Go to top of page

Using public wireless (or Wi-Fi) networks

Public Wi-Fi 'hotspots' in places like cafés, airports, hotels and libraries are convenient but, unlike your home computer, can be risky.

It's easy for the data traffic between Wi-Fi enabled devices and public Wi-Fi access points to be intercepted, so you need to be careful about what information you send or receive while connected and how.

Use this guidance to learn how to use public Wi-Fi networks safely.

Top tip: Avoid sending or receiving valuable or sensitive information when connected to public Wi-Fi networks.

Use a secure connection

Wherever you can, avoid using hotspots that are run by people or organisations you don’t know or trust. Criminals have been known to set up Wi-Fi hotspots in order to steal users' banking credentials, account passwords, and other valuable information.

  • Turn off network discovery options like “Remember networks this device has joined.”
  • On a laptop, make sure you're not sharing folders or devices with others on the Wi-Fi network. This should be managed automatically for you by your device’s operating system when you connect to a public Wi-Fi network.
  • Install a reputable virtual private network (VPN) solution on your device. When enabled and configured correctly, a VPN is a service that uses encryption to keep your information secure when using public Wi-Fi, as well as providing a level of anonymity. That said, a VPN doesn’t secure your devices or online accounts, so it’s important that you still keep them up to date with the latest security software updates, and always use strong passwords. Also consider the following when selecting a VPN service provider:
    • Look at independent reviews online. You’ll often find honest reviews from other users, so research the app on reputable blogs, websites or trusted sources that are not the app’s own website. You can also find out more about the app’s description, its content rating and the developer, and whether an app only encrypts some of your data, not all of it. Check out our partners page for a range of independent VPN compare-and-review websites.
    • Where the company is based. Make sure you select a VPN provider that is based in a country with strong privacy laws. This reduces the possibility that data collected by your VPN will be shared with others.
    • VPN apps may provide your personal information to third parties. Many VPN apps are funded by advertising (which appears within the app) giving consumers the option to download the apps for free. In exchange, VPN apps may share your information with third parties. If you use a VPN app to keep your internet activity private, make sure you review its terms and conditions and privacy policy, to see if it shares information with third parties.
    • Consider the app permissions. Apps will ask for access to certain information on your device to help improve how it operates for you. For example, the app may request permission to read your text messages or access your photos. These permissions will be outlined and explained on the app store or during installation. Generally, a VPN application should not require access to your personal data.

If you can't connect securely, avoid:

  • online banking or shopping
  • sending confidential emails
  • entering passwords or credit card details unless you're using a secure website.

If you must make a sensitive transaction, only use secure websites that have:

  • https:// instead of http:// at the start of the address;
  • a locked padlock or key in the browser website address bar.

But remember, no public Wi-Fi is 100% secure, so consider using your own mobile data for any sensitive transactions.

Take extra precautions to secure your devices

When accessing the internet at a public Wi-Fi location, you should take extra precautions:

  • Ensure your phone, tablet or laptop has a reputable anti-virus installed.
  • Keep software patched and up-to-date with the latest release version, to ensure that any identified security holes have been closed.
  • Set-up two-factor or multi-factor authentication wherever possible. Online systems such as banks, Google Mail and Facebook offer this option for transactions or when logging into accounts. This way, a malicious hacker can’t log in without also having access to your phone or SMS inbox, even if they know your username and its associated password.

Find more information about securing mobiles and tablets.