The right VPN will encrypt your internet traffic, hide your IP address, and help protect your privacy online. Find everything you need to know about VPNs in this complete guide to Virtual Private Networks.
The world is growing increasingly hostile to online privacy. Every time you access the internet you risk falling victim to surveillance, censorship, data theft, and a host of other issues.
To make matters worse, governments around the world are censoring the internet at an alarming rate, hindering our ability to access information and communicate freely with one another.
That’s where a VPN comes in.
A VPN (Virtual Private Network) is a simple piece of software that you can install on almost any device. It will protect your privacy, help you stay safe online, and grant you unrestricted access to the internet.
Most importantly, a VPN will encrypt your data and hide your IP address by creating a private tunnel through the internet.
A VPN allows you to:
Hide your IP address from the websites you visit
Encrypt your browsing traffic
Access geographically-restricted content
Stream or torrent content from other countries
Choose between multiple private server locations
Protect your data on public WiFi networks
But how exactly do VPNs work? Are they safe? And how do you find the right VPN provider?
This comprehensive guide will cover everything you need to know about VPNs. We’ll break down the technical jargon so that you can use a VPN confidently and safely.
A Virtual Private Network (VPN) is a piece of software used to keep your internet activity private and secure.
The VPN creates a secure tunnel between your device and a private VPN server before forwarding your traffic on to the website or application you’re visiting.
This stops Internet Service Providers (ISPs) and authorities from tracking what you do online. It also protects you from hackers looking to intercept your traffic.
A VPN keeps your browsing activity private by encrypting your internet traffic, routing it through a secure tunnel, and masking your true IP address.
VPNs create a secure tunnel, encrypting your web traffic and hiding it from snoopers and hackers.
Depending on which VPN provider you’re using, you’ll be able to choose from dozens or even hundreds of VPN server locations around the world.
This means you can trick websites into thinking you’re browsing, streaming, or torrenting from a specific city or country.
By encrypting your connection and rerouting your traffic through a remote server, neither your Internet Service Provider (ISP) nor anyone else on the network can monitor your internet activity. If someone does monitor your connection, all they’ll see is useless letters and numbers.
This protects you from government surveillance, website tracking, and any malicious third parties who might try to intercept your traffic.
Your IP address will change and your browsing data won’t be linked to your real location, making everything you do online much more private.
You don’t need to switch your Internet Service Provider to use a VPN, and you won’t need to buy any new equipment like a modem or a router. Installing and using your VPN is all done online in a matter of minutes.
2Hide your IP address from the websites you visit.
One of the most common reasons for using a VPN is to mask your true IP address.
Your IP address is a unique numerical address assigned by your ISP. Everything you do online is linked to your IP address, so it can be used to match you to your online activities. Most websites record the IP address of their visitors.
Advertisers can also use your IP address to serve you targeted adverts based on your identity and browsing history.
When you connect to a VPN server, you will take on the IP address of that VPN server. Any websites you visit will see the IP address of the VPN server rather than your own.
You’ll be able to bypass IP address blocks and browse websites without your activity being traced back to you as an individual.
3Unblock websites and bypass geographical restrictions.
Your IP address links you to your physical location. It can be used to block users in specific countries from accessing certain websites.
Certain services — like Netflix or BBC iPlayer — alter their libraries depending on the country you’re visiting from. Using a VPN is the only reliable way to bypass these geographical restrictions and unlock the ‘hidden’ content. You can visit our recommended VPNs for Netflix for more information.
More importantly, VPNs can help you evade censorship by encrypting your traffic and masking your true IP address. If you want to view content that is locked to another country or censored in your region, you can use a VPN to bypass these restrictions.
Using a VPN can help citizens bypass website blocks to access global media and communicate freely. In countries that limit freedom of speech and freedom of the press, a VPN can help individuals speak out against the government safely and privately.
For more information on government censorship, the Committee to Protect Journalists (CPJ) has a safety kit for journalists that provides guidance on issues like risk assessment and digital security.
When you use the public WiFi connection in a café, hotel, or airport you are putting your sensitive data at risk.
Exploiting public WiFi networks to gather data is simple and incredibly cheap. Criminals can take advantage of open and unencrypted networks to steal important data like your bank details, credit cards, photos, and other personal information.
Hackers are increasingly targeting hotels and shopping malls in pursuit of high-value targets. A recent Bloomberg report explains how some criminals check in to hotels with the explicit goal of stealing valuable data.
Motherboard also provides a good summary of the problem with public WiFi networks. This includes the popular “WiFi Pineapple” that gives almost anyone the ability to take advantage of public networks for under $99.
You can protect your device by using a VPN, which will encrypt your internet traffic and make it much, much harder for hackers to intercept and steal your data.
Unfortunately, most users remain oblivious to the true dangers of open WiFi networks. If you travel frequently and need to stay online, a reliable VPN is an invaluable privacy tool.
Your ISP almost certainly monitors your online activity. If you live in a country without strong net neutrality laws, your ISP can even deliberately slow down your connection when you carry out bandwidth-heavy activities like downloading a large file or torrenting. This is called bandwidth throttling.
VPN encryption can help to prevent ISP throttling, meaning that you can enjoy the best speeds for downloading, torrenting, gaming, and streaming — all the while unlocking content from all over the world.
Torrenting without a VPN is also pretty risky. Not only is your IP address visible to peers, your ISP can also see that you are accessing torrenting sites and apps, too.
We don’t condone downloading copyrighted material, but using a VPN is essential if you want your P2P activities to be kept private. To find out which VPNs we recommend for torrenting, read our Best VPNs for Torrenting guide.
When Should You Use a VPN?
We recommend using a VPN all the time to benefit from continual protection, but there are a handful of occasions when it’s particularly important to use a VPN.
You should use a VPN if:
You are concerned about your online privacy
You are in a country that censors the internet
You are interested in streaming content from overseas
You are using a public WiFi network
You need to bypass an IP-based website block
You are a journalist, activist, or whistleblower dealing with sensitive information
The most common reasons for using a VPN. Data taken from Global Web Index’s VPN Usage Report.
How Does a VPN Work?
A VPN creates a private and encrypted internet connection between your device and a private server. This means your data can’t be read or understood by your ISP or any other third-parties. The private server then sends your traffic onto the website or service you want to access.
If you already know how a VPN works, you can skip straight to the next section of this guide: Are VPNs Safe?
Here’s how a VPN works::
You sign up to your chosen VPN service. For advice on which VPN provider to choose, skip to our section on how to choose the best VPN.
Install the VPN software on your device. This software is called a VPN client. It can be an application supplied by a VPN provider (like ExpressVPN or NordVPN) or third-party software like OpenVPN or Tunnelblick.
Sign in to your VPN client with your account details and choose the location of a VPN server you want to connect to.
When you click ‘connect’ on the VPN app, the VPN client will look up the IP address of your chosen VPN server.
The VPN client initiates a connection with the VPN server. They then exchange data including your login credentials in order to establish an encrypted VPN tunnel.
The VPN tunnel is a secure link between your device and the VPN server. Encrypting your data means it can’t be read or understood if it is intercepted between your device and the server.
Outside observers like your ISP can see that data is being transferred, but not what that data is. You can read more about VPN encryption in the next section of this guide.
Your device’s internet traffic is sent through the encrypted VPN tunnel to the VPN server.
The VPN server decrypts your device’s internet traffic and forwards it onto the website or service you are trying to access. If the VPN is working as it should, the website will only see the IP address of the VPN server, not your originating IP address.
Every VPN service comes with a list of server locations, and the best VPNs will allow you to choose from a range of countries and cities around the world.
Screenshot of CyberGhost VPN server locations in the Windows app.
VPN Encryption Explained
Encryption is the process of encoding data so that only a computer with the right ‘key’ will be able to read it.
A VPN is only as secure as the encryption it uses to protect your data.
With a VPN, the computers at each end of the VPN tunnel encrypt the data entering the tunnel and decrypt it at the other end. However, a VPN needs more than just a pair of keys to apply encryption.
That’s where VPN protocols come in.
VPN protocols refer to the set of rules and processes that a VPN client follows in order to establish a secure connection between your device and the VPN server. The VPN protocol you use will determine how your secure tunnel is actually formed.
Depending on the protocol in use, a VPN might have different speeds, capabilities, or even vulnerabilities. Most VPN providers will give you an option of which protocol you’d like to use.
There are several VPN protocols available, but not all of them are safe to use. Here is a table of the most common VPN protocols:
OpenVPN. This is our preferred VPN protocol. It’s open-source, very secure, and operational on almost all VPN-capable devices. OpenVPN has been well-tested and remains the industry gold standard. You should use OpenVPN where available.
IKEv2/IPSec. Used alongside IPSec, IKEv2 is a newer, closed-source VPN protocol. It is very secure, pretty quick, and handles network changes with ease. This makes it the ideal protocol for mobile devices which constantly switch between WiFi and mobile data.
L2TP/IPSec. This protocol is fairly outdated and comes with a couple of security flaws. If used with the AES cipher it’s generally considered safe, but there have been some suggestions that the protocol has been compromised by the NSA.
SSTP. SSTP is another closed-source VPN protocol. It’s Microsoft-owned and based on SSL 3.0, which is vulnerable to a specific MITM attack called Poodle. While it’s not been confirmed if SSTP is affected by this attack, we don’t think it’s worth the risk.
Wireguard. The newest VPN protocol to date, WireGuard is promising but still in development. It aims to be fast, secure, and more easily implemented than other VPN protocols by using far fewer lines of code. So far, there has been no stable 1.0 release, so WireGuard should be considered experimental until then.
Ciphers refer to the algorithms used to encrypt and decrypt data. While the VPN protocol creates the VPN tunnel, a cipher is used to encrypt the data flowing through the tunnel.
The operation of a cipher usually depends on a piece of information called a key. Without knowledge of the key, it is extremely difficult – if not impossible – to decrypt the resulting data.
When talking about encryption, we generally refer to a mixture of cipher type and key-length, which denotes the number of ‘bits’ in a given key.
For example, Blowfish-128 is the Blowfish cipher with a key length of 128 bits. Generally speaking, a short key length means poor security as it is more susceptible to violation by brute-force attacks.
A key length of 256 bits is the current ‘gold standard’. This cannot be brute-forced as it would take billions of years to run through all the possible combinations.
As is the case with VPN protocols, VPN software can use several different ciphers. Here are the most popular ciphers used in VPN software today:
AES. Like OpenVPN is for protocols, AES is the gold standard for ciphers. It’s used by the US government for confidential data and is considered to be extremely secure. You’ll commonly find two key lengths: AES-128 and AES-256. Both are considered to be safe.
Blowfish. Blowfish used to be the default cipher used in OpenVPN, but it has largely been replaced by AES now. Blowfish isn’t regarded to be as secure as AES, and is vulnerable to ‘birthday attacks’.
VPNs also use handshakes and hash authentications to further secure your connection. You can read all about these — and many more details about VPN protocols and ciphers — in our complete guide to VPN encryption.
Are VPNs Safe?
A trustworthy VPN is an invaluable first step to protecting your privacy and staying safe online.
Unfortunately, not all VPNs are safe to use.
Many popular VPN services are poorly-made, unreliable, and even dangerous.
The wrong VPN can:
Log your browsing activity
Fail to encrypt your data
Share your data with authorities
Leak your identifying information
Infect your device with malware
There are certain important questions you need to ask in order to determine whether a VPN is safe or not.
One of the most important aspects of a VPN service is its logging policy.
When you use a VPN you are trusting the VPN provider with all of your internet traffic — that includes your IP address, all of the websites you visit, the messages you send, and all of your personal data.
We investigated 90 of the most popular VPN services’ logging policies and found that 26% of popular VPNs log your originating IP address. For more information on which VPNs keep logs, check out our dedicated guide to VPN logging policies.
The best VPNs don’t log:
DNS requests or websites visited
Your originating IP address
VPN server IP address
Individual bandwidth usage
In short, a safe VPN protects your privacy by not logging any data that could link you as a user to your online activities. Unfortunately, some VPNs still do.
Unfortunately, the logging policies of VPN providers are often vague and misleading.
Some providers falsely claim to collect a minimal amount of data, while others are deliberately vague about the type of data their policy refers to.
The best VPN providers will be completely transparent about what type of data they collect and why this data is necessary.
They will also tell you if the VPN shares your data with any third parties, including advertisers, government agencies, and holding companies.
2Where Is the VPN Based?
Where a VPN company is based — otherwise known as its ‘jurisdiction’ — can have a huge impact on the privacy of your personal data.
Certain countries are involved in international intelligence-sharing alliances called the Five-Eyes, Nine-Eyes, and Fourteen-Eyes. In terms of privacy, these countries are the worst places to base a VPN company.
The Five-Eyes countries are the US, UK, Canada, Australia, and New Zealand.
Intelligence agencies in these countries have the power to force organisations to log private information and share it amongst themselves. These logging requests may be accompanied by a gag order which makes it illegal for the company to publicly disclose what they’re being compelled to do.
It’s also not safe to incorporate a VPN in a heavily-censored country like China, Russia, or Turkey. These countries are more likely to force VPN companies to log or censor content accessed through the VPN.
Ideally, a VPN should be incorporated in a country with strong privacy and net neutrality laws. The jurisdiction should have no international ties to more intrusive nations and no history of prosecuting citizens based on the contents of their browsing history.
Some of the best VPN jurisdictions include the British Virgin Islands, Cayman Islands, Panama, Seychelles, and Switzerland.
The safest VPN services will be open about the technical measures they have in place to safeguard their customers and their business.
Any worthwhile VPN service will offer the latest and most secure levels of encryption, a wide selection of protocols, and a range of advanced security features including kill switches, split-tunnelling, and obfuscation.
You should always look out for OpenVPN and IKEv2, as these are the safest protocols to use. If a VPN only offers PPTP then don’t use it.
You should also look for strong encryption like AES-256. If a VPN provider isn’t willing to disclose what encryption the software uses, then it’s not a safe VPN.
Low-quality VPN services can leak your personal information to third parties without you even knowing. This could include your location, your IP address, the websites you’ve visited, and more.
Needless to say, there’s no point in using a VPN that leaks your personal data. Even if the VPN has a zero-logs policy, anyone viewing your connection — your ISP included — will be able to view your identity or activity.
There are four types of leak to be aware of:
IP leaks. This happens when your VPN fails to mask your IP address with one of its own. This is a significant privacy risk; your ISP and any websites you visit will be able to link your online activity to your true identity.
DNS leaks. A VPN is supposed to route your DNS requests to its own DNS servers. If your VPN routes DNS requests outside of the encrypted VPN tunnel to your ISP’s DNS servers instead, it’s called a DNS leak. This exposes your browsing activity and any websites you’ve visited to your ISP or any other eavesdroppers.
WebRTC leaks. WebRTC is a browser-based technology that allows audio and video communications to work inside web pages. WebRTC has clever ways of discovering your true IP address even if a VPN is on. The best VPNs block WebRTC requests. Alternatively, you can disable WebRTC completely at the browser level.
IPv6 leaks. IPv6 is a new format of IP addresses, but not many VPNs currently support it. Unless VPNs support or actively block IPv6, your personal IPv6 address can be exposed. This is called an IPv6 leak.
We rigorously test every VPN that we review to find out whether it leaks your data. For more information on the types of VPN leaks, how to test a VPN for leaks, and which VPNs leak, visit our comprehensive guide to VPN leaks.
How to Run a VPN Leak Test
The following steps show you how to run your own VPN leak test at home. It takes next to no technical knowledge and you’ll be done in a few minutes.
To run a VPN leak test:
Visit browserleaks.com and run a leak test when your VPN is disconnected. Note down your IP address and the addresses of your ISP’s DNS servers.
Before you connect to a VPN server make sure to enable the VPN kill switch. This will prevent leaks during sudden VPN disconnections. Enable DNS, WebRTC, and IPv6 leak protection in your VPN application if possible.
Connect to a VPN server and refresh the leak test page in your browser.
If the VPN is working as it should, it will show a different figure for your true IP address and ISP’s DNS servers.
The following screenshot shows a leak test of a PrivateVPN US Server. The red arrows mark the fields you should be paying attention to:
Screenshot of browserleaks.com when connected to a PrivateVPN US server. No leaks were detected.
If you can see your originating IP address or DNS servers, the VPN is leaking.
We found that 18% of the free VPN applications tested returned positive matches when scanned for viruses and malware.
A 2016 academic report also found that 38% of 283 Android apps tested contained some form of malware, and 16% deployed non-transparent proxies to manipulate HTTP traffic.
In short, the popularity of a free VPN application in the Apple or Google Play Store does not guarantee its safety or legitimacy. You can find out more about the dangers of free VPNS later on in this guide.
To be safe, look out for well-known VPN apps that have been independently audited for security vulnerabilities like ExpressVPN, Surfshark, and TunnelBear. Never trust a VPN with your data without researching its reputation first.
To avoid copycat applications, always download your VPN software from your chosen provider’s official VPN website or app store page.
Are VPNs Legal?
It’s perfectly legal to use a VPN in most countries, including the US, UK, Canada, and most of Europe. It’s important to note, however, that anything that’s illegal without a VPN remains illegal when using one.
Even in places where VPNs are legal, some countries have intrusive surveillance and data retention laws that might be worth considering. You can learn more about this in our guide to VPN jurisdictions.
Where are VPNs Illegal?
We looked at the laws of 195 countries and found only four countries where VPNs are completely illegal:
Belarus. VPNs have been banned since February 2015, and those caught using one may face an unspecified fine.
Iraq. The Iraq government banned VPNs in 2014 to stop terrorist organizations from influencing the public via social media.
North Korea. Due to North Korea’s secretive nature, it’s unclear when VPNs became illegal or what the punishment for using one is.
Turkmenistan. VPNs were made illegal in 2015 and are actively blocked by the government. If you do use a VPN in Turkmenistan, you risk incurring a fine and a ‘summoning’ from the Ministry of National Security.
Where are VPNs Restricted?
There are also six countries where VPNs are highly regulated or restricted. You can find a full list of countries where VPNs are illegal or restricted in the table below.
If your country is not mentioned in either of the lists above, VPNs are completely legal to use there.
If you do choose to use a VPN in any of the countries listed above, it’s essential that you choose a reliable, trustworthy, and private VPN service.
For more information on the few countries where VPNs are regulated or banned, you can read our dedicated guide: Are VPNs Legal?
Can You Be Tracked If You Use a VPN?
Your online activity will be much more private with a VPN compared to surfing the web without one. However, a VPN will not make you completely unidentifiable.
If someone was serious about trying to track you across the Internet, your IP address would only be one aspect they would investigate in order to identify you.
Even with a VPN, you could be tracked through:
Another point of concern are web trackers that are embedded in advertisements. These allow websites to provide custom adverts according to your unique browsing habits.
Browser Fingerprinting. Your device provides the websites you visit with detailed information about your operating system, browser, and hardware. The sum of this information can be used to create a unique “fingerprint”.
The use of this data to identify and track users is known as “browser fingerprinting”. You can learn more about browser safety in our Guide to Private Browsers.
Your VPN Provider. Although using a VPN will hide your traffic from your ISP, the VPN provider itself will still have the technical capability to view your identity and activity. If your VPN collects identifying logs and shares this information, your identity will be compromised.
IP, DNS, and WebRTC Leaks. A poor-quality VPN can expose your true IP address or your DNS requests, potentially exposing your identity or your internet history.
Traffic Fingerprinting. Your ISP can see all of the data packets sent from your computer to the VPN server. Although they can’t tell what these packets contain or where they’re headed, it’s possible to still identify the kind of traffic (i.e. web pages, streaming, P2P, etc.) being sent by analysing the timing and density of each packet.
Browsing Behaviour. Although your traffic is encrypted, web companies such as Facebook and Google are still able to see your online activity. If you’re signed in to these while you surf the web, a VPN won’t stop them from monitoring you or associating you with your VPN IP address.
How Can I Keep My Activity Private?
To maximise your privacy and security while using a VPN, you’ll need to alter your browsing habits. Avoid any behaviour that an onlooker might use to infer your identity.
Here are the most important rules for maintaining your privacy:
Choose a trustworthy VPN service that keeps no logs of your activity and has been tested for leaks. Make sure that your VPN has a kill switch to prevent your identity being exposed if your connection drops.
Turn your VPN on before launching a program or accessing a website.
Use a separate, privacy-focused web browser such as Firefox or IceCat for all VPN browsing. Clear the browser’s cookies and cache before every VPN session.
Avoid browsing while signed into a social media, Google, Apple, or Microsoft account. Don’t use Google Search (DuckDuckGo is a good alternative).
Avoid using mobile 2-step verification while connected to your VPN.
If you’re making purchases online, use cryptocurrency where available. Your debit card or PayPal account will identify you.
Turn off your smartphone’s GPS location data functionality.
Consider using the Tor Browser if you are extremely concerned about anonymity. You can read more about Tor later on in this guide.
If you keep all of the above in mind , a good VPN with a privacy-friendly logging policy will make you significantly harder to track versus your online footprint without one. Your ISP in particular will find it very difficult to find out what websites you’ve visited.
How Do I Choose a VPN?
There’s a world of difference between VPNs. As we’ve mentioned, some VPN providers can even jeopardise the privacy and security they’re designed to protect.
Without the right information, many users are forced to make their choice of VPN without a lot of clarity. If you’ve already chosen your provider, you can skip straight to the next section on how to install a VPN.
When choosing a VPN, it’s important to ask:
How much does it cost?
How safe is it?
Which devices does it support?
How fast is it?
Does it work with streaming services?
Can it beat censorship?
Remember that the right VPN for one person may not be the right VPN for you. If you’re looking to travel to China, for example, you will need a VPN with strong encryption and advanced features like obfuscation. If you’re concerned primarily with streaming or torrenting, however, you will need a VPN with fast speeds.
Here are the main factors you need to consider when choosing a VPN service provider:
1How much does the VPN cost?
You know how much you want to spend on a VPN, so there’s no point in choosing a service that’s way beyond your means.
A high-quality VPN service will typically cost around $10 per month if you pay on a monthly basis. This can drop to as little as $50 per year if you’re willing to pay up front.
If you need to use a free VPN, be sure to read the Can I Use A VPN for Free? section later in this guide. There are certain drawbacks and dangers that you need to be aware of in the free VPN market.
2How safe is it?
Once you’ve decided how much you’re willing to spend on a VPN subscription, it’s essential that you find a safe VPN.
Consider all of the points mentioned in the Are VPNs Safe? chapter of this guide. In summary, check that your VPN has:
A privacy-friendly logging policy & jurisdiction.
Strong VPN protocols & encryption.
No IP, DNS, or WebRTC leaks.
A VPN kill switch.
No intrusive permissions or third-party access.
3Which devices does the VPN support?
Now that you’re left with several safe VPNs, you need to find the services that work on the devices you want to protect.
Do you have a Windows or Mac computer? An Android or iPhone? Do you want to cover streaming devices and games consoles? How many devices do you need to cover?
Make sure to choose a VPN that supports the devices you need to protect.
The easiest way to use a VPN on your computer, smartphone, or tablet is to install a custom app from the VPN’s website. Some VPNs also provide custom apps for the Amazon Fire TV Stick. It’s important to note, however, that some services have a limit on the number of devices you can connect to the VPN simultaneously.
If you want to protect any devices over this limit you’ll have to install your VPN at router level, which will in turn encrypt all internet traffic from the devices connected to it.
4How fast is the VPN?
As we’ve already mentioned, VPNs do slow down internet speeds somewhat through encrypting and tunnelling, but some are slower than others.
If you’ll be using a VPN to stream, torrent, or game, you’ll need a speedy VPN that’s able to keep up with your activities. For more advice on VPN speeds you can read our recommendations for the fastest VPNs of 2019.
5Where are the VPN’s servers located?
If you’re looking to bypass censorship or geographical restrictions you’ll need to make sure your VPN has servers located in the countries you need. For example, if you want to access US-only news content, you’ll need a VPN with servers in the US.
Likewise, if speed is a priority you need to make sure your VPN has server near your physical location — the closer the servers are, the better your speeds will be.
Check your chosen VPN provider’s website or our reviews to find out where your VPN’s servers are located.
6Does it work with streaming and torrenting services?
If you plan to stream services like Netflix or use your VPN for torrenting, you’ll need a VPN that works effortlessly with each service.
You should choose a VPN for your particular needs. Not every VPN that works with Netflix also works with Hulu or BBC iPlayer, for instance. Similarly, streaming-friendly VPNs don’t always permit P2P traffic.
Research your provider’s reputation and never use a VPN you’re not fully comfortable with. If you’re really concerned about safety, performance, and privacy, you should be using a subscription-based VPN that has been independently tested and well-reviewed.
How Do I Install a VPN?
There are lots of different ways to install a VPN on your device, and the process will differ depending on the type of device in question. By far the easiest and most common method is to download a custom app directly from your VPN service provider.
Most commercial VPNs that you can subscribe to come with custom apps for Windows, MacOS, Android, and iOS, but some also provide native apps for routers and streaming devices like Amazon Fire TV Stick too.
To install a VPN using a custom app:
Purchase a VPN subscription from your provider’s website and verify your account by email. We’ll use NordVPN as an example.
Download the VPN software from your VPN provider’s website or click through to the Google Play Store or Apple App Store for Android and iOS devices. Click through the installation prompts and agree to the Terms of Service.
Log into the VPN app using your account credentials.
Go into the VPN settings menu and enable the VPN kill switch and leak blocking if available. Select the VPN protocol of your choice. We prefer OpenVPN.
Go back to the app’s main screen and select a VPN server location from the locations list.
Click the connect button. You will now be connected to a VPN server in your chosen location.
It’s important to note that not all VPN services come with custom apps for every device. However, you may still be able to use your VPN on a difference device if your VPN supports manual configuration.
Manual configuration can be a complicated process, but if you follow the instructions provided on your VPN provider’s website you shouldn’t have a problem configuring your device.
Most devices have integrated VPN support, which means that all you need to do is upload the VPN service’s configuration files to the built-in client. You can usually find the client within network settings.
If you’d like to use OpenVPN, you’ll have to download a third-party app — like OpenVPN’s client software — and then upload the VPN service’s configuration files.
We’ve included more detailed instructions in the following guides:
It is possible to set up your own VPN server at home, but it’s a complicated process with a lot of room for error. Home-made VPN servers aren’t ideal for accessing restricted content or for your online privacy as your ISP can still log your online activities.
There are lots of free VPNs on the market, but most of them are limited at best and dangerous at worst.
If you decide to use a free VPN, look out for:
Monthly data caps.
Limited server choice.
Abuse of your personal data.
No technology to bypass censorship.
No servers to unlock streaming services.
The True Cost of Free VPNs
VPN services can monetise your data in unexpected ways. It’s expensive to develop and operate a reliable VPN, and many low-cost or free services choose to subsidise the price of subscription with income from other channels.
If you’re not paying for your VPN service at all, it’s likely that some form of data collection, sharing, or sale is occurring in order to cover the cost of the product. Many of these free services also rely heavily on advertising, which is less than ideal for privacy.
We’ve done a lot of research on free VPNs and have discovered a number of disturbing privacy flaws.
Our investigations have revealed that some of the most popular free VPNs on the market have secret links to mainland China, while 85% of the most popular free Android VPN apps feature excessive permissions with the potential for privacy abuses.
Generally, ‘Freemium’ VPNs are safer than completely free services. These VPN providers will offer a free trial or restricted service as well as a much more expansive paid version.
Freemium VPNs make their money through the paid product, which allows them to provide a limited free service. VPN providers that offer ‘freemium’ products include Windscribe, ProtonVPN, and Tunnelbear.
Freemium VPNs tend to:
Enforce monthly data caps.
Limit server location choices.
Not support streaming services like Netflix.
Prohibit all P2P traffic.
Screenshot of ProtonVPNs ‘freemium’ VPN.
How Much Does a VPN Cost?
VPN subscriptions vary in price considerably, and the price of a VPN service doesn’t necessarily equate to the level of quality it provides.
VPN companies tend to offer discounts for longer subscriptions. A month’s service might cost $10, but if you sign up to a year’s subscription you may get 60% off the monthly price.
Be aware that you usually have to pay the full subscription cost upfront, which can make it feel expensive, and might not suit all budgets.
Generally speaking, cheaper VPNs tend to be around $6-8 a month and more expensive ones around $12-15 a month.
VPN FAQs: Frequently Asked Questions
Now that we’ve covered the basics, the following chapters will answer the most common questions we receive about using a VPN. If you’ve already got a question in mind, you can skip to the chapter that’s most relevant to you:
All VPNs will slow down your internet speeds to some degree. With the very best VPNs, however, this impact will be negligible.
Fundamentally, a VPN works by diverting your web traffic through its own servers. Just like any journey, diversions slow it down – and that’s just what happens to your internet speeds when using a VPN.
Encryption can also add to the time taken to load sites or download files, too. The stronger the encryption, the longer the delay.
To maximize your VPN speeds:
Choose a VPN server close to your physical location.
The closer the VPN server you choose to connect to, the less it will affect your internet speed. This is why it’s important to check the full list of server locations provided by a VPN provider before you sign up.
Choose a VPN server with the lowest load.
Some VPN apps show you how busy a server is using a percentage ‘load’. The higher the server load, the more users connected to that server. A congested server will provide slower speeds.
Change the VPN protocol.
Sometimes changing the VPN protocol in use can increase the speeds you experience. Try switching between OpenVPN TCP and UDP, or using IKEv2, a particular speedy protocol. Don’t compromise on security, though. While weaker protocols and ciphers tend to be faster, they put your online security and privacy at risk.
You might have heard about VPNs in the context of the workplace. There are two main types of VPN services: business (or corporate) VPNs and personal (or consumer) VPNs.
While the technology is very similar, the reason you use a business VPN is quite different from how you would use a personal VPN outside of work.
Business VPNs allow employees to access the office network remotely and securely. This allows employees to access network folders, printers, intranet sites, servers, and databases from outside of the office.
Your internet traffic is encrypted between the user’s device and the VPN server in the office, which prevents third parties from intercepting the traffic.
However, your internet traffic is still subject to your company’s policy, meaning that your boss may still see what you’re doing online, even though you’re not physically in the office.
On the other hand, personal VPNs – the ones we test and review – are slightly different.
Personal VPNs are generally used by individuals who don’t need remote access to files on a home or work network. They are typically used for personal privacy and security reasons, and for bypassing online geo-blocks.
Unlike business VPNs, you can use a personal VPN to access content from hundreds of different countries using a pool of different IP addresses.
Your traffic is still encrypted and — if you use a trusted VPN service — nobody can read your internet traffic. However, you won’t be able to access network-specific files remotely.
You won’t find any business VPN reviews on this website – we only review consumer VPNs.
Using a VPN keeps your torrenting activities private and prevents ISP slowdowns and censorship.
Not all VPNs permit P2P traffic, though. Some have a zero-tolerance for torrenting, and others put restrictions on certain VPN servers. If you need to use a VPN for torrenting, read our VPN recommendations for torrenting.
It’s worth noting that some users might torrent via Kodi, a free and open-source media player application. The same VPNs we’ve recommended for torrenting are also great choices for protecting Kodi traffic.
In addition to all of their privacy and security benefits, VPNs also allow you to unlock restricted streaming content. That includes Netflix.
When you use a VPN you assume the IP address and location of the VPN server you’re connected to. This allows you to watch content from that country or region.
With Netflix in particular, it’s not always as simple as connecting to a different VPN server and getting instant access to all your favorite shows.
That’s because Netflix actively blocks VPN IP addresses. Technically, it’s against Netflix’s terms and conditions to view content outside of the “country in which you have established your account”.
Users are supposed to access Netflix “only in geographic locations where we offer [the] service and have licensed such content.”
Fortunately, there are several quality VPNs that bypass this block and unblock Netflix, allowing you to watch content from libraries all around the world. These VPN services work hard to bring out new IP addresses as soon as Netflix blocks previous IP addresses.
A VPN doesn’t allow you to watch Netflix for free though — you’ll still need to pay for a subscription in order to access the streaming service. It’s the same situation for other popular streaming services like Hulu and BBC iPlayer, too.
In short, using a VPN with Netflix will allow you to:
Stream safely and securely.
Unlock content from other geographical regions.
We regularly test the VPNs on our website to check if they’re working with the most popular streaming services or not.
If you’re looking for a VPN for streaming, be sure to get one that works with your favorite services. Here are our recommendations:
If you’re concerned about protecting your privacy, you need a VPN on your smartphone. Using a VPN on your phone is as essential as protecting your desktop computer, whether you’re at home or on the go.
In fact, global demand for mobile VPN applications is growing rapidly. The number of mobile VPNs downloaded worldwide has increased by over 50% two years in a row. Between 2018 and 2019, over 480 million mobile VPN apps were downloaded.
A VPN helps to prevent hackers from stealing your private information on public networks. It also stops your ISP from keeping logs of the websites you visit on your smartphone.
That said, beware that it’s very difficult to make your smartphone totally anonymous. You’re probably always signed in to your Apple or Google account while using it, which provides a concrete connection to your identity when you use other apps and services.
If you need to choose a VPN for your smartphone, check out the following guides we’ve put together:
You can also use these VPN apps on Android and iOS tablets.
Can I Use a VPN Without WiFi?
As long as your device is connected to the internet you can use a VPN. That means you can connect to a VPN when you’re on a 3G or 4G connection.
From a security perspective, the need to do so is not as great, but you can never be too secure. Using a VPN with mobile data will still allow you to spoof your location and hide your online activity from your mobile carrier.
Is a VPN Better Than a Proxy?
VPNs and proxy servers can both help to hide your IP address and access restricted content.
While both tools connect you to a remote server and hide your location, the level of privacy, security, and anonymity they offer varies wildly.
The main benefit of using a proxy server is that you don’t connect directly to the websites you visit. The proxy server will connect to the website on your behalf, retrieve the contents of the web page, and then forward this information to you.
If configured correctly, this means the websites won’t be able to see your personal IP address. Instead, they will see the IP address and location of the proxy server, keeping your real location a secret.
Proxies are often unreliable, lacking in advanced features, and may even harm your privacy.
Proxy servers are not considered privacy tools. While they can disguise your IP address, most of them do not encrypt your traffic. Anyone viewing your data before it reaches the proxy server — your ISP, for example — can see exactly what you’re doing.
You should use a proxy if:
You need to quickly bypass a geographical restriction.
You are not concerned about your privacy or anonymity.
You are not transferring sensitive personal data.
You need to quickly avoid an IP-based website block.
Virtual Private Networks (VPNs), on the other hand, create an encrypted and secure tunnel between your device and the website or application you’re visiting. Your web traffic will be routed to a private server of your choice, and then on to the website or app you want to visit.
A VPN will protect and redirect all of the traffic coming from your device, not just the traffic coming from your browser window.
More importantly, a VPN will also encrypts your internet traffic and prevent third parties from spying on your browsing activity. It’s for this reason that VPNs are considered privacy tools first and foremost.
If you need to get around a content block quickly and you’re not trying to hide your data from anyone, you can paste the URL into an HTTPS proxy and access that page as a one-off.
That said, proxies are often unreliable, lacking advanced features, and may even harm your privacy. It would be foolish to use a free proxy and assume that nobody is watching what you’re doing.
While they’re not the best for privacy, they’re great if you’re not dealing with any sensitive data. Popular web proxies include Hide.me, HideMyAss, kproxy, and Whoer.
Tor and VPNs both offer private browsing, but they aren’t the same.
The Tor Network — often referred to as just “Tor” — is a free, open-source system designed to enable anonymous communication on the web.
The Tor Network anonymizes your online activity by encrypting your communications and randomly bouncing them through a global network of access points, or ‘nodes’, which are all maintained by volunteers.
Unlike most VPN services, which you have to pay for, Tor is free and open-source, with no central authority.
Tor is used by journalists, activists, and campaigners as a privacy tool. Tor also allows users to access parts of the web that aren’t indexed by search engines — this is called the deep web. The deep web is known for its .onion sites.
In short, the Tor Network allows you to:
Hide your IP address from the websites you visit.
Access ‘hidden’ .onion domains.
Anonymise your online activity.
While there are still legitimate reasons for using Tor, we recommend using a VPN in the majority of cases. Here’s why:
Tor is slow. Data in the Tor network is routed through multiple random nodes and encrypted and decrypted multiple times. This means that Tor is very, very slow. Tor is not a good choice for watching high-quality streaming videos, P2P file-sharing, or anything else that requires a high speed connection.
Tor only protects web browser traffic. Without manual configuration, Tor only protects the traffic within the Tor browser. That leaves traffic from all other applications and services exposed. By contrast, VPNs reroute and encrypt all your device’s traffic.
Complexity. Unlike with a VPN, you can’t just ‘turn on’ the Tor browser and hide your IP address. If you don’t configure your browser properly and modify your browsing habits, it’s incredibly easy to reveal your true IP address.
Unwanted attention. As you may already know, Tor has a reputation for attracting those who are very keen on avoiding detection. This includes journalists and whistleblowers – but also criminals. Your ISP can see that you are using Tor even if they don’t know what you’re doing. For this reason, frequent use of Tor can potentially mark you for surveillance.
A good VPN should be seen as a worthy investment into your security, privacy, and freedom — to prevent costly data loss, open up your browsing capabilities, and protect your right to privacy.
We thoroughly test each VPN reviewed on our website and make sure to keep our recommendations up-to-date so that you can make an informed decision. For more information about our review process, you can read all about how we review VPNs here.
About the Author
Simon is our Head of Research and has tested hundreds of VPNs since 2016. His research has been covered by the BBC, The New York Times, CNet, Wired, and more. Read full bio