What is a VPN? A Beginner's Guide

Callum Tennent
By Callum TennentUpdated
What is a VPN?

A VPN, or Virtual Private Network, gives you privacy and security online, unblocks restricted content and allows you to appear to be in another country. It does this by encrypting your internet connection and diverting you via a remote VPN server in order to replace your IP address.

What is a VPN?

To use a VPN you need to sign up with a VPN provider in order to download the VPN software and get access to their remote servers. There are both free VPNs and paid options, although there’s a big drop-off in quality with most free choices – more on that later on.

A VPN does not replace your Internet Service Provider (ISP), as you need internet access in order to use a VPN. You can use a VPN on any network, such as your home, school or work network, or public WiFi. They’re not just for PCs and laptops, either – in addition to Windows 10 and MacOS you can also use them on Apple iPhones, Google Android handsets, streaming devices, games consoles like the Sony PlayStation 4 and Microsoft Xbox One, and more.

Don’t confuse the VPNs we talk about here with business VPNs, though. Corporate VPNs that allow its users remote access to far-away networks are not the sort of product we cover on Top10VPN.com – we’re consumer VPNs only.

Want to get straight to our highest-scoring reviews? Why not check out our Best VPNs for 2019.

Why Have a VPN?

A VPN keeps your internet activity private and secure. It stops your ISP and the authorities from tracking what you do online. A VPN will allow you to use public WiFi networks securely, safe from hackers. It will also give you unrestricted access to the internet by making it appear you are from another country.

There are four big reasons to use a VPN:

    1. Keep your internet activity private from your ISP, the authorities and any other snoopers

It’s not just repressive regimes like China and Russia that strictly monitor their citizens online.

The UK, US and Australia have some of the most aggressive mass surveillance laws in the world, forcing ISPs to track customers’ every move and hand over all data.

This sensitive personal data can also be sold to advertisers without your explicit consent. The only way to stop this is by using a VPN.

When you connect via a VPN server, your ISP is unable to see your data – as it’s encrypted. Nor can it track your onward journey past that initial connection, keeping your internet activity private.

If your ISP can’t log your activity then there’s nothing for the authorities to snoop through beyond the fact that you connected to various VPN servers. Even that scant information can be limited by choosing VPN with a strict no-logs policy (more on that later).

    1. Access the internet with IP addresses other than your own

Maybe you don’t want your internet activity traced back to you for whatever reason.

Or perhaps you are frustrated at the growing realization that your physical location is being used to limit your internet experience in different ways, blocking you from accessing the content you want.

When you use a VPN, your real IP address is replaced with the IP address of the VPN server, which can be located anywhere in the world. This means that as far as the websites and apps you are using are concerned, you are just another visitor from that country.

Better yet, you can appear to be connecting from any country you choose at the click of a button.

    1. Protect yourself from hackers on public WiFi

While these networks are convenient, they are highly vulnerable to hackers sniffing out personal information to use in fraud. WiFi in restaurants, coffee shops, department stores and on public transport are all highly at risk.

A VPN encrypts your connection, making it impossible for anyone to intercept your data or as it’s transmitted over the network.

    1. Evading censorship by the government, your ISP, your workplace or school

Online censorship works by the owner of the network blocking specific sites. That can be at the top level by governments forcing the the hand of ISPs or on local closed networks like schools or workplaces.

A VPN is an effective way around these blocks.

This is because the remote VPN server provides the onward connection to the censored site, rather than the internet provider. Even if a particular VPN server itself gets blocked, there are typically many more to choose from.

How Does a VPN Work?

How does a VPN work?

A VPN creates an encrypted tunnel between an internet-connected device, such as a laptop, and a remote VPN server.

Data is encoded at one end and decoded at the other, appearing safely as gibberish in between.

Onward traffic from the VPN server also assumes its IP address, replacing its original identification.

The VPN Basics: Software and Servers

A VPN has two parts: the software on your device and the remote VPN server, which is part of a global network.

The software creates an encrypted ‘tunnel’ between your device and your chosen VPN server, which then routes you on to whatever website or app you are trying to access.

You effectively take a detour via the VPN server on the way to your destination, but from your perspective there’s basically zero difference to how you would normally browse the web.

Your ISP can only follow you as far as the VPN server. It’s unable to track your onward journey, meaning your internet activity remains private.

The more distant the VPN server from your physical location, the slower the speed of your connection, as your data has further to travel. Connecting to the nearest possible server will give you the best possible performance.

This can be no easy task if you live outside of Western Europe or North America. Users in the Oceana region should see our Best VPN for Australia.

Encryption

Why do you need an encrypted connection to the VPN server?

This is best explained by looking at what happens when you go online normally:

  • Your ISP logs every website you visit and app you use
  • For websites without HTTPS implemented – a surprising number of popular sites – your ISP is able to monitor every individual page you visit and any data you might enter
  • On a public network, it’s also easy for a hacker to do the same thing or trick you into exposing sensitive personal data.

When you use a VPN, all of that becomes impossible. Here’s why:

  • Your data is broken down and each part, or ‘packet’, is hidden inside another packet, keeping it private from prying eyes.
  • These packets are then encrypted so that only your VPN software and the VPN server you are connected to can read the data, as only they have the key needed to decode its encryption.
  • Even if the data is intercepted, it will simply look like gibberish.

VPN Protocols

There are several different methods of encrypting and transmitting data in this way, collectively known as VPN protocols.

These include, but are not limited to:

  • OpenVPN
  • LT2P/IPSec
  • IKEv2
  • PPTP
  • SSTP

While it’s not necessary to understand them in detail in order to use a VPN, just be aware that some are more secure than others – we’d advise you stay away from the totally outdated PPTP in particular.

You typically choose which VPN protocol to use in the settings of your VPN software, or just set it to auto and forget about it.

OpenVPN is the best option for most people as it not only has the best balance of performance and security, but it’s also open source, meaning that it’s transparent and trustworthy.

A simple rule of thumb is that the stronger the security of the protocol, the slower it will be. While this is not usually too much of an issue on newer devices on fast internet connections, if you find yourself on an old device or slow internet, you may need to sacrifice one or the other.

As you dig deeper into VPNs, you will come across talk of ciphers, hash authentication and handshake encryption. Unless you are a privacy geek, there’s little practical difference between AES-256 and Blowfish-128, they will both get the job done. If you do want to school yourself in the technicalities, our Guide to Encryption will keep you busy.

Preventing DNS Leaks

There are also other factors involved in effectively hiding your IP address when you connect to a VPN, such as preventing DNS leaks.

When you click a link or type in a URL, your browser’s request for the website you want to visit is made to a DNS server.

Every ISP has its own DNS servers, which act like an internet telephone directory, matching the user-friendly names with the actual IP addresses your browser needs to connect.

Problems arise when your browser’s DNS requests are made directly to the ISP’s servers, exposing your activity.

An effective VPN will prevent this by operating its own DNS servers and forcing all traffic through them. To find out more about DNS (and other) leaks, head over to our DNS and WebRTC leaks guide.

Logging

It’s important to understand that by using a VPN you are shifting visibility of your internet activity from your ISP, who is not privacy-focused, to your VPN provider, which at least claims to be.

That’s why it’s vital to pick a VPN provider that takes every precaution to ensure that it logs the tiniest possible amount of information about your connection.

No respectable VPN will directly log any of your activity, but it may well collect general metadata about your connection, like when you logged on and off, and which server you connected to, for example.

Collection of these usage stats allows a VPN provider to keep its server network running as effectively as possible.

For more information take a look at our comprehensive guide to VPN logging.

How Do You Get a VPN?

  1. Decide your budget and make a list of your requirements
  2. Use a VPN review site (like ours) to compare providers
  3. Choose a VPN, pick a plan then start the checkout process
  4. Make your payment then click the link on the confirmation email
  5. Download and install the VPN app or VPN software
  6. Paste in the activation code from your email when prompted
  7. Click the big connect button to switch on your VPN

Before you decide upon a VPN, think about the following factors:

  1. What’s your budget?
  2. Will you need access to big streaming services like Netflix or BBC iPlayer via your VPN connection?
  3. What’s more important to you – performance or privacy?
  4. What server locations will you need?
  5. Which devices will you be using with the VPN?

Once you have a clear idea of what you need, use a VPN comparison service (like our top picks for 2019) to find a VPN that meets your criteria. It’s worth taking the time to read reviews to ensure you get a VPN that’s easy to use as well as fast and private.

Most services let you connect to multiple devices simultaneously, but there will usually be a limit on the maximum amount.

It usually only takes a few minutes from paying for your subscription to downloading and installing your new VPN. Just click the link on your confirmation email to download the software. Click the downloaded file to install it and paste in the activation code from your email when prompted.

When you want to connect, simply decide which VPN location you would like to connect to and then click the big button – it’s as easy as that.

Is a Free VPN Worth Looking At?

A free VPN always comes with a catch. At best, this might be very limited bandwidth, a speed cap or severe restrictions on available server locations. At worst, a free VPN might be riddled with ads or indulge in shady practices with your data. A paid VPN is almost always better.

Common logic dictates “why pay for something you can get for free?” Unfortunately there’s a ton of limitations and dagerous risks with using a free VPN. Most offer tiny bandwidth allowances, limited server locations, even capped speeds, as they want to convert you into a paid customer to unlock the full product.

Worse, free VPN providers may try to profit from you and your data in other ways. There have been reports of selling usage history to advertisers, secretly redirecting users via sponsored links to earn commissions and even adding devices to a massive botnet. We dive deeper into this in our exclusive free app investigation.

In comparison, a good paid VPN will heavily invest in privacy and security measures. It will also have to compete to deliver the best possible service in order to attract and retain your custom. ExpressVPN is one of our favorites.

Look for a VPN with a long money-back guarantee if you aren’t sure. Some give you up to 30 days to change your mind. If you’re determined to use a free VPN then we recommend you try one of these free VPNs.

Is it Legal to Use a VPN?

VPNs are completely legal in the vast majority of countries, so chances are you won’t need to worry. That said, VPNs are banned in a handful of nations: China, Turkey, Iraq, UAE, Belarus, Oman and Russia. Even then, the situation isn’t all that clear-cut as some activities are banned while others tolerated.

Even where VPN use is legal, common sense should always apply. A VPN may be a useful privacy and security tool but it should not be used to hide illegal activity. If you are planning to torrent a file, for example, you should ensure it is free from copyright restrictions before doing so.

If you are planning to use a VPN in a country where they are banned, you do so at your own risk and we would never condone it. While the UAE threatens massive fines for illegal VPN use, it’s not clear how China plans to implement its recent ban after years of unofficially tolerating the use of VPN services.

Is it Safe to Use a VPN?

When you use a VPN, you’re placing trust in the VPN provider to protect your privacy and keep you secure. Independent expert advice, like the kind you’ll find on this website, is invaluable – and VPN user reviews from verified customers can be a big help, too.

It’s important to take the time to make sure your proposed VPN provider is trustworthy. After all, every time you connect you are in a way trusting your provider with data that you aren’t comfortable sharing with your ISP.

It’s best to always use a VPN with a customer-focused policies that puts privacy first. While every provider will claim to have your best interests at heart, the detail of their terms of service and privacy policy will prove whether that’s actually the case.

In every single one of our reviews we aim to help you make sense of a VPN provider’s logging policy and how it responds to requests for its customer data from the authorities.

Can You be Tracked if You Use a VPN?

If the police want to find you, they probably will. Law enforcement can often cross-reference data from multiple sources, including basic VPN usage stats, to help prove serious crimes. For the average person protecting their privacy, using a VPN makes you much harder to trace.

A VPN is not an invisibility cloak. It does not make you fully anonymous. When you visit websites on a VPN connection, those sites will log the IP address of the VPN server along with the time and date for each page you visit.

Depending on the specifics of its logging policy, your VPN provider may log your IP address plus the time and date you connect and disconnect from a VPN server, along with its IP address.

Anyone able to get hold of both sets of data and cross-reference them could prove that you visited that website. Law enforcement agencies investigating a serious crime would be able to subpoena those records.

It’s not completely cut-and-dry, however, as your VPN provider may not have detailed enough logs to permit a match. They may only log the name of your VPN server rather than the IP address, of which there could be many, or they may only log date stamps without the specific time. Your provider may also have purged the logs by the time the authorities request them.

There are other ways you can inadvertently expose yourself even with a VPN: DNS and other kinds of leaks, location services on mobile devices, logged-in browsers etc. Make sure you verify your connection with a DNS leak test and run through all your browser settings. On a mobile device, it’s also worth reviewing all privacy settings.

A good portion of VPN services make a virtue out of not co-operating with such requests however by not only basing themselves beyond relevant jurisdictions but also by not retaining such data in the first place.

It’s vital to choose a VPN with a kill switch as this will completely disconnect you from the internet should your VPN connection fail for any reason.

If you really need true anonymity because you are a whistleblower, political activist or journalist for example, then using the special Tor browser is more appropriate.

Using a VPN and Tor together is an effective privacy tool for the most sensitive internet activity. In such cases, we recommend you sign up for a VPN that allows you to pay anonymously via bitcoin to protect your identity.