongest everyday setup is layered: HTTPS for each site connection, a VPN for the untrusted network path, filtering for known ad or tracker domains, and cautious decisions by the person holding the device.