Hotel WiFi is dangerous — here's your travel privacy kit
Public and hotel networks are a hunting ground for attackers. This is your pre-travel checklist.
Updated 2026-04-11
Why hotel and public WiFi is risky
Hotel networks are shared infrastructure — often with hundreds of simultaneous users and minimal security configuration. Common attacks include: man-in-the-middle interception (an attacker positions themselves between you and the router), evil twin attacks (a fake "Hotel WiFi" network that looks legitimate), and passive traffic sniffing. These attacks require no sophisticated equipment and are well-documented in public security research.
What an attacker can capture
On an unencrypted or compromised network, an attacker can capture unencrypted HTTP traffic, DNS queries (even on HTTPS sites), session cookies from some applications, and the metadata of all your connections. HTTPS protects page content, but not the fact that you visited a site, when, or for how long.
Your travel privacy checklist
Before you leave: install a reputable VPN on all devices and test it at home. Update all apps and operating systems. Enable full-disk encryption on your laptop. Set a strong device PIN (not fingerprint — border agents can compel biometrics in some jurisdictions). Download what you need offline so you can minimise network activity. Consider a travel SIM for mobile data as an alternative to hotel WiFi entirely.
A note on border crossings
Border agents in many countries — including the US and Australia — have legal authority to demand device access. In the US, border agents do not require a warrant to search devices. Practical approaches include: leaving sensitive data in the cloud (not on the device), using a travel-specific device with minimal data, and knowing your rights in the country you're entering.
Ready to act on this?
We've reviewed the tools so you don't have to.