Hotel Wi-Fi is not always safe. Actually, hotels are considered some of the riskier places to use Wi-Fi because they often lack basic security features. Additionally, hotel Wi-Fi networks are attractive targets for hackers due to the large number of people who use them.
But that doesn’t mean you shouldn’t use the internet in your lodgings. Before you tap connect, let’s go through a few precautions to protect your security and keep you away from hackers.
Protect yourself on hotel Wi-Fi in 3 simple steps:
- Sign up for ExpressVPN.
- Download the app and log in.
- Choose a server location and press connect.
That’s it! Once you’re connected, our VPN encrypts your traffic and masks your IP address. That way, no one can spy on what you’re doing–including hackers.
Jump to…
Is it safe to use hotel Wi-Fi?
How do hotel Wi-Fi attacks work?
What are the risks of unsecured hotel Wi-Fi?
How to stay secure on hotel Wi-Fi
How a VPN can protect you on hotel Wi-Fi
Is it safe to use hotel Wi-Fi?
Hotels make excellent targets for cybercriminals for a couple of reasons. Not only can nefarious actors find a large concentration of potential targets, but the network security can be rudimentary to nonexistent.
Even the FBI has issued warnings on the dangers of using hotel Wi-Fi, pointing out that hotels favor convenience for guests over security measures, especially since there is no specific hotel industry standard for secure Wi-Fi access.
Here are a few reasons hotel Wi-Fi can be especially risky:
- Easy to join. Hotel Wi-Fi is easy to join—especially if there are no credentials required—but that also applies to hackers. Being on the same network as someone with malicious intentions increases your risks.
- Crowded digital space. Hackers could more easily attempt a man-in-the-middle attack, which requires physical proximity to the target. The concentration of people in a hotel trying to use the same network gives hackers an advantage.
- Outdated hardware. Many hotels still use outdated routers that lack security updates and use weak encryption. This increases vulnerability for users.
How do hotel Wi-Fi attacks work?
Understanding what a hacker might try to do to someone using hotel Wi-Fi could help you protect yourself. Here are some of the ways an attacker can hack hotel Wi-Fi:
- Evil-twin attack. With this method, criminals create a network with a similar name to the hotel’s network and gain direct access to the computer of any guests who accidentally connect to it.
- Man-in-the-middle attack. In man-in-the-middle attacks, a hacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other.
- Packet sniffing. This is where a hacker records the packets of data that pass between you and an unsecured Wi-Fi router.
- Router hacking. Perhaps the most devastating attacks possible would involve hacking a hotel’s router. This could give attackers access to information ranging from guests’ credit-card details to keycard systems.
Can hotel Wi-Fi see what you’re doing?
Wi-Fi admins could potentially see what you’re doing if your connection is unencrypted. While they probably won’t be able to read your messages, they might be able to know the sites you visit and how much time you spend on them, while connecting this information back to your room number.
That’s why encrypting your connection is a good idea—it means no-one can see what you’re doing. You can try ExpressVPN to mask your activity with powerful encryption, keeping it safe from prying eyes. Whether it’s a hotel Wi-Fi admin or a hacker wanting to steal your details, no one gets a peek at your activity.
Read more: Wi-Fi router logging
What are the risks of unsecured hotel Wi-Fi?
It’s best to use mobile data instead of hotel Wi-Fi, especially for sensitive tasks. While free hotel Wi-Fi is attractive, it’s an easy target for hackers. Here are some risks of using hotel Wi-Fi:
- Data theft. Hackers can eavesdrop on unencrypted hotel Wi-Fi networks and steal personal information, such as login credentials, credit card numbers, and emails.
- Malware attacks. Attackers can set up fake Wi-Fi networks that mimic the hotel’s real one. If you connect unknowingly, they can install malware on your device remotely.
- Phishing attacks. An attacker can send messages that appear to be from the hotel itself and contain malicious links, tricking you into revealing sensitive information.
- Spying threats. Hotel Wi-Fi admins or hackers can monitor and log the sites you visit and connect them back to you.
How to stay secure on hotel Wi-Fi
Here are a few things you can do to keep yourself secure:
1. Use a VPN for hotel Wi-Fi
The easiest way to boost your safety on public Wi-Fi like hotel networks is to use a VPN. Without a VPN, everything you do when connected is visible to anyone monitoring the network. That could be a Wi-Fi admin monitoring your activity and logging data about your browsing habits, or a cybercriminal looking for you to make a mistake and steal your information.
With a VPN, you can put a stop to that. ExpressVPN uses powerful encryption to hide your traffic from view. It sends your online activity through a private, encrypted tunnel that no one can see into. That means anyone trying to track you, can’t see what you’re doing or which websites you’re visiting. Wi-Fi admins and cybercriminals can’t intercept your traffic or log your data, because everything you do stays concealed.
Want to give your connection a security boost? ExpressVPN helps you stay safe on public Wi-Fi, encrypting your traffic and concealing your habits from watchful eyes. Our strict no-logs policy means we don’t track, store, or share any of your data while you’re connected.
2. Always confirm the hotel network’s name before connecting
It’s tempting to connect to the first Wi-Fi name you see when you’re in line to check in, but it could be risky. Hackers can set up fake Wi-Fi networks, pretending to appear as a network that looks trustworthy. You can avoid fake Wi-Fi networks by being 100% sure about the hotel Wi-Fi’s name. You can also ask the hotel manager for the router IP address to confirm the network you’re connecting to is the right one.
3. Use your phone as a hotspot instead of Wi-Fi
One option is to not use hotel Wi-Fi. If you’re getting data on your phone—admittedly unlikely if you are traveling internationally—you can use it as a Wi-Fi hotspot for other devices such as a laptop. Alternatively, you could use a portable router, which is a small device you carry with you and top up with data as needed using a credit card. You connect to it with a password in the same way you’d use any Wi-Fi network.
These hotspots are harder to attack because they’re moving, and they are less attractive to attackers because there are fewer people using them.
Read more: How to keep your mobile hotspot secure
4. Always keep software up to date
You should be keeping your phone’s operating system up to date whether you’re on public Wi-Fi networks or not. Vulnerabilities are found all the time, some of them posing great risk to your device or privacy. Tech companies constantly release new versions of software that include fixes to these bugs. Keeping your device up to date is a basic way to ensure your online security under any circumstances.
5. Encrypt your data using Tor or other methods
While the easiest way to encrypt your connection is with a VPN, there are other methods. These include using the Tor Browser, which relays and encrypts your traffic three times when you browse, increasing your anonymity. You can also ensure that the sites you visit use HTTPS rather than HTTP, as indicated by a padlock symbol next to the URL. However, these methods won’t protect your whole device, including connections to apps, like a high-quality VPN would.
6. Turn on a firewall
A firewall offers extra security by blocking any suspicious incoming traffic before it can infiltrate your device. However, while computers come with firewall software, mobile phones generally do not.
Read more: The internet is safer now—but a VPN is still essential protection
7. Beware of suspicious links and attachments
Stay on guard when you’re on hotel Wi-Fi. If a strange pop-up appears prompting you to click, it might be an attempt by an attacker to send you malware or intrude on your browsing. That said, you should never click on suspicious links or attachments, even when you’re at home. Always try to verify that the sender is legitimate first and look for misspellings or extra words in URLs that indicate a fake site.
Read more: What is URL phishing?
8. If a public Wi-Fi requires personal details, give fake ones
Public Wi-Fi in airports or cafes might ask for information about you before allowing you to proceed. If this is simply for data collection and not to verify your identity, or if you’re not sure of the purpose, then always try to provide fake information first.
In hotels, it’s more often that your name and room number that are required to verify the user. If it requires any other details, make it up.
How a VPN can protect you on hotel Wi-Fi
The risk with hotel Wi-Fi is the networks tend to have poor security, meaning it’s easy for intruders and hackers to attack users or see what you’re doing online.
You can use a VPN app on your individual devices to help protect you. You can also try ExpressVPN’s Aircove Go portable router, which is specifically designed for uses in places like hotels.
Just connect the Aircove Go to your hotel Wi-Fi to secure your device in seconds. You can connect as many devices as you like to an Aircove Go router—all their data will be protected by VPN encryption, along with the added privacy that comes with a new IP address, ad blocking, and a strict no-logs policy.
FAQ: About hotel Wi-Fi safety
Can you get hacked using hotel Wi-Fi?
Yes, you can get hacked using hotel Wi-Fi, and in fact hotels are considered some of the riskier places to use Wi-Fi. Not only do they often have less-than-secure networks, but they’re attractive targets for hackers due to the large number of people who use them. Encrypting your connection with a VPN would go a long way to protecting your data and device. You can try ExpressVPN to keep your information secure while using hotel Wi-Fi.
Do hotels monitor their Wi-Fi?
It’s possible for a Wi-Fi admin to see what you’re doing over hotel Wi-Fi, if your connection is unencrypted. They might be able to see what sites you’re visiting or apps you’re using, and how much time you are spending on each. While it’s impossible to know if someone is actually snooping on traffic, the possibility is worrying enough.
Is it safe to connect your phone to hotel Wi-Fi?
It is safe if you take precautions. The best precaution to take is using a VPN to encrypt your connection. This ensures third parties like the internet service provider, Wi-Fi admin, and attackers are unable to intercept and observe your activity.
What should I do if I need to use hotel Wi-Fi for work?
Make sure that you’ve verified the Wi-Fi network name and password with the hotel. Choosing a network only based on a name that sounds plausible can be risky; someone might have created a fake network as a trap. Also ensure your connection is encrypted. The easiest way to do this is by installing a VPN app. You can now safely use hotel Wi-Fi.
Alternatively, it’s also possible that your company has a business VPN service for connecting to your company servers. But note that a business VPN is designed to protect your company’s security, not the user’s individual privacy.
Is hotel Wi-Fi safe for online banking?
Yes, if you stay alert to warnings. In general, online banking is a safe activity, since all banking websites use encryption and have precautions in place. A man-in-the-middle attacker could still attempt to intercept your traffic though. To keep yourself and your banking information safe, use a VPN. try ExpressVPN masks your traffic in encryption to stop prying eyes from seeing your sensitive details, including your online banking information.
Protect your online privacy and security
30-day money-back guarantee
We take your privacy seriously. Try ExpressVPN risk-free.
What is a VPN?
Comments
It’s an interesting article. I was on a United Airlines flight recently and as many flyers do, planned to log onto the United WiFi. Shortly into the flight, the captain came on the intercom and announced “whomever has the link unitedairlines_wifi, please disconnect. That’s not nice.” Then he proceeded to announce, “those of you who wish to log on to the correct United internet connection, pls use this link…etc.” it reads of scammers to me. Right away, I knew what this announcement was about. So flyers beware….ExpressVPN thank you for educating us.
You might consider an article on flying the not so friendly skies.
Can you please clarify how using a VPN will bypass the throttling limitation set by the wifi policy?
While a VPN mainly helps hotel guests by securing their connections, there are certain scenarios where it might improve speeds. It’s possible for a hotel to throttle or even block certain websites, such as popular streaming services, and using a VPN would make it impossible for them to do so.
Good stuff. Now for a more meatier question— what about configurations for unlocked, no-SIM mobile Wi-Fi routers, and\or mobile satellite internet for those hardcore digital nomads who are working high up in the mountains or on a remote island, such as what is found on amazon by TP\-Link and other providers.
This was a good mini-reviewwith some timely suggestions. I used to carry an ethernet cable until I found that using my phone as a “Hot Spot” gave me improved security – for the very reasons you’ve stated. I always use a VPN and thank you for suggesting placing a VPN on our router.