I have setup Wi-Fi at schools, conferences, and snooty shindigs where the goal was to make sure everyone had access to open, relatively fast, and secure Guest networks. And no, I did not use a Captive Portal. Firewall and VLANs yes, Captive Portal, no. The goal was to get the users on and out to the InterWebs.
One other thing I never, ever do is create a ‘Guest” SSID that is open. I always change the name in some way. Guest-Open, guest-open, Here-a-guest, there-a-guest… Why do I not use the SSIDs “Guest”, “guest”, or “GUEST” or any variation of that word? By the way, SSIDs are case sensitive so that’s why spelled the ‘same’ word different ways. I do not use that word because our devices usually remember SSIDs that we have successfully connected to at some point. “What’s the big deal? That makes it simple when I come back.” And yes it does make it simple. Simple for you, simple for your host, and also simple for the guy with a hotspot or a rogue AP named “guest.” The last thing you want is for Gropnorb to steal your identification and buy a ticket to Elbonia on your dime.
The best practice is to always have your device “forget” any network you use that is open. Even if the open network has some crazy SSID. You never know who is sitting beside you in the coffee shop.