Hotel Wi-Fi: Weigh the risk

When you travel, have you used your hotel’s Wi-Fi – maybe to pay a few bills or catch up on a report you need to read? You may want to think twice before logging in to accounts over hotel Wi-Fi. Hackers are using security vulnerabilities in hotel Wi-Fi to steal people’s passwords and other sensitive information. Here’s how it works: as a hotel guest, you try to get online using their Wi-Fi network and get a pop-up for a software update. But the network has been compromised. When you click to accept the download, you unknowingly load software designed to damage your computer or steal your information.

During your next hotel stay, consider whether you absolutely must share your login info over the Wi-Fi network. Weigh for yourself whether it’s worth the risk. If you decide to use a public network, take precautions:

  • When using a public Wi-Fi network, log in or send personal information only to websites you know are fully encrypted. Look for https in the web address – the “s” stand for secure. To be safe, your entire visit to each site should be encrypted – from the time you log in to the site until you log out. If you think you’re logged in to an encrypted site but find yourself on an unencrypted page, log out right away.
  • Don’t stay permanently signed in to accounts. When you’ve finished using an account, log out.
  • Do not use the same password on different websites. It could give someone who gains access to one of your accounts access to many of your accounts.
  • Many web browsers alert users who try to visit fraudulent websites or download malicious programs. Pay attention to these warnings, and keep your browser and security software up-to-date.
  • Some Wi-Fi networks use encryption: WPA2 is the strongest.
  • If you regularly need to access online accounts through public Wi-Fi networks, you may want to use a virtual private network (VPN). VPNs encrypt traffic between your computer and the internet, even on unsecured networks. You can get a personal VPN account from a VPN service provider. Some organizations create VPNs to provide secure, remote access for their employees. What’s more, VPN options are available to encrypt information you send through mobile apps. If you work out of hotels frequently, you may want to obtain your own mobile hotspot, which encrypts traffic between your device and the Internet and uses the cellular network instead of public Wi-Fi.
  • Installing browser add-ons or plug-ins can help. For example, Force-TLS and HTTPS-Everywhere are free Firefox add-ons that force the browser to use encryption, if available, on popular websites that don’t normally encrypt.


This is why I will always carry my own wi-fi hoptspot. If the hotel blocks my hotspot, I will cancel and find a hotel that doesn't block me. Plain and simple. I like my freedom to be able to use my own AFFORDABLE wi-fi when I want to and avoid the hotel's astronomically HIGH rates and unforseen hidden security dangers.

Great information. Thank you for sharing.

Wow, I guess I shall no longer use any WIFI when I am traveling. Talk about vulnerability!

Leave a Comment

Comment Policy

Read Our Privacy Act Statement

It is your choice whether to submit a comment. If you do, you must create a user name, or we will not post your comment. The Federal Trade Commission Act authorizes this information collection for purposes of managing online comments. Comments and user names are part of the Federal Trade Commission’s (FTC) public records system, and user names also are part of the FTC’s computer user records system. We may routinely use these records as described in the FTC’s Privacy Act system notices. For more information on how the FTC handles information that we collect, please read our privacy policy.