Return to protonvpn.com Facebook   Twitter   Reddit   Instagram   Mastodon   ProtonMail

Is public WiFi safe to use?

Posted on October 4th, 2018 by in Privacy & Security, Security.

 

We have all done it: connected to a free public WiFi network we did not know to check emails, read the news, or scroll Instagram. What we often do not think about is that the same convenience that makes public WiFi so easy to use is also what makes it so attractive to hackers. Since most public WiFi services lack a strong password, they are vulnerable to a number of techniques that hackers can use to observe your online activity, collect your personal and financial data, or even break into your device.

Risks of using Public WiFi

Here are some fairly simple exploits that a hacker could use to access your device while you are connected to public WiFi:

1. Man-in-the-middle

In a MITM attack, the hacker intercepts the network traffic being transmitted between your device and the WiFi router, allowing them to monitor your online activity and even alter your interaction with websites. One method is called “ARP spoofing” in which the hacker associates their media access control address with the IP address of your device causing any traffic meant for your IP address to be shared with the hacker. This can all be done without the end user – you – realizing anything is amiss. Meanwhile, the hacker behind the MITM attack could potentially read every email you open and watch every password you enter. They can even redirect you to spoof websites, which look like the legitimate website you wanted but are actually under the control of the hacker, allowing them to steal any information you enter

2. Malicious hotspots

Often when you are in an airport or in a mall looking for free WiFi you will see several WiFi networks with very similar names, like “Airport_WiFi,” “Airport_Public_WiFI,” and “Airport_WiFi_Free.” In these cases, it is very likely that a hacker has created their own hotspot and is trying to pass it off as the legitimate public WiFi. If you connect to a hotspot controlled by a hacker, all your network traffic is visible to them unless you are using a VPN.

3. Malware

If you have enabled file-sharing or Bluetooth or if you are connected to an unsecured WiFi network, hackers can connect to your device and send it malware. This is what the hacking group known as “Darkhotel” did, targeting business travelers that stayed at luxury hotels. Malware encompasses a lot of nasty software and programs that are designed to steal your bandwidth, shut down your device, or even give complete control of it to a hacker. What’s worse, most malware works in the background of your device’s operating system, making it hard to detect and eliminate without the proper software.

4. WiFi sniffing

There are numerous programs available that allow you to monitor a hotspot’s network traffic. If the WiFi network is not secured, either due to a reliance on insecure protocols or because there is no password or both, these types of programs allow hackers to capture data packets and analyze them. With this information, they can easily monitor your online activity, steal your passwords, and see any personal or financial information you access while you are online.

5 ways to stay safe on public WiFi

While public WiFi will never be 100 percent secure, there are some simple steps that you can take to reduce your vulnerability.

1. Use a trustworthy VPN

A VPN is the best protection you can have when connecting to a public WiFi network. A VPN will encrypt your network traffic, meaning that even if someone is intercepting your data, they still cannot see it without decrypting it. This makes it impossible for them to monitor your online activity in real time. A VPN combined with HTTPS makes it very difficult for a hacker to perform a MITM attack.

2. Use HTTPS to ensure you are visiting the right site

If you visit sites using HTTPS (or if you use the EFF browser extension HTTPS Everywhere) you are encrypting part of your network traffic and making it more difficult for someone running a MITM attack to send you to a spoofed website they control.

3. Disable automatic connections, Bluetooth, and file sharing

You should always be aware of what network your device is connected to. The easiest way to do this is to disable automatic connections. That way you will need to select what WiFi network you connect to. It may add an extra step, but it prevents your device from being connected to a WiFi network and exposed to risks without you knowing. The same logic applies to Bluetooth and AirDrop and other file sharing services. Only activate Bluetooth, AirDrop or other file sharing services for a specific function and then turn it off once you are finished.

4. Know who runs your hotspot – and ask for the password

Before logging on, you should always find an employee of the hotel/café/airport you are in and ask them if they have free WiFi and what the name of their network is. This will help you avoid connecting to malicious and fake hotspots. Even if you verify the WiFi network is genuine and it is password-protected, we still advise you to avoid using it without first protecting your connection with a VPN.

5. Avoid sensitive accounts

If you use public WiFi without a VPN, the best way to ensure your personal data is not compromised is to not check accounts that could expose that information. Even if someone has successfully begun monitoring your online activity, if you do not check your bank accounts, open your emails, or read private messages while you are on public WiFi, then then they cannot access them either. If you are going to check any type of sensitive account on an unsecured network, always use a VPN.

ProtonVPN is brought to you by ProtonMail, the world’s largest encrypted email provider. It is a free VPN service that provides IP addresses in 43 countries and counting.

There will always be a security risk if you use public WiFi, but that does not mean you should never use it. The basic precautions listed above will help you keep your personal data safe from the majority of attacks against public WiFi hotspots.

Best Regards,
The ProtonVPN Team

You can follow us on social media to stay up to date on the latest ProtonVPN releases:

Twitter Facebook | Reddit

To get a free ProtonMail encrypted email account, visit: protonmail.com 

Prior to joining Proton, Richie spent several years working on tech solutions in the developing world. He joined the Proton team to advance the rights of online privacy and freedom.

Post Comment

27 comments

  1. Anthony Hilliard

    Am I suppose to buy proton for each of my devices? I have up graded to the 3rd package and it still shows that I am on the free package. How can I move to a different countries Ip?

  2. Douglas Crawford

    Hi Anthony. If you buy a Plus plan you can use ProtonVPN on up to 5 devices at the same time using the same account. With a Visionary plan this number goes up to 10. To change countries, simply select a different country (or individual server) from the list in our apps. If you have upgraded to Plus or Visionary plan, but your app is still saying you are on the free plan, please contact our Support Team for assistance.

  3. flyingChico

    I have had issues where I can not navigate on any browser My wifi does connect to a network, but it suddenly stopped navigating any browser. My emails however are still comming in. I thought my wifi antena or computer were broken, took it to the shop, and as soon as they erased proton VPN, the browsers started navigating again. Why does this happen. this happened both with the VPN on and off. Must clarify that this happened with the free version of VPN.

  4. Douglas Crawford

    Hi flyingChico. This should not be happening. Please contact our Support Team for assistance.

  5. Emma W

    I downloaded Proton VPN on my mac and it has been awful. I have like 50 windows telling me my wifi is insecure, but they will not close. I cannot quit the app, I cannot delete the app because it will not close. It is taking up my entire desktop and doing nothing. How the hell do I get it off my computer???

  6. Ben Wolford

    Hi Emma, this shouldn’t be happening. Please reach out to our support team: https://protonvpn.com/support-form Thank you!

  7. Maxwell

    Hello!

    I am very new to all of this vpn and encryption stuff. Sorry if this is a dumb question, but… if I use ProtonMail / ProtonVPN, through my employer’s WiFi, will my employer be able to read my personal messages? Thanks!

  8. Ben Wolford

    Hi Maxwell, good question. If you are using your personal ProtonMail account, your employer will not be able to monitor your messages.

  9. James Cooper

    PtotonVPN has proven reliable with over 90% of traffic routing I make between work and outside servers, is there an additional layer of encryption you would recommend for local level FIPS140-2 or higher that would encrypt email not sent via ProtonMail accounts?

    It would also be helpful if file attachments met FIPS140-2 or higher locally before being sent over open connection routers or public hotspots.

  10. Dietmar

    Hi,
    I have downloaded ProtonVPN Free for Windows. I did that hoping that I can safely use a public Hotspot.
    So I connected to your Server FR#31 using the hotspot to connect to your server. I now see an IP number but how do I know, that ProtonVPN is working and that I’m “invisible” for all other participants of the hotspot?
    Thank you for a quick reply.
    best regards, Dietmar

  11. Ben Wolford

    Hi Dietmar, you can see what IP address is visible to others by visiting https://ip.me/. Thanks for using ProtonVPN!

  12. jack

    can i use my own personal hotspot

  13. Ben Wolford

    Yep!

  14. Quintus

    Very informative article. I have been recommending Proton to all of my friends.
    I understand how encryption protects data between the user and the VPN service provider’s servers, but what about vulnerabilities between the VPN server and the destination server? Am I misunderstanding the idea?

  15. Ben Wolford

    Good question! You are correct that your traffic will make the jump from our server to the destination server without VPN encryption. However, the connection will most likely be protected with TLS encryption (this is why it’s always important never to send sensitive information to websites that do not use HTTPS), and the IP address that the destination sees will be that of our server.

  16. Nathan

    Hi, I’d like to Thank you and your company for the wonderful job that you are doing
    and also I would like to know more about your safe VPN service prices

  17. skylar

    why won’t my computers mobile hotspot work when I’m connected to protonvpn?
    windows 10
    toshiba

  18. Chewhard

    Hi. Using Panera wifi. We have the upgraded account and use “SECURE CORE” But when we activate either the SECURE CORE or REGULAR PROTON VPN, our connection is blocked. So it seems that Panera wifi does not allow anyone to use a VPN Is there anyway around this? thank you

  19. GB

    Suggestion – prompts for PC, ok Mac users as well to open their sharing/Bluetooth setting to disable.

  20. Tony

    Is it safe to use 4g with vpn

  21. Richie Koch

    Hi Tony, good question. It certainly is safe to use ProtonVPN if you are using a cell data (4G). This will prevent your mobile service provider from monitoring your online activity.

  22. A

    Hello,
    Most (all?) of your apps have a kill switch function that blocks all connections when the VPN is not connected. This creates a problem when connecting to public WiFi’s that require a login or acknowledgement of terms. Those pages don’t open since your app blocks all connections. So you are having to disable or close the ProtonVPN app to access the WiFi’s login page. Then, until the app is restarted, there is a window of time when the connections don’t go through VPN. Smart phone apps are very aggressive and as soon as they see a connection within this window, they communicate, and you are exposed without VPN. Same if you have a browser window open, it will try to connect.
    Can you make your kill switch function a bit smarter and let the connection with the router that serves the login pages go through, and block everything else?
    Thanks in advance.

  23. F

    Thanks fur the article. I do not run Protonvpn 24/7, as I typically am on known secure WiFi most of the time. Protonvpn app won’t connect to a Pvpn server without having a data connection in the first place. So in connecting to a public WiFi, do I connect first and then establish the VPN via the app? (I also don’t run mobile data 24/7, just when needed.)

  24. ProtonVPN Admin

    Yes, in order to use a VPN you need to be connected to WiFi or mobile data. Please note that a VPN is the best protection you can have when connecting to a public WiFi network: https://protonvpn.com/blog/public-wifi-safety/. If you are having trouble connecting to our servers while on mobile data, please contact us at https://protonvpn.com/support-form and we will assist you accordingly.

  25. T

    Helpful and useful information. Would love to see information and commentary for internet users in China in particular foreigners who travel there for work. There is a general understanding of the “Great Firewall” but not exactly how we can protect our privacy and Data while working there and using hotel/public WiFi in China. Would be extremely informative .

  26. Will

    Great Articles always! Thank You.
    Is there any indication of when the ProtonVPN iOS app may be ready?
    Another update of OpenVPN now with disconnects in abundance regardless of server, part time seamless tunnel, and craftily worded data collection/gathering clause.
    An update about the coming app would be a wonderful blog topic.

  27. Richie

    Hey WIll! The iOS is definitely coming out sooner than you think, however we cannot reveal the exact release date just yet. Follow us on social media to get all the exciting news first!

    After updating the OpenVPN app, we would recommend deleting old VPN profiles and upload them once again. Also please check your OpenVPN credentials, since you might need to enter them again while creating profiles (you can check your OpenVPN credentials under the ACCOUNT tab while logged in to http://protonvpn.com ). These tips should solve any connection problems.

Leave a Reply

Your email address will not be published. Required fields are marked *

Secure your internet

Get ProtonVPN

For customer support inquiries, please submit the following form for the fastest response:
Support Form

For all other inquiries:
contact@protonvpn.com


-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: OpenPGP.js v4.10.10
Comment: https://openpgpjs.org

xsBNBFiYeeIBCACpwuYcTsACyjQaqY3tOUonokamGZf3VDuLvcA9nQnu4vlB
n1RFFUJa5Pmf2yZ9EjJFSldTl5lreE3tFf53CcZ9wKa1R6aMnN/0VqURJho0
ZTqevQlCvuJ9kKHkDck3Em0/1WWnhDJgabp+fOa5HAHoAvcNy5gVPuexTT/N
wp6QcfB7w+qFhf73s0bcSn5RC+FAYlQxZVFhFtA7/7LthBVatDJrYLYP9XJd
zOZqz9AX0XZwKal25RcVeGHkNKgloo0bTgro4D88MR7saqXFHTRhy3+Wss7c
uqrh0uIkVmqtadoK/rAbqOyFXQ2DlvSMVrEMLUvwlZbC0taqcKDfNA+FABEB
AAHNLWNvbnRhY3RAcHJvdG9udnBuLmNvbSA8Y29udGFjdEBwcm90b252cG4u
Y29tPsLAfwQQAQgAKQUCWJh54wYLCQcIAwIJEN4dfnhhw11TBBUIAgoDFgIB
AhkBAhsDAh4BAAoJEN4dfnhhw11T6PwIAKgIHTUaEcCFQ5WfmwGpdhRgFe7H
gnHR8UOFPrRKnbCOQgTVPGwCFt8UVFhEgbmtroThU89DpxFSYUOD6nZ2k1X3
X4Q9OsItFUUuhPtLJrkz5ghtZLmsAH/edTRbVU1Ew1E8KbylLFI1J5yId7zR
GdnaTXv/E7P3po5X/b08TFAhXSyYYUbMeQuthbJajtpFygr53lm47cOWa4N8
udqLhmpheaQj04DuqYXOGC08JQn+XbHzhFl5Yvlt9Idk8+7c2UJ0qgWKQ5ZV
mquRAw5HDCQM5OqF1MoImDxOH+tK3PUlvFDsLZ1WPEOHK/EN12sPBx0x1R04
fcPTPdbMwgISGM3OwE0EWJh54gEIALqhrLUpvarPc0nkuHpyJC/MsrIDPLuV
qMc49tgjgDBsyIKJFEP9qCnkSOEixaFi+nTljUSpkHGR+PvEGecmcOdW6djN
QGxon/nwBT9d8HbtxJesaEIzwRAxmqQW9MqNq4UsfNQ0VvUYqV9wEbYfdDT/
jZfz9N0hjFELF1sg3UPcCRijhf162bp+rLQdO9vWVUbOdMQvsM/kyUJ6JMXR
xUtyKC05ddxii2SMr4XUW45ostPbxJybOF5oSZpEb1EIlrTLLPAe/498XlBW
hpRAPe+9ZfNs7drMvUEFnnOXahrXAuaaZpyaS/XBaloqSb1+v2AkUep3dbSF
PaRtbXRMS+kAEQEAAcLAaAQYAQgAEwUCWJh54wkQ3h1+eGHDXVMCGwwACgkQ
3h1+eGHDXVMZ4Qf4hu5N8/uYNDqJMFRIWSCpPGxmyIVXGARG4hgR8gwPZY9K
fReAUndX3uODBNIgZU7I3YntawU1DlP6GpP6yyR/8lfUMNCAXPDmd+zTFYIJ
UDHD8sw2GRrFVzFOKUpAapWFOI4XjSMP2UiK4HgrpUjAhe1wSaa7nEjtAuYT
zFx1QSuQD1iYcOF/FAm7EuhBIfWITjYAobGM6gonPbp3IPHM52rUbulllcdV
vCLs+blcyiVCGZlNcmlg3eibAJJL19TQLqT2DbQvQ/SyVBJGjoT+y4TTRtmZ
cebEjt2KJcc4x2lzPq3z2KJNyJTOTMB+aYD9Ma9IObDds+M/+5XDWi7f
=ueTT
-----END PGP PUBLIC KEY BLOCK-----

You can also Tweet to us:
@ProtonVPN