If you use public Wi-Fi, here's the one setting that protects you on it.
24 Jun 2026 · 3 min read · Comments
This article contains affiliate links. If you buy through them, we may earn a commission — at no extra cost to you.
Coffee shop, airport, hotel, library — any open Wi-Fi network has the same property: anyone else on it can potentially see what you're sending. The setting that changes this takes about thirty seconds to turn on.
Open Wi-Fi networks — the ones without a password, or with a shared password posted on a sign — are unencrypted at the network level. That means traffic passing over them can be read by anyone else on the same network who knows how to look. This includes login credentials sent over older, unencrypted connections, and metadata about where you're going even on encrypted ones.
This isn't a theoretical attack that requires sophisticated tools. Network monitoring on open Wi-Fi is well-documented and accessible. It's the reason security professionals recommend treating public Wi-Fi with the same caution you'd apply to any shared, untrusted environment.
What can actually be intercepted
- HTTP traffic (sites without HTTPS): fully readable. Username, password, page content — all in plain text. Less common than it used to be, but still present.
- DNS queries: even on HTTPS sites, the domain name of where you're going is often visible unless DNS-over-HTTPS is enabled.
- Metadata: which sites you connect to, how long, how much data — useful for building a picture of your activity even without reading the content.
- Session cookies on poorly configured sites: occasionally interceptable, potentially allowing account hijacking without a password.
The setting: turn on a VPN before connecting
A VPN creates an encrypted tunnel between your device and a VPN server. Traffic passing over the open Wi-Fi network is encrypted before it leaves your device — meaning other users on the network see only scrambled data going to the VPN server, not your actual activity.
NordVPN has an auto-connect feature: set it to activate whenever you join an unsecured network, and it handles itself. You connect to the coffee shop Wi-Fi, NordVPN turns on automatically, and you continue without thinking about it.
- Works on every device — phone, laptop, tablet
- Auto-connect on open Wi-Fi: set once, runs in the background
- Doesn't noticeably slow your connection on modern VPN protocols
- 30-day money-back guarantee, enough time to try it across a few public networks
If you regularly work from coffee shops, travel for work, or use hotel Wi-Fi, this is the single most practical security upgrade available. One setting, automatic after setup, covers the main risk of every public network you'll use.
Frequently asked questions
Does a VPN make me anonymous online?+
No. A VPN encrypts your connection and hides your traffic from your ISP and other network observers, but websites can still identify you through cookies, browser fingerprinting, and account logins. A VPN protects your network layer — not your identity layer.
Are free VPNs safe to use?+
Many free VPNs fund themselves by logging and selling your browsing data to advertisers — the opposite of their stated purpose. Research from Privacy International has found multiple free VPN apps sharing user data with third parties.
When does a VPN actually help?+
A VPN meaningfully helps when using public Wi-Fi (coffee shops, airports, hotels), when your ISP sells browsing data, and when accessing region-locked content. It adds less value when you're on a trusted home or work network.
