Why you need VPN for public wifi hero desktop, wooden sign advertising free wifi at a restaurant

The Independent’s journalism is supported by our readers. When you purchase through links on our site, we may earn commission. Why trust us?

Do you need a VPN when accessing public wifi?

Verified by Nick Jones

This article explores the risks of using public wifi, strategies for protection and the best virtual private networks (VPNs) for securing your connection.

With over 300 million people being affected by data breaches in 2023 alone, cybercrime shows no sign of slowing down. Taking security measures to protect your data and privacy while using the internet is vital, particularly when connecting to public wifi networks. But can using a VPN be an imperative step towards ensuring online security?

Using one of the best VPNs is a great way to ensure your online security, but there are other things you must consider. The figures obtained and analysed by our researchers are show that more than 364 million people were affected by data breaches between January and May this year, with the greatest number of compromised personal records associated with telecom providers. 

Although not every data breach results in fraud, it still entails financial losses for businesses due to lost customer trust and impaired reputation. Cybercrime is expected to cost US$10.5 trillion (£8.4 trillion GBP) annually by 2025. 

In this article, we’ll guide you through the dangers imposed by public wifi and the most effective strategies for protecting your data and identity while connecting to them. We’ll also discuss the best VPNs for securing your connection when using public wifi hotspots.

What do we mean by public wifi?

Public wifi refers to wireless internet networks accessible in public and commercial locations. These can range from bustling coffee shops and restaurants to libraries, hotels, airports and public transport such as trains and buses. 

The 2018-2023 Cisco Annual Internet Report foresees 628 million public wifi hotspots available by 2023. Unlike home networks, which are usually secured with password protection, public wifi is often unsecured, allowing users with a wifi-compatible device to connect easily.

This freedom of connection, however, has a downside. Public wifi’s lack of security can lead to significant security vulnerabilities, making data transmitted over these networks susceptible to intrusions or eavesdropping.

What are the risks of using public wifi?

The risks in using public wifi lies primarily in its lack of security. Many of these networks are unsecured or “open”, meaning no password is required to connect. Moreover, the connections are typically unencrypted, risking any data that is transmitted.

In fact, research revealed 25 per cent of people using public networks while travelling have had their information compromised, with the majority of cases taking place while connecting to free wifi at airports. Also, around half of users use networks that don’t require a password, which means they can be accessed by anyone, with no restrictions on the number of connected devices.

It’s important to note that many smartphones and devices are set up to connect to available wifi networks automatically. So, without your knowledge, your device could expose your data and identity to a number of risks. 

What to look out for when using public wifi

  • Honeypot hotspots: Some cybercriminals set up seemingly legitimate public wifi networks known as honeypots. Unwary users might connect to these networks, considering them free and convenient. However, hackers can monitor your unencrypted data once connected, potentially leading to information theft. They may also redirect you to deceptive phishing sites to trick you into revealing sensitive data or downloading malicious software.
  • Man-in-the-middle attacks: In this scenario, a hacker connected to the same unsecured network can manipulate the data sent between your device and the network router. By imitating each device, they position themselves in the middle of the data exchange, which allows them to read, alter, or inject harmful content into your connection requests.
  • Malware: Hackers can use an unsecured wifi connection to plant malware on your device. This malicious software could record your personal information or even lock your data using ransomware. The malware threat extends beyond the unsecured network, as once your device is infected, your data remains at risk even on secure networks.
  • Rogue hotspots or fake networks: These malicious wifi networks mimic legitimate ones, often with similar names. Unsuspecting users may connect to these networks thinking they are authentic. However, once connected, you’re susceptible to cyberattacks by the fraudulent network operator.

Given these potential threats, awareness and caution are crucial when connecting to public wifi networks.

phil-png

What should people be wary of when connecting to a public wifi network? Dr Phil Legg, Professor of Cyber Security at UWE

If connecting to public wifi, do you trust that your data being sent across that network is secure and not being logged? Often, free wifi is offered as an incentive to the customer to spend time there, such as a cafe. It may also be used to measure how busy the cafe is at given times of the day, without necessarily analyzing raw traffic.

 

Make sure you are connected to the intended wifi spot, as attackers may well spoof hotspots in the hope that users accidentally connect to the rogue access point. Using a VPN means that all your network traffic is encrypted between your device and the VPN provider, meaning that no matter how you connect to the internet, be it on public wifi or not, your traffic can’t be observed by unintended third parties.

What information is at risk?

Why you should use a VPN when using public wifi person using online banking at a cafe
Using online banking while connected to public wifi without a VPN puts your sensitive data at risk of being stolen (Adobe)

When using public wifi, a significant amount of your personal data can be put at risk. Here’s a breakdown of what that might include:

  • Location data: You reveal your current location by connecting to a public network. Malicious actors can use this data to track your movement or establish patterns in your behaviour.
  • Web activity: The websites you visit can be monitored while connected to a public network. This information could expose your interests, habits and potentially even confidential information if you visit secured websites like banking or health portals.
  • Personal communications: Emails, messages, chats – all could be intercepted and read by a third party. This can reveal your personal information and sensitive data about the people you are communicating with.
  • File transfers: Files can be intercepted when sending or receiving them over public wifi. This means photos, documents, or any other files you share could fall into the wrong hands.
  • Sensitive information: Perhaps most concerning is the risk to your login credentials, passwords and other sensitive information. If a hacker obtains these, they could access your accounts, including banking, social media and work-related platforms.

These are the types of information that cybercriminals are after. With this data, they can steal your identity, drain your bank account, or engage in other malicious activities.

How to protect yourself on public wifi

While public wifi brings convenience, protecting yourself from potential threats is crucial. Here’s a brief guide on how you can secure your data:

  • Use a VPN: A VPN – even cheap VPNs – encrypts your data, making it unreadable to potential hackers, even on an unsecured network.
  • Verify the network: Take your time connecting to any available network. Verify its authenticity with the location providing the service.
  • Change your network settings: Configure your device settings to require you to grant access to public wifi. This will limit your device’s visibility on the web.
  • Activate a firewall: Ensure your device’s firewall is enabled, adding an additional layer of security.
  • Connect via HTTPS: If a VPN isn’t available, use HTTPS for web browsing, ensuring a secure, encrypted connection.
  • Use two-factor authentication (2FA) where available: This provides an extra layer of security when logging into sensitive apps, requiring a second form of verification in addition to your password.
  • Disable auto-connect: Many devices are set to automatically connect to the nearest available network by default. You can change your settings to prevent your device from automatically connecting to public wifi networks, limiting unexpected data exposure.

How does a VPN help protect you on public wifi?

A VPN provides an essential layer of security on public wifi. It works by routing your internet connection through a private server, masking your actual IP address and making your online activity virtually untraceable.

VPN services use robust encryption protocols (typically military-grade AES-256 encryption) to safeguard your data. Even if you’re using an unsecured public wifi network, your information remains secure because it’s encrypted by the VPN tunnel

In other words, a VPN acts as a secure tunnel for your data, protecting it from potential hackers. Therefore, using a VPN on public wifi can significantly minimise the risks associated with public wifi usage.

What’s the best VPN for public wifi?

Here are the best VPNs we recommend using on public wifi: 

  • NordVPN – best overall: NordVPN offers best-in-class security with double VPN encryption and private DNS protection. With advanced security features, a vast array of servers worldwide and high performance, it’s an excellent option for privacy-oriented users.
  • Surfshark – best value: Surfshark is known for superior speed and robust security features, including AES 256-bit encryption and a no-log policy. With an attractive price point, it offers exceptional value.
  • Proton VPNbest free VPN: Proton VPN’s free version provides unlimited data and is committed to transparency with an audited no-log policy. However, it lacks some premium security features and streaming support. Its simple interface and free unlimited data make it an excellent choice for new users. If the free version doesn’t seem right for you, the provider also has paid-for subscriptions starting at €4.99 (£4.30) per month, which gives you access to a wider range of servers and locations.

Remember, the effectiveness of a VPN can vary based on specific needs and circumstances, so consider your requirements when choosing a VPN.

Frequently asked questions about using a VPN on public wifi

Yes, a VPN does indeed offer protection when using public wifi. Encrypting your internet traffic adds a security barrier that makes it difficult for unauthorised individuals to access your data. Thus, even on unsecured public wifi networks, a VPN can significantly enhance your online safety, making it highly recommended for frequent public wifi users.

Public wifi networks are generally not recommended for sensitive activities such as banking due to their vulnerability to cyberattacks. As these networks are often unsecured, hackers can exploit them to steal personal information, such as passwords and banking details. 

Many people have had their online security compromised while using public wifi. Therefore, if you need to do banking on the go, it’s advisable to use secure methods like a VPN or cellular data instead of public wifi.

Typically, public wifi networks are not encrypted. This is one of the reasons public wifi networks are considered less secure and why using protective measures such as a VPN is highly recommended when accessing these networks.

Round up of today’s best VPN deals
NordVPN 2 year £2.49 /Month
£2.49 /Month
Surfshark 24 month £1.69 /Month
£1.69 /Month
ExpressVPN 12 month £6.80 /Month
£6.80 /Month
CyberGhost 2 year £1.92 /Month
£1.92 /Month
Proton 2 year £3.85 /Month
£3.85 /Month
PIA 2 year £1.69 /Month
£1.69 /Month
Atlas 2 year £1.34 /Month
£1.34 /Month
PrivadoVPN 2 year £1.48 /Month
£1.48 /Month
Windscribe 12 month £4.54 /Month
£4.54 /Month
IPVanish 2 year £2.09 /Month
£2.09 /Month

Mariana Krasteva

Writer/VPN tester

Mariana is an experienced technology writer specialising in web and internet technology. She writes about cyber security, including VPNs; web development; and software engineering. She has been writing since 2006 and held a position of English lecturer at Technical University of Varna in Bulgaria until 2022, working in a variety of educational fields.

For the Independent Advisor, Mariana writes about the usefulness of VPNs and how people can protect themselves and their data online, as well as contributing heavily to the testing process. 

Nick Jones

Editor in Chief

Nick Jones is a highly experienced consumer journalist and editor, who has been writing and producing content for print and online media for over 25 years.

He has worked at some of the UK’s leading publishers including Future Publishing, Highbury Entertainment, and Imagine Publishing, with publications as diverse as Homebuilding & Renovating, TechRadar, and Creative Bloq, writing and editing content for audiences whose interests include history, computing, gaming, films, and science. He’s also produced a number of podcasts in the technology, science, gaming, and true crime genres.

Nick has also enjoyed a highly successful career in content marketing, working in a variety of topics such as health, technology, and finance, with market-leading global companies including Cisco, Pfizer, Santander, and Virgin Media.

Now the Editor-in-Chief of the Independent Advisor, Nick is involved in all aspects of the site’s content, where his expertise in finance, technology, and home products informs every article that’s published on-site. He takes a hands-on approach with our VPN content, penning a number of the articles himself, and verifying that everything we publish in this topic is accurate.

Whatever the area of interest he’s worked in, Nick has always been a consumer champion, helping people find the best deals and give them the information they need to make an informed buying decision.