1) Before you connect
- Confirm the network name with staff (avoid “evil twin” Wi-Fi lookalikes).
- Prefer your hotspot if you’re doing anything sensitive.
- Skip networks that ask you to install apps, profiles, or certificates.
2) Avoid these on public Wi-Fi
- Banking, card payments, crypto exchanges.
- Logging into your main email (it can reset everything else).
- Changing passwords or setting up new 2FA.
- Admin dashboards (website, hosting, router panels).
If you must: use hotspot or VPN + verify HTTPS + no certificate warnings.
3) Quick “sketchy Wi-Fi” red flags
- Duplicate network names with tiny differences.
- Captive portal asks for lots of personal info.
- Sudden certificate warnings, random logouts, weird popups.
- Your device auto-joins without you selecting it.
4) Fast device hardening
- Set network to Public on Windows (blocks sharing).
- Turn off auto-join after you’re done.
- Disable file sharing / Airdrop sharing when out.
- Turn off Bluetooth if you don’t need it in crowded places.
5) Browser checks
- Only sign in on HTTPS pages.
- Never ignore certificate warnings.
- Prefer apps/sites with 2-factor authentication.
6) After you disconnect
- Forget the network (or disable auto-join).
- Log out of sensitive accounts you used.
- If something felt off, change passwords later from a trusted connection.
Extra Detail (Windows / iPhone / Android)
Windows
- Settings → Network & Internet → Wi-Fi → Manage known networks: disable auto-connect for public Wi-Fi.
- Ensure the network profile is Public (not Private).
- Turn off “Network discovery” and “File and printer sharing” while out.
iPhone
- Tap (i) next to Wi-Fi → disable Auto-Join when you leave.
- Prefer “Private Wi-Fi Address” (randomized MAC) for tracking resistance.
Android
- Wi-Fi network details → disable auto-connect / auto-reconnect after use.
- Keep randomized MAC enabled if available.
VPN note: a) VPN can reduce certain local network snooping risks on public Wi-Fi, but b) it doesn’t replace HTTPS or good habits.