Public WiFi is everywhere nowadays, but are you letting the convenience of free WiFi cloud your security consciousness? Whether you’re doing important work on your laptop or just minding your own business on your smartphone, connecting to public networks can be extremely dangerous, even governmental institutions such as hospitals are vulnerable to hackers and data leaks. Here are three reasons why.

1) Public WiFi tends to have a weak password at best

WiFi passwords are notoriously easy to crack using dictionary attacks, which have gotten even easier with advancements in technology. Anyone willing to invest some time could easily get access to what passes for security on public WiFi spots. Depending on the spot, it’s often the open season for hackers and other malicious actors who’d love nothing more than to steal credit card information, personal correspondence… worse. Imagine having someone read all of your emails before you send them, or track all of the websites you visit after connecting to public WiFi.

2) Public WiFi networks often transmit data in cleartext

By default, most public WiFi sends information over the network without any encryption at all. This is very bad because sniffing tools are able to record everything that passes between computers on a local network segment – including login credentials that could be used for both work and financial accounts. With no end-to-end encryption, hackers can intercept passwords sent over plain old HTTP connections with relative ease. Man-in-the-middle attacks leave wireless users completely exposed and vulnerable to having their personal information hijacked and private correspondence stolen.

3) It’s not just people who want to steal your data

Working in IT, I’ve had the opportunity to observe all kinds of network shenanigans. Public WiFi is one of my pet peeves because it’s completely avoidable – almost all smartphones have built-in features that allow you to switch from automatically connecting to any open network to manually selecting your preferred connection. It may take an extra step but it’s worth it if you value privacy and security.

But public WiFi isn’t just dangerous for people who are actively using their devices; wireless routers are also prime targets for malicious actors! One example of this is KRACK, a vulnerability discovered last year by Mathy Vanhoef that leaves nearly every 802.11 devices vulnerable at some level. Attackers can use this exploit to perform man-in-the-middle attacks and decrypt packets, posing a threat to any devices that connect to public WiFi.

So what’s the answer? If you absolutely need to use public WiFi – maybe your cellular service is non-existent or you’re somewhere without LTE coverage.

Here are some tips for staying safe until you can get back to your trusted network:

  • Use a VPN when connecting via public networks; this encrypts all of your traffic in one go, making it much harder for hackers or malicious actors to access. This applies both when using web services like banking sites and when sending emails with personal information. It can be used on desktop OS Windows and Mac (, laptops, smartphones, tablets… anywhere. 
  • Keep important files and apps on your smartphone or laptop up to date; this helps prevent exploits that could let hackers take advantage of vulnerabilities in outdated software. 
  • Don’t use public WiFi for important tasks like sending personal correspondence, banking information, or anything else that can be exploited. If you absolutely must access something private over a network not under your control, always connect via VPN first then send sensitive data as an additional layer of safety.

If you’re keeping data secure on the go, check out our post about mobile device management! Or if you want to see the difference between public and personal networks yourself, try using this little tool I put together recently. It’s an easy way to test how many websites fail to adequately protect user privacy when transmitting over wireless networks.