On this page

Open networks at cafés, airports, and hotels are shared with strangers and run by someone you've never met. That's the core problem: you're trusting an unknown operator and everyone else connected.

On networks you don't control, a VPN encrypts what you send

The honest version of the risk

Most major websites now use HTTPS, which already encrypts a lot. But not everything is protected, network operators can still see which sites you connect to, and malicious actors can set up lookalike hotspots to capture traffic. A VPN closes these gaps by encrypting your connection end-to-end and hiding your browsing from the network itself.

What a VPN fixes here

  • The network can no longer see which sites you visit.
  • Data you send is encrypted, even on services that don't enforce it well.
  • A fake or compromised hotspot can't easily read your traffic.

What it doesn't fix

A VPN won't save you from typing your password into a phishing site or clicking a malware link — that's a separate problem solved by good habits and a password manager. For the full list of things VPNs can't do, see VPN myths debunked.

Key takeaway

On Wi-Fi you don't control, a VPN is genuinely worth having. Turn on auto-connect so it protects you the moment you join an untrusted network.

Frequently asked questions

Isn't HTTPS enough on public Wi-Fi?
HTTPS helps a lot but doesn't cover everything, and the network can still see which sites you reach. A VPN closes those gaps.
Should the VPN stay on the whole time I'm out?
Yes — enable auto-connect so it switches on automatically on untrusted networks.
Do I need a VPN on my home Wi-Fi too?
It's less critical at home, but many people leave it on for privacy from their internet provider.