You need a VPN when accessing public Wi-Fi—here's why

News
By Contributions from last updated

Why using a VPN is a necessity on public networks

What is public Wi-Fi?

We're all familiar with Wi-Fi, and the convenience it affords. Technically, Wi-Fi refers to a technology that enables computers and other devices to connect to the Internet and communicate wirelessly. Wi-Fi is configured using a wireless adapter to create a "hotspot." Once a connection is established, users within range of the hotspot can connect to the Internet network.

Wireless networks are located either in the home, which is generally referred to as a "closed network," or in public places, which can be open or closed depending on the security settings in place. 

Public Wi-Fi is often unsecured in that they don’t use any form of wireless encryption. The advantage of this is that pretty much any WiFi-compatible device can connect to it. The big downside is that it can cause huge security problems, and many people opt to use one of the best VPN services to stay protected.

  Where are public Wi-Fi networks found?

Public Wi-Fi networks aren't hard to find. They are prevalent in locations around the world and you encounter them in your day-to-day life as well as during travel.

According to research by Kaspersky, around 1 in 5 wireless networks around the world are completely unsecured. This means there are about 6.4 million such hotspots.

Seoul, South Korea not only has the fastest internet in the world but over 10,000 free WiFi hotspots all around the city, at airports, public parks & even the popular neighbourhood of Gangnam. 

Perth, Australia takes this a step further offering blanket coverage free public Wi-FI throughout the entire city for 60 minutes at a time. Users are limited to 2GB per day to avoid too many downloads down under. 

In New York City all subway stations have Wi-Fi coverage, provided by the good people of TransitWireless offering unlimited internet use in platforms, ticket areas & mezzanines in every station. 

The Wifi4EU project aims to offer free WiFi to all European citizens in every public place. It’s funded by the EU Commission, who have already pledged 120 Million Euros in support. 

Why are these networks insecure?

An unsecured Wi-Fi network is any network that does not require you to enter a password or login credentials to use the network. These "open" networks or “hotspots” also involve un-encrypted connections, leaving users at great risk. 

The hotspots are an easy target for hackers and nefarious people trying to steal login passwords, credit card information and content of communications or other personal details. 

The main dangers of using unsecured Wi-Fi are:

  • Hackers/Snoops: Hacking has become much easier for bad actors these days through using ready made tools & equipment. For instance, some hackers set up fake “honeypot” public Wi-Fi hotspots to try to lure people into connecting to them. Once connected, any unencrypted information you send, such as the names of websites you visits can be logged by hackers. Hackers rely on you wanting to use their honeypot wireless network because it’s free & convenient. But once you’re linked to them, they can not only read your unencrypted network traffic but try to redirect you to fake ‘phishing’ websites to make you enter sensitive information or download malware. (See below). 
  • Man-in-the-Middle Attacks: If a hacker connects to the same unsecured wireless network as you, they can send bogus data to your device & the network router to obtain their unique IP address & special ‘MAC’ address. Once they do this, the hacker can then impersonate each device, sitting in the middle of their “conversation”. By intercepting yours & the router’s communications hackers can read your data, or even inject harmful software & links into your connection requests.
  • Malware: If a hacker can connect to your device, they may try to inject ‘malware’ to record your personal information, or even encrypt it with ransomware. The scary thing about malware is that you can stop all other kinds of attacks just by disconnecting your device from the network. If your machine’s infected with malware though, your data could still be at risk, even when you connect to a secure wireless network at home or in your workplace. 
  • Rogue Hotspots/Fake Networks: These are hotspots that are set up by criminals, using a name close to that of the actual, legitimate Wi-Fi hotspot. These hotspots are created to trick users into connecting, thinking they are using a legitimate network at a coffee shop, for example. When you connect to one of these networks you become vulnerable to hacking/snooping conducted by the owner of the fake network.

What Information is at risk?

 Now that you know unsecured public Wi-Fi networks are an easy target for criminals or snoops trying to steal your personal details, it's important to understand what exactly they can get their hands on - and how revealing this data can be. When using these networks, the following information may be at risk:

  • Your location
  • The websites you visit 
  • Your personal communications, such as emails, chats and messages
  • Whom you are communicating with
  • Files you send, photos
  • Your passwords and other sensitive information
  • Login credentials for various websites, such as banking websites

All this isn't just hype! There are reports of users connecting to unsecured Wi-Fi networks around the globe, often with devastating consequences for their users. 

  • Tourist attractions: Some of the most unsecured Wi-Fi networks can be found at popular tourist attractions and destinations around the world. A 2015 report by Skycure (now owned by Symantec) listed some of the riskiest tourist locations for Public Wi-Fi including Times Square, Notre Dame Cathedral & EuroDisney.  
  • On-board airplanes: Airplanes are a goldmine for hackers & data thieves. In 2016, there was quite a stir when a journalist was hacked while using American Airlines’ in-flight GoGo Wi-Fi on-board a plane. The hacker revealed details of what he the journalist working on, compromising the story as well as alarming all who heard about it. This incident proved just how quick and easy hacking in-flight Wi-Fi was. A 2022 study by Necrum Security Labs showed that many airlines use outdated WiFi equipment, which contains serious vulnerabilities. In 2015, a Google Security researcher also discovered that the aforementioned GoGo Inflight Internet provider were issuing their own SSL Certificates to impersonate Google’s websites. This is another type of “Man in the Middle” attack & is particularly worrying, as usually when you access a website using SSL/TLS on public Wi-Fi, you can be sure your data’s safe as it’s encrypted. 
  • Public buses: The city of Sydney Australia, recently announced plans to offer Wi-Fi on-board all public buses. But this Wi-Fi comes with a catch – it will collect and sell personal user information. While this risk doesn't occur because the Wi-Fi is insecure, it's another privacy violation that users need to be aware of on Wi-Fi. If this surprises you, you may be shocked to learn that many free Wi-Fi providers offset the cost of running their hotspots by selling off the personal data of their users. GDPR has made this more difficult to do in the EU in the past few years but this is difficult to enforce. 

Ignorance is not bliss

According to a study conducted by the Identity Theft Resource Center, about 40% of people were unconcerned about using public Wi-Fi. Of those who were worried, less than half took steps to secure their connection on these networks. This is very concerning, considering the activities that most frequently take place on public Wi-Fi:

  • Checking personal email accounts (including logging in)
  • Using social media (including logging in)
  • Accessing banking or financial information

What’s even more concerning is people's willingness to use these networks, despite being aware of the risks. A McAfee poll revealed that a large percentage of people - 38% - still opt to use free unsecured Wi-Fi. Combine that with a statistic from the AARP’s Convenience Versus Security report that “A quarter of the adults who use the Internet access it via public Wi-Fi once a week or more,” 

A 2019 cybersecurity revealed a staggering 45% of working American adults trusted the public Wi-Fi network of a frequented public location. 

This should give you an idea of how common using unsecured networks is.

Protecting yourself on public Wi-Fi

All of this is very unsettling, especially for those who have never considered the risks of public Wi-Fi before. But you don't have to avoid Wi-Fi networks or accept the inevitability of privacy risks – there are things you can do!

While there are several ways to protect yourself when using a Wi-Fi network, one way beats the rest – using a VPN

A VPN encrypts your Internet connection to secure it and protect your privacy. When connecting with a VPN, no one – not your Internet Service Provider, your business/network owner nor any third-party hacker or snoop – can see the information you send over the network. This is extremely important when using unsecured Wifi, as anyone can read the data packets your device sends and receives: if they’re encrypted, they won’t be of any use to hackers. 

Take some time to read through our guide to the very best VPN providers available today.

Besides subscribing to a reliable VPN provider & connecting to their service each time you use Wifi, there are several other precautions you can take:

  • Think before connecting: Don't be tempted to connect to the very first “free” Wi-Fi network you see. Check with the site owner to make sure it’s the right one. If there are T&Cs to which you need to agree before using their service, make sure to read them carefully. 
  • Configure network settings: Most modern devices allow you to change your network connection settings to tell the system that you’re on a public Wi-Fi network, to which anyone can connect. This makes your device much harder for others to see on the network. 
  • Use a firewall: Many modern devices & operating systems come with a firewall already set up but take some time to check yours is switched on. If you don’t have reliable firewall software, read through our guide to the best firewalls of 2025.
  • Use HTTPS: If, for some reason, you can’t use a VPN then at least make sure you access 'secure' versions of websites. It’s usually very easy to tell if your connection is protected by HTTPS as the web address will begin “https://” and you’ll see a padlock icon in the address bar.
  • Use two-factor authentication: 2FA, also known as “two step” verification means that each time you connect to a website or online service for the first time, you’ll be asked to enter a code along with your password. The code is usually generated by a special authenticator app but sometimes can be done by SMS too. That way even if a hacker steals your username & password they can’t access your account.
  • Switch off auto-connect: Most devices like to save you the trouble of having to manually enter your network settings & connect to wireless networks, so will automatically connect to Wi-Fi hotspots they’ve previously encountered. This could mean your device connects without you knowing & leave your data at risk. Contact your device manufacturer for help with disabling the ‘auto-connect’ feature. Alternatively you can just tell your device to ‘forget’ wireless networks altogether after you’ve finished using them.

Bottom line

Whilst there are many threats out there that come from using WiFi networks outside your home or workplace almost all of them can be avoided by doing one thing: using a reliable VPN service.

If your data is encrypted, including the DNS requests that you make to visit websites, an attacker won’t be able to know which sites you’re visiting, what information you read & enter, as well as what internet-applications you use.

Some VPN providers can even help with features like firewalls & anti-malware software, and with the quality of some cheap VPN providers, staying safe when you're out and about doesn't have to cost the world.

Desire Athow
Desire Athow
Managing Editor, TechRadar Pro

Désiré has been musing and writing about technology during a career spanning four decades. He dabbled in website builders and web hosting when DHTML and frames were in vogue and started narrating about the impact of technology on society just before the start of the Y2K hysteria at the turn of the last millennium.

With contributions from
Read more
Young man using a smartphone and laptop in a hotel room
Staying in a hotel? Here's why you need a VPN
A woman holds a pretzel and uses a smart phone while on the train
Relying on train Wi-Fi over the holidays? You need a VPN
An illustration of a laptop screen running a VPN service, accompanied by images of a padlock, globe, and a man using a tablet.
What are the benefits of using a VPN in 2025?
An illustration of a mobile phone running a VPN
How does a VPN work?
Polygonal vector illustration of the virtual private network's shield reading VPN and world map on the background
The cost of a ‘free’ VPN: When cheap is expensive
Someone using a VPN on a PC.
How to buy a VPN – a jargon-free guide
Latest in VPN Privacy & Security
A computer file surrounded by red laser beams
Cover your tracks: the risk of sending unencrypted files
Using an Amazon Fire Stick on a Smart TV
How to use a VPN with Fire Stick
Close up of PS5 DualSense controller leaning on a PS5
5 reasons your PS5 needs a VPN
Tor
What is Onion over VPN?
In this photo illustration a Google Play logo seen displayed on a smartphone.
Why is there so much spyware hidden in the Play Store?
PrivadoVPN running on an iPhone during TechRadar's VPN tests
Why PrivadoVPN Free is still the best free VPN for streaming
Latest in News
Google Pixel 8a in aloe green showing
Google Pixel 9a benchmark link teases the performance of the upcoming mid-ranger
Quordle on a smartphone held in a hand
Quordle hints and answers for Monday, March 17 (game #1148)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Monday, March 17 (game #379)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Monday, March 17 (game #645)
Apple iPhone 16 Pro HANDS ON
Leaked iPhone 17 dummy units may have given us our best look yet at all four models
A super close up image of the Google Gemini app in the Play Store
It's official: Google Assistant will be retired for phones this year, with Gemini taking over
More about vpn privacy security
A computer file surrounded by red laser beams

Cover your tracks: the risk of sending unencrypted files
Using an Amazon Fire Stick on a Smart TV

How to use a VPN with Fire Stick
Poco F6 Pro in white from the back showing its Camera array and branding

For a mid-range handset, the Poco F6 Pro is premium in more ways than one, but I found it hard to ignore some of its key pitfalls
See more latest
Most Popular
BraX3
This obscure brand wants to launch the most privacy-friendly smartphone ever without Google, but with a mysterious open-source OS at its core
HAMR
Seagate reportedly sold two billion GBs worth of storage to two of the world's largest tech companies
Google Pixel 8a in aloe green showing
Google Pixel 9a benchmark link teases the performance of the upcoming mid-ranger
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Monday, March 17 (game #645)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Monday, March 17 (game #379)
Quordle on a smartphone held in a hand
Quordle hints and answers for Monday, March 17 (game #1148)
Oracle
Bluehost owner is moving to Oracle Cloud, so could thousands of websites be about to migrate?
Money
Financial leaders still rely on regular tools like Excel for automation tasks over AI
Two examples of the Asus Fragrance Mouse MD101 sitting on a table
Your next computer mouse could have a fragrance compartment for aromatherapy oils – and this Asus idea is nothing to sniff at
Apple iPhone 16 Pro HANDS ON
Leaked iPhone 17 dummy units may have given us our best look yet at all four models