Using Public WiFi Safely: A Guide for Laptop Users

Australians love working from cafes, libraries, and airports. Free WiFi makes it possible to stay productive anywhere. But public networks come with real security risks that many people underestimate.

The good news: you don't need to avoid public WiFi entirely. With some awareness and basic precautions, you can work safely from almost anywhere.

Understanding the Risks

Public WiFi networks are convenient but inherently less secure than your home network. Here's why:

Anyone Can Join

When you connect to a public network, you're sharing that network with every other connected device. In a busy cafe, that could be dozens of strangers. Most are harmless, but it only takes one bad actor to cause problems.

Man-in-the-Middle Attacks

On poorly secured networks, attackers can position themselves between your laptop and the internet, intercepting your data. They might see which websites you visit, and on unencrypted connections, potentially capture login credentials.

Fake Networks

Criminals sometimes create fake WiFi networks with legitimate-sounding names like "Free Cafe WiFi" or "Airport Guest." Connect to these, and they control what you see and can capture your data.

Malware Distribution

Compromised networks can be used to distribute malware, either through fake software update prompts or by exploiting vulnerabilities in connected devices.

Essential Precautions

1. Verify the Network Name

Before connecting, confirm the exact network name with staff. Criminals create networks with names like "CoffeeShop_Guest" when the real network is "CoffeeShop-Guest" (spot the difference?).

If there are multiple similar network names and no one can tell you which is legitimate, consider using your mobile data instead.

2. Use HTTPS Everywhere

Websites using HTTPS encrypt the connection between your browser and their server. Even on a compromised network, attackers can't read encrypted traffic.

Check for:

• A padlock icon in your browser's address bar
• The URL starting with "https://" (not just "http://")

Most modern websites use HTTPS by default. Be especially wary of sites that don't—particularly for login pages or anything involving personal information.

3. Avoid Sensitive Activities

Save high-risk activities for secure networks:

• Avoid: Online banking, tax filing, accessing sensitive work systems
• Acceptable: General browsing, reading news, streaming entertainment, social media (with HTTPS)

If you must do something sensitive, use a VPN (more on this below) or switch to mobile data.

4. Disable Auto-Connect

Your laptop remembers networks and may automatically connect to anything with a familiar name. This is convenient but risky—that "Telstra Air" network at a new location might not be legitimate.

Windows: Settings > Network & Internet > WiFi > Manage known networks. Remove networks you don't regularly use and disable "Connect automatically" for public networks.

Mac: System Preferences > Network > WiFi > Advanced. Remove networks from the list or uncheck "Remember networks this computer has joined."

5. Turn Off Sharing

Your laptop may be configured to share files or printers over your home network. On public networks, this opens potential access points for others.

Windows: Go to Settings > Network & Internet > Advanced network settings > Advanced sharing settings. Turn off file and printer sharing for public networks.

Mac: System Preferences > Sharing. Disable any sharing options you don't need.

6. Enable Your Firewall

Firewalls filter incoming network traffic, blocking unauthorised access attempts.

Windows: The built-in Windows Defender Firewall should be enabled by default. Check at Settings > Privacy & Security > Windows Security > Firewall & network protection.

Mac: System Preferences > Security & Privacy > Firewall. Turn it on if it isn't already.

Using a VPN

What is a VPN?

A Virtual Private Network (VPN) creates an encrypted tunnel between your laptop and a VPN server. All your internet traffic travels through this tunnel, preventing anyone on the local network from seeing what you're doing.

Even if someone is monitoring the public WiFi, they'll only see encrypted data going to the VPN server—not what websites you're visiting or what information you're sending.

When to Use a VPN

• When accessing work resources remotely
• When using banking or other sensitive services on public WiFi
• When you want privacy on shared networks
• When traveling and using hotel or airport WiFi

Choosing a VPN

If your employer provides a VPN for work, use that for work activities. For personal use, consider a reputable consumer VPN service.

Look for:

• A no-logs policy (they don't record your browsing)
• Servers in Australia (for better speeds)
• Good reputation and independent security audits
• Reasonable pricing ($5-$15/month)

Reputable options include ProtonVPN (offers a free tier), Mullvad, NordVPN, and ExpressVPN. Avoid "free" VPNs from unknown providers—they often monetise by selling your data, defeating the purpose.

Mobile Hotspot as an Alternative

Your phone can create a personal WiFi network for your laptop using mobile data. This is often more secure than public WiFi because:

• You control who connects
• It's password-protected
• Traffic goes directly through your mobile carrier

To use your phone as a hotspot:

• iPhone: Settings > Personal Hotspot
• Android: Settings > Network & Internet > Hotspot & tethering

This uses your mobile data allowance, so check your plan. But for occasional sensitive tasks when you don't trust the available WiFi, it's a good backup.

Additional Security Measures

Use Two-Factor Authentication

Even if someone captures your password, 2FA prevents them from accessing your accounts without the second factor (usually your phone). Enable it on all important accounts, especially email and banking.

Keep Software Updated

Updates patch security vulnerabilities that attackers exploit. Keep your operating system, browser, and applications current.

Use a Password Manager

Password managers autofill credentials only on legitimate websites. If you end up on a convincing fake site, your password manager won't recognise it and won't offer to fill in your password—a useful warning sign.

Log Out When Finished

On public computers or when leaving a public WiFi location, log out of accounts rather than just closing the browser. This ensures your session actually ends.

What If Something Goes Wrong?

If you suspect your data was compromised on a public network:

1. Disconnect immediately
2. Change passwords for any accounts you accessed, starting with email
3. Enable 2FA if you haven't already
4. Monitor accounts for unusual activity
5. Check login history on important accounts for unknown devices or locations
6. Run a malware scan on your laptop

If you notice fraudulent activity on financial accounts, contact your bank immediately and follow their fraud procedures.

Quick Reference Checklist

Before using public WiFi:

• Verify the network name with staff
• Check that your firewall is enabled
• Disable file sharing
• Consider using a VPN for sensitive activities

While connected:

• Look for HTTPS on all websites
• Avoid banking and sensitive logins if possible
• Be wary of unexpected pop-ups or software update prompts
• Don't access work resources without a VPN

After disconnecting:

• Tell your device to forget the network
• Log out of accounts you accessed

The Bottom Line

Public WiFi isn't inherently dangerous, but it requires more awareness than your home network. For casual browsing, basic precautions are sufficient. For anything involving passwords, financial information, or work data, use additional protection like a VPN or your mobile hotspot.

With these habits, you can enjoy the convenience of working anywhere without unnecessarily risking your security.