Travel safety online: protect your data on the road

Travel is when you're most likely to have your data exposed: public Wi-Fi, shared computers, lost phones, suspicious chargers, unfamiliar networks. Most security advice for travel boils down to a few simple practices that take 30 minutes to set up before you leave.

Wi-Fi safety

Hotel Wi-Fi

• Most hotel Wi-Fi is OK for casual browsing.
• Most major websites use HTTPS by default, so traffic is encrypted.
• Avoid: banking, sensitive emails, logging into financial accounts.
• Use: a VPN to encrypt everything.

Airport Wi-Fi

• Same as hotel: OK for casual use with a VPN.
• Be aware of "evil twin" hotspots (fake networks with names like "Airport Free Wi-Fi"). Verify with airport staff which network is real.
• Never enter passwords on a captive portal you can't verify.

Coffee shop / restaurant Wi-Fi

• Same caution. VPN preferred.
• For very sensitive use: hotspot from your phone instead.

VPN recommendations

• Paid (recommended): NordVPN, ExpressVPN, ProtonVPN. $5-10/month.
• Free: ProtonVPN free tier is the only one I'd trust. Avoid other free VPNs; they often sell data.
• Built-in: Apple's iCloud Private Relay (with iCloud+) is a partial VPN for Safari.

See our VPN guide.

Charging safety

Avoid public USB ports

"Juice jacking" through compromised USB ports can steal data or install malware. Defense:

• Carry your own portable battery (Anker, etc.).
• Use a charger plugged into a wall outlet, not USB ports on chairs/desks.
• If you must use a USB port, use a "data blocker" (a small adapter that allows charging but blocks data).

Lost or borrowed chargers

Don't borrow a stranger's charger; their cable could be a hacking tool. Bring spares.

Device safety

Lock everything

• Face ID, Touch ID, or strong PIN on phones and tablets.
• Password or biometric on laptops.
• Auto-lock after 1 minute of inactivity.

Encryption

• iPhone and Mac: encryption is default.
• Windows: turn on BitLocker (Settings > Privacy & security > Device encryption).
• Android: usually default on modern devices.

Find My / Google Find My Device

If lost, you can locate, lock, or wipe the device remotely. Test before traveling. See our Find My iPhone setup guide.

Account safety

Use a password manager

• Bitwarden, 1Password, Apple Passwords: access on phone, laptop, and from web if needed.
• If you lose all devices, you can recover access through the password manager.
• Don't write passwords on paper that's in your luggage.

See our password manager guide.

Two-factor authentication

Critical before travel:

• Use an authenticator app (Google Authenticator, Authy, your password manager).
• SMS-based 2FA can fail abroad (no signal); authenticator app works offline.
• Have backup codes saved in your password manager.

Banking on the road

• Tell your bank you're traveling (some still flag international transactions).
• Use your bank's app on cellular data (not public Wi-Fi).
• Set transaction alerts for amounts over a threshold.
• Have backup card stored separately.

International travel specific

Border crossings

• US Customs can demand to see your phone or laptop. Have a strategy ready.
• Consider traveling with a "burner" device that has minimal data.
• Back up before you go; you can restore if needed.

SIM cards and eSIM

• International phone plans often charge per MB.
• An eSIM from Airalo, Saily, or local provider can be much cheaper.
• Set up before you travel.

Hotel safe

• Don't leave devices in the room visible.
• Hotel safes are convenient but not super secure. Treat as deterrent only.
• Better: keep critical devices with you.

Online activity to avoid while traveling

• Logging into work systems on public Wi-Fi without VPN
• Filing taxes
• Changing important account passwords (do this from your secure home network)
• Sending sensitive documents

What to do if your phone is stolen

1. Use Find My (iPhone) or Find My Device (Android) from another device to mark as lost or wipe.
2. Call your carrier to suspend the line.
3. Notify your bank to watch for fraud.
4. If you used the phone for 2FA, get into your accounts through backup codes.
5. File a police report (helpful for insurance claims).
6. Notify your travel insurance if you have it.

What to do if your laptop is stolen

1. Same as phone: remote lock/wipe if possible.
2. Change passwords for any accounts that may have been logged in.
3. Notify your bank.
4. If work data was on it, notify your IT/security team.
5. File police report.

The "boring but important" pre-travel checklist

• Update all devices to latest software
• Charge backup batteries
• Download offline maps
• Download offline language translations
• Have one trusted contact know your itinerary
• Have a way to contact your bank from abroad
• Print key documents (passport copy, insurance, prescriptions)
• Make sure passport is current and has 6 months validity remaining

Specific risks for older travelers

• Scammers know cruise and senior tour itineraries; they target traveling seniors with calls "from your bank" about suspicious charges. Verify directly through your bank.
• Carry a card with your son/daughter's name and number that doesn't include your home address.
• Use travel insurance with emergency assistance phone line.
• Tell one trusted contact your daily itinerary so they can intervene if something feels off.

5 things to do before your next trip

1. Sign up for a VPN.
2. Verify Find My is on for every device.
3. Test 2FA with an authenticator app.
4. Buy a portable charger.
5. Back up everything.