I keep hearing on VPN ads that you have to use a VPN to not have your login information stolen. So far I have been using Cloudflare WARP to be safe enough. However, if I am using an HTTPS website, do I really need a VPN or WARP? Will an attacker on the same network as me be able to access passwords transmitted over HTTPS?

  • EndOfLine@lemm.ee
    link
    fedilink
    English
    arrow-up
    37
    ·
    1 year ago

    Think of it like this

    • HTTPS hides what you are saying.
    • VPN hides who you are saying it to.
      • jsdz@lemmy.ml
        link
        fedilink
        arrow-up
        9
        ·
        edit-2
        1 year ago

        It’s not particularly easy to find a trustworthy VPN, but it’s not particularly hard to find one you’d trust more than whatever random public wi-fi you’ve found while on the road. Your stock reminder that we can never trust anyone is not really useful here.

        Using a good VPN is one way to sanitize the whole network environment when you have no reason to trust even the router you’re connecting to, avoiding quite a few risks besides that of someone passively analyzing your traffic.