How to keep your data safe when using public wi-fi – 8 quick tips

Public wi-fi hotspots are undeniably convenient when your mobile network lets you down, but it's important to exercise caution and run some checks before you get connected.

For one, you'll need to be wary of nosy onlookers peering at your screen if you're in a bustling café. But aside from subtly shielding your display, there are plenty of other ways to keep your information private.

Here, we've rounded up security tips for smartphone and laptop users who regularly rely on public wi-fi. Precise steps on Android devices will vary depending on which brand of phone you're using. If you're unsure, check your manufacturer's website.

News, deals and stuff the manuals don't tell you. Sign up for our Tech newsletter, it's free monthly

Stay secure when using public wi-fi

1. Verify the network you're connecting to

At a glance: Not all public wi-fi hotspots are equal – some are safe, while others might be designed to trick you into connecting and handing over information without realising.

In theory, a seemingly safe wi-fi hotspot could be used by a hacker to track what you're doing on your smartphone or laptop. They might label the network in a way that makes you think it's innocent – 'Coffee_wifi_official', for example.

With this in mind, you should consider the legitimacy of any public wi-fi network before you connect. If you're using a hotspot provided by a restaurant or hotel, check in with a staff member (or permanent signage) to confirm the hotspot details.

Typically, an unsecured (and potentially dangerous) network will give you internet access without you having to enter a password. Meanwhile, secured alternatives will often ask you to register an account and agree to terms and conditions. Several UK mobile networks, for example, provide free wi-fi across the UK.

If you have a spare couple of minutes, you might want to create a brand new email address that becomes your go-to when signing up to public wi-fi hotspots. That way, spam messages will be sent to that address instead of your main one.

Protect yourself and your tech from the heat: 7 top tips to help you work from home in summer

2. Check for HTTPS

At a glance: Websites that use HTTPS provide improved security compared to those that don't.

Try and get into the habit of only accessing websites that use HTTPS (Hypertext Transfer Protocol Secure). This means data transmitted from your device to the website is encrypted, adding an extra layer of security. Websites designed to steal your data will often (but not always) use HTTP instead of HTTPS.

To confirm if a website is using HTTPS, check the front of the URL in your browser – it will appear before the 'www.'

• On Chrome – Select the View site information icon, to the left of the site's website address. Look for the padlock icon and the Connection is secure confirmation message. You can also double-click the URL on desktop to reveal the HTTP or HTTPS tag.
• On Safari – Look for a padlock icon in your URL bar at the top of the screen.
• On Edge – A padlock icon will appear in the top-left corner of your browser window next to the refresh page button. Clicking it provides more details on the security of the website and its permissions.

Crucially, HTTPS doesn't guarantee that a website is 100% secure. It is, however, a good indication of trustworthiness.

3. Keep your software updated

At a glance: Keeping your gadgets updated will protect them against weaknesses that hackers can take advantage of.

Before you connect to a public wi-fi hotspot, ensure your device is running the latest security software.

The process of checking which software build you're running only takes a couple of seconds. If you find that you need to download a chunky update, you might prefer to do that at home over your own wi-fi so you don't eat through your mobile data allowance.

• On iPhone – Select Settings > General > About to see your iOS version. You can also choose Software update to check for updates.
• On Android – Open Settings and look for About phone or similar. From the main Settings screen, you can also find an Update option. On a Google Pixel, for example, the steps would be Settings > System > Software updates.
• On Windows 10 – Click Start > Settings > Update & Security. Choose Windows Update and Check for updates.
• On Mac – Open the Apple menu and select System Preferences > Software Update.

If you're debating a phone upgrade, make sure you pick a model that's backed by regular security updates. Our guide to mobile phone security includes a free phone support calculator.

4. Disable the auto-connect feature

At a glance: Stop your device from automatically connecting to potentially unsafe networks without your knowledge.

By default, some devices will automatically connect to a network you've used previously – but that's bad news if the network was found to be unsafe. Check your current settings by following these steps:

• On iPhone – Go to Settings > wi-fi and select the I icon next to the network. Disable Auto-Join. From the wi-fi screen, you can also select Ask to Join Networks > Ask. If no known networks are available, you will be asked before joining a new one.
• On Android – Head to Settings > Network and Internet > Internet. Select the Cog icon next to the wi-fi network, then toggle Auto-connect.
• On Windows 10 – Visit Settings > Network & Internet > wi-fi > Manage known networks. Choose a network, select Properties and toggle Connect automatically when in range.
• On Mac – Open the Apple menu and choose System Preferences > Network Preferences. Click Network > wi-fi > Advanced > Manage known networks. Select a network and then toggle Automatically join this network.

Of course, you can go a step beyond disabling auto-connect and instead delete a wi-fi network from your device entirely – we've got the details below.

Get Which? Tech Support for £49 a year or £4.99 a month

Contact our experts for unlimited 1-to-1 support by phone, email or remote fix.

Find out more

5. Delete (or 'forget') networks

At a glance: Avoid unintentionally connecting to a problematic wi-fi hotspot by removing it from your device's network list.

You can delete the details of potentially dangerous or unsecured wi-fi hotspots from your device in just a couple of taps or clicks. Simply follow these steps:

• On iPhone – Go to Settings > wi-fi and select the I icon next to the network. Choose Forget this network.
• On Android – Head to Settings > Network and Internet > Internet. Select the Cog icon next to the wi-fi network, then choose Forget.
• On Windows 10 – Visit Settings > Network & Internet > wi-fi > Manage known networks. Click a network and select Forget.
• On Mac – Open the Apple menu and choose System Preferences > Network Preferences. Click Network > wi-fi > Advanced > Manage known networks. Select a network and then click the Minus icon.

6. Enable two-factor authentication (2FA)

At a glance: This makes your online accounts more secure by requiring a second form of verification – a pain for hackers who might have gathered details from an unsecured wi-fi hotspot or a wider data leak.

Take a moment to activate 2FA for your online accounts. Doing so means that, when you attempt to access an account from a new device, the associated website or app will send a code to your smartphone. You then have to enter the code before you can continue using the service.

To enable it, open the app you're looking to secure (Gmail or Outlook, for example) and search through the account security settings. Typically, you’ll be asked to enter your mobile number, and then the service will send you a code.

See also: 11 things every smartphone owner should do to keep their data safe.

7. Install antivirus software on your devices

At a glance: Level up your defences against unsecured wi-fi networks.

With one of our recommended antivirus software packages on your side, you're protected against phishing scams designed to steal your data.

When going hands-on with antivirus for PC and Mac, we use around 10,000 samples of unique malware to test each antivirus package. Our experts also check antivirus programs to ensure they don’t let you pass on infected files to other people, even if the files haven’t been opened by you first.

If you're regularly connecting to public wi-fi through your smartphone, consider an antivirus app – there are free and paid-for options. One of the best we've seen flags phishing sites and handles malware before it causes damage. Plus, it can battle against downloaded and installed threats, including those found on connected external devices.

Upgrade your device security by consulting our guide: Best antivirus 2024: Which? Best Buys and expert buying advice.

8. Try a VPN

At a glance: VPNs are used to keep some parts of your online activity private. Simply put, they make it harder for hackers to intercept and read your data. They are not for everyone, though.

If you want to encrypt your connection when using a public hotspot, a VPN (virtual private network) is a handy tool.

In principle, everything you do while connected to the internet can’t be seen by anyone aside from the VPN company. Those companies claim to have systems in place that make it impossible to trace who is doing what through their VPNs.

Remember that a VPN can't stop your device from getting infected by malware – effective antivirus software will take care of that.

As part of our VPN software reviews, we check to ensure the software keeps the data travelling between your computer and its own servers anonymous.

Alternatively, use your phone's hotspot

In some cases, you might find it easier to rely on your mobile network to give you internet access on the move.

But if you decide to create a mobile hotspot on your phone and connect from your laptop, be wary of your data allowance – you don't want a shockingly high bill on your doorstep at the end of the month. Check your mobile network's app or website to see how much data you have remaining.

To create a wi-fi hotspot on your phone that you can use from a second device, do this:

• On iPhone – Head to Settings > Personal hotspot. Select Allow others to join and fill in the wi-fi password field.
• On Android – Open Settings > Network and Internet > Hotspot and tethering. Tap wi-fi hotspot, enter a hotspot password and then select Use wi-fi hotspot.

When creating a hotspot, note that you can change the default name if you don't want it to include any identifying details. You also need to pick a security tier that includes a password so only you can gain access. Monitor your battery drain, too.

Make sure your personal hotspot is safe with our advice on how to create secure passwords.

Join Which? Tech Support

Get Which? Tech Support for £49 a year or £4.99 a month

Contact our experts for unlimited 1-to-1 support by phone, email or remote fix.

Find out more

Which? Tech Support can help you keep on top of your home tech. Our experts explain things clearly so that you can resolve issues and feel more confident using your devices.

Get unlimited 1-2-1 expert support:

• By phone – clear guidance in choosing, setting up, using and resolving issues with your home tech devices.
• By email – outline the issue and we’ll email you our answer.
• By remote fix – we connect securely from our office to your home computer and resolve issues while you watch.
• In print – Which? Tech magazine, six issues a year delivered to your door.

You can join Which? Tech Support. Know someone who will benefit from a Tech Support subscription? Give the gift of a year's worth of expert advice.