Hotel Wi-FI networks are often completely open, requiring only a room number, code, or click-through to access the Internet. This lack of real encryption means your Internet usage is vulnerable to snooping from others sharing the network.
Wi-Fi networks like the ones in use at most hotels aren’t private. The login process just lets the hotel limit access to the Internet. It doesn’t keep your Internet activity private.
Open Wi-Fi Networks Allow Anyone Nearby to Snoop
Open Wi-Fi networks — that is, Wi-Fi networks anyone can connect to without entering a passphase — are open to snooping. Because these networks aren’t secured with encryption, all data sent over them is sent in “plain text.” Anyone nearby can snoop on the traffic — unless, of course, you’re connected to a secure, HTTPS-encrypted website. All it takes it a tool like Wireshark.
Your neighbors in the hotel could snoop on your web activity. If you’re using an open Wi-Fi network at an airport or in a coffee shop, people nearby can also snoop on you there.
Captive Portals Only Limit Access to the Internet
If you connect to an open Wi-Fi network and then see a page with information about the hotel and have to enter a room number or another password to connect, you may think you’re connected to a secure network.
In a sense, you are — the hotel’s “captive portal” prevents you from accessing the Internet until you authenticate yourself. It also allows the hotel to limit the number of devices that can access the Internet — but you can share that single hotel Wi-Fi connection with multiple devices.
However, after you authenticate, you’re still using an open Wi-Fi network. The router allows you to access the Internet, but it doesn’t actually encrypt the network — it’s still open. This means your traffic can be snooped on.
How to Tell If You’re Vulnerable to Snooping
If you have to enter a password in your operating system, you’re fine. For example, if you log into the Wi-Fi network by clicking it in Windows and you then have to enter a password before connecting, it’s encrypted. Look at the security information when connecting. If it’s a secure network, you’re good — if it’s an open network, you’re open to snooping.
If you have to log into a completely open network without a password, and then your web browser pops up with a page that requires you enter more information to access the Internet, you’re using an insecure, open Wi-Fi network.
For example, Windows 8.1 warns you about such open networks by displaying a caution icon over the Wi-Fi symbol and the statement “Other people might be able to see info you send over this network.”
How to Protect Yourself From Snooping on Hotel Wi-Fi
Snooping is the main danger from open Wi-Fi networks — especially ones in hotels and other public places where quite a few other people will be around. All your Internet traffic, aside from the encrypted traffic, is visible to anyone nearby who’s monitoring the data travelling over the air.
For example, let’s say you’re browsing Wikipedia — people can see which articles you’re browsing. Most of the websites you’ll visit don’t use HTTPS, which means people can monitor which web pages you’re visiting and what you’re typing on them. Thankfully, most important websites with sensitive data should be using HTTPS by now, from Gmail to Facebook to your bank’s website.
To protect yourself from snooping, get a VPN and connect to it when browsing on public Wi-Fi networks. If you need a simple VPN for public Wi-Fi browsing, we recommend ExpressVPN or TunnelBear. Both offer a slick and simple interface–ExpressVPN has better speeds, but TunnelBear has a free option, so it’s great if you’re just getting started with VPNs. If you want more advanced options, StrongVPN is our pick for more savvy users.