Every hotel, café, and airport lounge on a long trip asks the same question — "connect to this WiFi?" — and the honest answer is that public networks are exactly as risky as people say, just easy to get complacent about after the fiftieth one. Here's what actually matters.
The danger on the road usually isn't some targeted attack — it's the ambient risk of shared, unsecured networks. A public or hotel WiFi network can let anyone else on that same network potentially see unencrypted traffic, and a fake or spoofed network with a name like "Airport_Free_WiFi" is trivial for someone to set up in a crowded terminal. You're also logging into your bank, email, and cloud photo backups from networks you have zero visibility into, in countries where you have no real recourse if something goes wrong.
A VPN encrypts your connection between your device and the internet, so even on a compromised or shared network, what you're sending — logins, card details, messages — isn't readable to anyone else on that network. It also routes your connection through a server elsewhere, which is the part that incidentally lets you keep reaching home-region apps and streaming services that would otherwise geo-block you the moment you leave the country.
It's not a magic shield against everything — it won't stop you from falling for a phishing email, and it doesn't replace basic account security. Pair it with the boring fundamentals: two-factor authentication on anything that matters (email, banking, cloud storage), and treat any request for a password or card number over public WiFi with the same suspicion you'd have offline.
We ran NordVPN the entire trip — every hotel network, every café, every airport lounge across 20 countries. It kept logins and card details private on networks we had no way to verify, and let us reach our usual accounts and streaming from wherever we happened to be that week.
See NordVPN's current plans — the VPN we ran on every network across 20 countries.
(affiliate link)