Public Wi-Fi: What Is Actually Safe and What Is Not

The threat landscape for public Wi-Fi has changed significantly. HTTPS now encrypts the vast majority of web traffic, meaning someone monitoring a café network can see that you connected to your bank — but not what you did there. That said, public Wi-Fi still carries meaningful risks worth understanding.

Risks That Remain Real

• Evil twin networks — Attackers create a network called “Starbucks Free WiFi” and capture all traffic from unsuspecting users who connect to it.
• Unencrypted apps — Some mobile apps, particularly older ones, still transmit data without HTTPS. A network monitor can capture that traffic in plaintext.
• Shoulder surfing — The person behind you in a coffee shop can read your screen. This is often more of a risk than network attacks.

Practical Rules

• Check the exact network name with staff before connecting.
• Use your mobile hotspot for anything sensitive — banking, work VPN, medical portals.
• Consider a reputable VPN if you regularly work from public locations.
• Keep your device’s sharing features turned off when on public networks.

The Bottom Line

Browsing news, streaming, or checking weather on public Wi-Fi is generally fine. Logging into financial accounts or accessing work systems without a VPN carries meaningful risk. The physical threat — who can see your screen — often outweighs the digital one.