VPN Glossary

Rebecca Duff
Rebecca DuffUpdated

Baffled by all the VPN jargon? Want to know the difference between OpenVPN and IKEv2 or what on earth AES-256 is all about? Our glossary is the perfect starting point for beginners and experts alike.

Ad blocker

A browser add-on or software that prevents advertisements from displaying on web pages. The majority of these will also help to block ad-based malware and cross-site tracking, which is when companies collect your data across multiple websites.

AES (Advanced Encryption Standard)

One of the most commonly used encryption protocols, AES-256 is the cipher of choice for the US federal government. It is considered completely unbreakable, and since its creation (over a decade ago) has undergone excessive testing to prove exactly how secure it is. AES is, in our opinion, the best encryption standard available to VPN users.

Bitcoin

An open source digital currency – or “cryptocurrency” – that’s been around since 2009 and isn’t linked to any banks or administrative bodies. Bitcoin operates using peer-to-peer technology and transactions take place directly between users, cutting out the need for ‘middle men’ like financial institutions. It can be exchanged for goods and services or for other currencies.

Many VPN providers allow payment via Bitcoin as it provides customers with an additional layer of privacy. This is because funds are linked to Bitcoin addresses rather than real-life entities with further steps possible (ie Bitcoin mixing or tumbling) that make them untraceable.

BitTorrent

One of the most common peer-to-peer (P2P) protocols used to download and distribute files over the internet. To get started, you’ll need BitTorrent client software along with a small torrent file that contains the information needed to download the file you want. These torrent files are most notoriously available on torrenting sites such The Pirate Bay but also on forums and other sites.

BitTorrent has many legitimate uses but is most well-known for copyright infringement, so make sure you only download content from legitimate sources to avoid any issues. Unless you use a VPN, your IP address will be exposed to anyone involved in the data transfer, so check out our Best VPNs for Torrenting in order to protect yourself from unwanted snooping.

Browser extension

A plug-in that can be downloaded and installed to your web browser for increased functionality. Most major browsers (Google Chrome, Firefox, Opera and Safari) offer online stores that allow you to search for and browse popular extensions, however not all extensions will work with every browser.

Many VPN providers offer browser extensions that are very popular with browser-focused users looking for a more lightweight online experience. In most cases, these are proxies rather than full VPN extensions (see our definition below), so your web traffic isn’t actually encrypted.

Cipher

A mathematical algorithm used for data encryption. Modern-day ciphers are almost impossible to crack, even with the help of advanced supercomputers, as they’re made up of incredibly complex algorithms. AES-256 is considered to be the strongest cipher for a VPN.

Connection logs

These are also known as metadata logs, and are used by VPN providers (in most cases) for troubleshooting and dealing with technical issues, as well as helping to detect and prevent illegal activity. The amount of data collected varies from one provider to the next, but generally includes details such as your connection time, amount of data transferred and the device you’re using the VPN on. Some providers will also log your originating IP address.

As a general rule, connection logs aren’t too much of a concern, as long as they’re not overly detailed and are regularly deleted. Providers such as ExpressVPN are a good example of this, as they only collect your connection date, server choice and total amount of data used, none of which can be used to personally identify you. Other VPNs such as HideMyAss! are a little more intrusive, storing your originating IP address for up to three months.

Cookies

A small text file placed on your computer when you visit a website, used to remember something about you or your device at a later date. Cookies have many uses, including remembering your login details and website preferences, however there have been some issues with sites using them to track visitors without them knowing.

The two most commonly used types of cookie are Session Cookies and Persistent Cookies. A Session Cookie disappears after you close your browser, but a Persistent Cookie remains after you close your browser and may be used on subsequent visits to the website.

Cryptocurrency

A digital currency that can be exchanged for goods or services, using cryptography as a means of securing and verifying transactions. Some more well-known examples of cryptocurrencies include Bitcoin, Litecoin, Ethereum and Dash, some of which are accepted by VPN providers as a means of payment.

Dark Web

Also known as the Dark Net, the Dark Web includes all the websites you can’t find using regular search engines such as Google or Yahoo. It is only accessible through networks such as Tor (“The Onion Router”, see our definition below) or I2P (“Invisible Internet Project”), and users become incredibly difficult to track due to the high level of encryption.

More and more people are being pushed towards the Dark Web simply because they’re concerned about the online privacy laws where they live, and not to access any illegal content. However, it goes without saying that criminals such as drug dealers and fraudsters also use the Dark Web to carry out illegal activity without being detected.

DD-WRT

A Linux-based open source firmware for wireless routers. You can “flash” DD-WRT into your existing router, which will remove the default factory settings and give you more control, or you can purchase one that’s been pre-flashed. This enables you to configure a VPN at router level, so every device you connect wirelessly will be routed through the VPN without you having to install individual apps.

DMCA notice

This refers to a copyright infringement notification that’s sent to ISPs by copyright holders. Since VPN users assume an IP address registered with their VPN provider, any alert relating to alleged infringement goes to the VPN service rather than the ISP of the user doing the alleged infringing.

It’s worth looking closely at the terms of service if you are a heavy torrenter to understand how a VPN service responds to these notices – or read our review. Note that DMCA stands for Digital Millennium Copyright Act (a US-specific piece of legislation) but that it’s come to refer to any such notice.

DNS (Domain Name System)

The internet’s method of translating web addresses (URLs) into numeric IP addresses. For example, the domain name www.top10vpn.com converts to an IP address of 151.101.50.49. This translation process is usually performed by your Internet Service Provider, but when you’re connected to a VPN, all DNS should firstly be routed through the VPN tunnel and then resolved by the VPN provider, rather than by your ISP.

DNS leak

These occur when your DNS requests go through your ISP rather than your VPN provider, and mean your true IP address is being exposed. You can check for DNS leaks here: https://www.dnsleaktest.com/. The best way to prevent this from happening is to choose a VPN provider that offers built-in ‘DNS leak protection’.

Encryption

The method of converting data to an encrypted form, using a mathematical algorithm known as a cipher. It’s used to protect sensitive information and prevent it from being viewed by unauthorized parties, and is incredibly difficult to ‘crack’ unless you have access to the correct ‘keys’.

Firefox

A free, open-source web browser developed by Mozilla Foundation, a non-profit organization. It still isn’t quite as widely-used as Google Chrome, but is becoming more popular with security-conscious users due to the abundance of privacy enhancing add-ons on offer.

Five Eyes

Often abbreviated as FVEY, Five Eyes is an intelligence alliance made up of Australia, Canada, New Zealand, the UK and the US. The countries work together to collect mass surveillance data and share it between their respective security organizations, sneakily bypassing the laws that prevent them from spying on their own citizens. Try to avoid VPN providers based in any of these countries if you can, unless they operate a very minimal logging policy.

Geo-restrictions

Restricting access to web content based on the user’s geographical location. For example, BBC iPlayer is only accessible to UK residents, and Hulu is only available in the US. It is also used by governments in high-censorship countries to block websites that are deemed inappropriate or those that are illegal under local laws. VPNs can be used to access content that isn’t usually available in your country, however you must be careful not to infringe any copyright laws.

HTTPS

A more secure version of HTTP, the protocol that’s the foundation of the web. HTTPS uses secure port 443 by default and encrypts all user data, making it far less vulnerable to man-in-the-middle and eavesdropping attacks. Previously it was mainly used by banks and online retailers, however it is increasingly becoming the norm for mainstream websites.

When you visit a HTTPS website, anyone monitoring your activity can tell that you’ve visited the site, however they won’t be able to see anything specific that you’ve done, such as the pages you visited or any details that you entered into forms. Look for a padlock icon in your browser’s URL bar and try to only use websites where the address begins with “https://”.

IP (Internet Protocol) address

A unique numerical address given to your internet connection by your ISP. These can be rotated on a regular basis or randomly reassigned every time a connection resets, but everything you do online is linked to one. One of the main reasons for using a VPN is to mask your true IP address so that your browsing activity can’t be traced back to you as an individual, protecting you from unwanted surveillance from your ISP and other third parties.

IP leak

This happens when a website or app you’re using can see your real IP address instead of the one your VPN is showing. You can check for IP leaks here: https://ipleak.net/. In order to prevent this happening you should select a VPN provider that offers DNS and IPv6 leak protection, such as ExpressVPN.

IPv4

Short for Internet Protocol Version 4. The current default system for defining numerical IP addresses (see our definition of DNS above). Due to an increase in internet use in recent years, IPv4 addresses are running out, as only a limited number were available for assignment.

IPv6

Internet Protocol Version 6, a new standard introduced to solve the problems presented by IPv4. It utilizes 128-bit rather than 32-bit internet addresses, meaning the total number available should keep us supplied for years to come. Unfortunately a lot of VPNs fail to direct IPv6 traffic through the VPN tunnel, so if you connect to a website that supports IPv6, your DNS request will be handled by your ISP, therefore exposing your true IP address. Look for providers that offer IPv6 leak protection to prevent this problem from happening to you.

ISP (Internet Service Provider)

The company that supplies your internet connection. Unless you use a VPN, your internet data remains unencrypted, meaning your ISP can see everything you’re doing online. ISPs in many countries (notably the US, most of Europe, Australia and Russia) are legally required to store customer metadata to allow government access if necessary. Some ISPs even monitor internet traffic in real time and feed it directly to law enforcement agencies and intelligence networks.

Killswitch

A feature offered by most popular VPN providers that prevents your true IP address from being exposed should the VPN connection drop for any reason. Some VPNs allow you to choose certain sites or apps to bypass the killswitch, however most will simply cut off all internet connections until the VPN tunnel is re-established.

Note that not all providers will call it a killswitch, for example ExpressVPN call it a Network Lock, but it serves the same purpose. Some VPNs come with a killswitch built in, such as CyberGhost, which is great for those who might otherwise forget to switch it on. Wherever possible, you should try to choose a provider that offers some form of this feature.

L2TP/IPSec

Layer 2 Tunneling Protocol, a commonly used VPN protocol that’s built into most popular operating systems. It’s quick and easy to set up and is secure enough if implemented correctly, however there are some concerns that the NSA (US National Security Agency) might have deliberately weakened it, although this isn’t backed up by any solid evidence.

There are no major vulnerabilities to note, but if you’re planning to use it in a high-censorship country you could have some issues, as it isn’t very effective at bypassing firewalls. Where possible, you should stick with OpenVPN, but this isn’t a bad choice if that isn’t an option.

Logs

Any information collected or retained by your ISP or VPN provider. Some VPN providers incorrectly claim to be zero logs, so here at Top10VPN we try to make a clear distinction between those who don’t collect logs and those that do. Providers are classed as collecting usage logs (where your online activity and browsing history is monitored), connection logs (where just your connection information is collected) or no logs at all.

It’s best to choose a provider that collects a minimal amount of logs to protect your online privacy, or even better one that doesn’t collect any logs whatsoever, such as IPVanish. This way, you can be sure that everything you do online remains completely private and can in no way be traced back to you as an individual.

OpenVPN

The industry-standard VPN protocol and the one we recommend you use wherever possible. OpenVPN is an open-source software that’s highly configurable and offers the best balance between performance and privacy. It isn’t natively supported by any platforms, but is available on most of them through a third-party software, and the majority of VPN providers will offer custom apps that run on OpenVPN.

It runs best on a UDP port, but can be set to run on any, including TCP port 443, which is the port used by regular HTTPS traffic. While OpenVPN in its default configuration is blocked in China, it continues to work well combined with some form of custom obfuscation (ExpressVPN, Astrill and VyprVPN for example all do this).

P2P (peer-to-peer)

P2P is a type of network in which computers, or other devices, share files with each other rather than downloading them centrally from a server. Even before a file download is complete, devices in the P2P network will upload parts of the file to other devices requesting that file. This data transfer continues even after the initial download is complete, which can make large P2P networks an incredibly efficient means of sharing data.

There are different types of P2P platforms or systems, many of which revolve around large media files, often causing copyright infringement issues. Some of the most popular uses of P2P networks today are torrenting, Kodi and services like Popcorn Time. It’s also being used to innovate in areas like micro-finance.

PPTP

Short for Point-to-Point Tunneling Protocol, an outdated VPN protocol with lots of known security issues. It’s available on almost all major platforms and is very easy to set up without the need for third-party software, therefore remains popular with many VPN providers. We’d advise against using PPTP wherever possible, as even though it’s quick, it can be decrypted easily and won’t protect your sensitive data.

Proxy

A proxy server acts as an intermediary between your computer and the internet, so any traffic routed through it will appear to come from an IP address different from your own. Unlike using a VPN, connections to proxies are not encrypted. So while the site you’re visiting won’t know your true IP address, your ISP will still be logging your activity. The owner of the proxy server will also be able to see your originating IP address.

Most VPN browser extensions are proxies, so check our reviews before you start using one. They’re handy for heavy browser users just looking to mask their IP address, however most of them aren’t VPN substitutes. The only provider with browser extensions that encrypt your web traffic is ExpressVPN, with extensions for Chrome, Safari and Firefox.

Shared IP address

The assignment of multiple users to a single IP address. This makes its more difficult to pin down a single user to an IP address therefore increasing privacy.

Simultaneous connections

The number of devices you can use your VPN on at the same time. The more simultaneous connections a VPN provider allows, the better, as it means you can protect your family’s devices as well as your own. Three to five is standard but watch out for restrictions on the most basic or free plans, which limit you to just one.

Smart DNS

A sophisticated technology that allows you to connect to DNS servers in different countries and therefore appear to be located in that country. This means you can access geo-restricted content that might not otherwise be available where you live, such as newspapers, local Google results and ecommerce sites.

Smart DNS differs from a VPN in that it doesn’t encrypt your traffic and is therefore a lot faster, making it a good choice for those who are mainly interested in streaming media content from abroad. It’s also really easy to use on devices that usually lack native VPN apps, such as games consoles, Apple TV and other streaming devices.

Tor

Free software that anonymizes your browsing by randomly routing your web traffic through a network of servers, or ‘nodes’, to hide the origin of the data. While it’s best known for providing access to the Dark Web, it’s actually becoming increasingly common amongst everyday internet users seeking the highest possible levels of privacy.

Connecting to Tor through a VPN is an excellent way of ensuring your security, and some VPN providers actually offer servers optimized for that purpose. It’s also an excellent way of bypassing government restrictions and accessing blocked content in high-censorship countries, however be warned, it is incredibly slow.

URL

Uniform Resource Locator, otherwise known as a website address to you and me (e.g. www.top10vpn.com or www.google.com). All browsers have a URL address bar at the top, where if you type in the URL you’ll be taken directly to that website. These alphanumeric addresses are converted into IP addresses by a DNS translation service so they can be understood by your computer (see our definition for DNS above).

Usage logs

Also known as activity logs. A term for the collection and storage of details about what you are actually doing online, such as the websites you visit and so on. Very few VPN providers collect these types of logs, as this would make them no more private than your ISP, but be sure to check our independent VPN reviews to make sure.

VPN (Virtual Private Network)

A VPN gives you privacy and security online, unblocks restricted content and allows you to appear to be in another country. It does this by encrypting your internet connection and diverting you via a remote VPN server in order to replace your IP address. Check out our “What is a VPN” guide for a more detailed description and the reasons why you might use one: /guides/what-is-a-vpn.

VPN client

The software that you use to connect your device to a VPN service. The term “VPN client” is generally used to refer to a provider’s desktop (or mobile) app.

VPN tunnel

The encrypted connection between your device and a VPN server.

Wi-Fi hotspot

Commonly found in cafés, hotels, and airports, these are public internet access points that can be used by anybody and everybody. While they do come in very handy if you don’t want to use up your data allowance when you’re out and about, a major downside is that they are not secure.

It’s easy for hackers to set up fake hotspots that look like the real thing, detect your web traffic as it travels from your device to the hotspot, or hack the router itself. The only way to protect yourself when using these hotspots is to first connect to a VPN, as this will encrypt your internet connection so it cannot be intercepted by anyone else.