Security guide

Is public Wi-Fi safe?

The scare stories are dated, but the risk isn’t zero. Here’s the honest picture in 2026 — what’s actually dangerous about café and airport Wi-Fi, what modern encryption already protects, and where a VPN genuinely earns its place.

A person using a laptop in a busy café
Café and airport Wi-Fi is usually fine for casual use — but it’s still a network you don’t control.
Key takeaways
  • Public Wi-Fi is riskier than your home network, but modern HTTPS has made casual snooping much harder.
  • The real dangers today are rogue “evil-twin” hotspots, unencrypted apps, and what your connection leaks (the sites you visit).
  • Simple habits — verify the network, avoid sensitive logins, keep software updated — cut most of the risk.
  • A VPN adds a strong layer by encrypting everything, including on a hostile hotspot.
  • A VPN isn’t magic: it doesn’t stop malware or phishing, so it’s one layer, not the whole defence.

The short answer

Public Wi-Fi is riskier than your home network, but far safer than it used to be. A decade ago, sitting on café Wi-Fi could expose passwords in plain text. Today, almost every serious website uses HTTPS encryption, which scrambles the contents of your traffic — so the old “anyone can steal your password” warnings are largely out of date.

That doesn’t make it risk-free. The dangers have simply moved: fake hotspots, apps that don’t encrypt properly, and the fact that a network can often still see which sites you visit even if it can’t read them. The honest verdict: fine for casual browsing, worth being careful with anything sensitive — and a good place for a VPN to do real work.

In one line

Treat public Wi-Fi as a network you don’t control. HTTPS handles a lot; sensible habits and a VPN handle the rest.

The real risks in 2026

Forget the outdated hysteria — here’s what actually matters now:

✕ Rogue “evil-twin” hotspots.
Anyone can set up a hotspot named “Airport_Free_WiFi” or “Café Guest”. Connect to a fake one and its owner sits between you and the internet, able to watch or tamper with unencrypted traffic.
✕ Snooping on open networks.
On a network with no password, other users can potentially observe traffic that isn’t encrypted — older apps, some email setups, and anything not using HTTPS.
✕ What your connection leaks.
Even with HTTPS, the network can often see which sites you’re visiting (via DNS and connection metadata), even if it can’t read the contents.
✕ Malicious captive portals.
The “sign in to Wi-Fi” page can be faked to harvest details or push a dodgy download. Never install anything a Wi-Fi login page asks you to.

What HTTPS already protects (and what it doesn’t)

It’s worth being clear, because it’s the reason we won’t scare you. The padlock in your browser means HTTPS is active, and the contents of your session — passwords, messages, card details — are encrypted between you and the site, even on open Wi-Fi. That’s genuine, strong protection, and it covers most of what people worry about.

What HTTPS doesn’t hide is the metadata: the network can usually still see which websites and services you connect to, via DNS lookups and connection details. It also can’t help with apps that are poorly built, or protect you if you’ve connected to an outright malicious hotspot. That gap is exactly what a VPN closes.

A laptop and phone on a café table
HTTPS hides what you send; a VPN also hides where you’re sending it.

How to stay safe on public Wi-Fi

Most of your protection comes from a few simple habits — VPN or not:

  • Check the exact network name with staff — don’t guess between similar-looking ones.
  • Prefer networks with a password (WPA2/WPA3) over fully open ones.
  • Look for the padlock (HTTPS) before entering anything, and avoid sensitive logins on untrusted Wi-Fi.
  • Turn off auto-connect and file/AirDrop sharing so your device doesn’t join or expose itself automatically.
  • Keep your OS, browser and apps updated — most real-world attacks exploit old software.
  • For anything sensitive, use your mobile data or a personal hotspot instead — or a VPN.

Where a VPN genuinely helps

This is the one case where a VPN’s value is easy to state plainly. On an untrusted network it:

✓ A VPN does
  • +Encrypt all your traffic, not just HTTPS sites
  • +Hide which sites you visit from the network
  • +Protect you even on a rogue or “evil-twin” hotspot
  • +Cover apps and devices that don’t encrypt well on their own
✕ A VPN doesn’t
  • Stop malware or dodgy downloads
  • Protect you from phishing or fake login pages
  • Fix an out-of-date, vulnerable device
  • Replace basic caution and common sense

In short, a VPN is the single best tool for public Wi-Fi specifically — it turns “a network I don’t trust” into an encrypted tunnel — but it’s one layer alongside good habits, not a substitute for them. If you’re still deciding whether it’s worth it, see do I need a VPN.

Café, airport and transport Wi-Fi in Ireland

The same rules apply wherever you connect — cafés, hotels, Dublin Airport, and the Wi-Fi on Irish Rail, Dublin Bus and the Luas. All are fine for casual browsing, and all are networks you don’t control, so treat them the same way: verify the name, keep sensitive tasks for trusted connections or mobile data, and switch on a VPN when you need privacy. It’s also handy for keeping your usual services working while you’re out and about — including an Irish IP when you travel.

Our top VPNs for public Wi-Fi
NordVPN logo
NordVPN
Best all-rounder
9.6
View →
ExpressVPN logo
ExpressVPN
Best for streaming & privacy
9.4
View →
Surfshark logo
Surfshark
Best value
9.3
View →

See the full ranking in our best VPN for public Wi-Fi and best VPN for travel guides.

SB
About the author
Senior VPN Analyst & Editor

Síofra Brennan is a privacy and cybersecurity specialist who has spent nine years testing and reviewing consumer VPNs. She focuses on real-world performance, no-logs policies, and how these tools actually work for people in Ireland.

9+ years in digital privacy & VPN testing60+ VPNs independently reviewedCompTIA Security+ certifiedSpeed-tests on real Irish lines
Reviewed for accuracy by the matched.ie editorial team · General security guidance, not advice.

Frequently asked questions

Is public Wi-Fi safe to use?+

It’s riskier than a trusted home network, but not the danger it once was — modern websites use HTTPS encryption, which protects the contents of most traffic. The remaining risks are rogue “evil-twin” hotspots, apps that don’t encrypt properly, and metadata leaks (which sites you visit). Good habits and a VPN reduce that risk substantially.

Can someone see what I do on public Wi-Fi?+

On an open network, others can potentially intercept any traffic that isn’t encrypted. HTTPS hides the contents of what you do on a site, but the network can often still see which sites you’re visiting. A VPN encrypts everything — contents and destinations — so neither the network nor other users can see it.

Is it safe to do online banking on public Wi-Fi?+

Banking apps and sites use strong encryption, so it’s not automatically dangerous — but on an untrusted network it’s safer to avoid it, use your mobile data, or connect through a VPN first. If in doubt, wait until you’re on a network you trust.

Does a VPN make public Wi-Fi safe?+

A VPN meaningfully improves it: it encrypts all your traffic, so even a hostile hotspot or another user on the network can’t read or see it. But it doesn’t stop malware, phishing or dodgy downloads — those need good habits and up-to-date software. A VPN is one strong layer, not the whole defence.

What is an “evil-twin” hotspot?+

A fake Wi-Fi hotspot set up to impersonate a legitimate one — for example, mimicking a café or airport network. If you connect to it, the person running it can position themselves between you and the internet. Verifying the exact network name and using a VPN both defend against this.

Is café and airport Wi-Fi in Ireland safe?+

The same principles apply as anywhere: it’s generally fine for casual browsing thanks to HTTPS, but treat it as untrusted. Verify the network name, avoid sensitive logins, and use a VPN if you need to do anything private on café, hotel, Dublin Airport or public-transport Wi-Fi.

auto_awesomeFree VPN matcher

Find the right VPN in 60 seconds

Answer five quick questions and we’ll match you to the best VPN for how you actually use it — no sign-up, no spam.

  • bolt
    Five quick questions
    A personalised match in under a minute.
  • verified
    Independently matched
    Based on our testing — never sponsored results.
  • euro
    Free, honest guidance
    The best pick for you, not the priciest one.
Which VPN suits you?
60 seconds

Tell us what matters most and we’ll do the matching:

StreamingPrivacyTorrentingTravelValue
Find your VPN arrow_forward
check_circleFree · No email required · Instant result