A VPN is an easy way to improve your privacy online. We break down what they do, how to pick the best fit for you, and how to get started with a VPN.
Not long ago, virtual private networks (VPNs) were the exclusive realm of businesses and a certain type of privacy-minded person. Today, there’s a thriving market of commercial VPNs with slick apps at affordable prices that require no network know-how to use. Picking your way through the marketing hype (and there’s a lot of it) is difficult, and once you find a VPN that you like, how do you even use it? We’ll help you understand what VPNs do best, how to pick a good one, and how to use it to improve your online privacy.
Do You Need a VPN?
VPNs are easier to use than ever, while explaining what they’re useful for is not. But in 2021, the Federal Trade Commission issued a report outlining just how much internet service providers (ISPs) know about their customers (you). One particular paragraph in the report makes a powerful case for VPNs:
This means a single ISP has the ability to track the websites their subscribers visit, the shows they watch, the apps they use, their energy habits, their realtime whereabouts and historical location, the search queries they make, and the contents of their email communications. […] They use this data to create advertising segments, including segments that reveal sensitive data such as race, religion, national origin, sexual orientation, financial status, health status, and political beliefs.
This is what VPNs excel at: keeping people with privileged access from seeing your data. But, as with any tool, it’s important to understand the limitations of a VPN. After all, you wouldn’t expect a Kevlar vest to save you from falling out of an airplane or a parachute to stop a bullet.
When you switch on a VPN, your traffic is routed through an encrypted tunnel to a server operated by the VPN company. That means that your ISP won’t be able to see your web traffic. Even the operators of the network you’re using won’t be able to peek into your activities.
How a VPN Works
Because your traffic appears to come from the VPN’s server, your real IP address is effectively hidden. This makes it harder to track you as you move across the web and, because IP addresses are distributed geographically, hides your true location. This can come in handy if you want to spoof your location. By connecting to a VPN server in London, you can make it appear as if you were accessing the internet from the UK.
What a VPN won’t do is completely anonymize your traffic. For that, you’ll want to use the free Tor anonymization network. Instead of just piping your data through a single intermediary (such as a VPN server) Tor bounces your data through several different volunteer computers. This makes it much harder for someone trying to track your activities to see what you’re up to, but note that it will slow down your web traffic in the process.
Additionally, websites can track your movements through cookies, browser fingerprinting, online trackers, and other tricky tools. Installing an ad-blocker, such as Privacy Badger, and engaging all the privacy tools found in most modern browsers can make it much harder for advertisers to follow your movements across the web.
Finally, just because you have a VPN doesn’t mean you can forget about the security basics. While some VPN services claim they can block malware, we recommend standalone antivirus software for your computer, because these tools are designed specifically to protect your computer from malicious software. You can protect against password breaches by using a password manager, because recycled passwords are a major point of failure. We’re particularly fond of the Keeper and Zoho Vault password managers. While you’re locking down your passwords, be sure to switch on multi-factor authentication wherever possible.
How to Choose a VPN
When we review VPNs, there are a few key metrics we consider. For one, a VPN service should allow you to connect at least five devices simultaneously. The best services now easily surpass this requirement, and some now place no limit on simultaneous connections. Another is whether the VPN service allows BitTorrent or P2P traffic on its servers—if you’re planning to use either of these technologies. Nearly VPNs allow them on at least some of their servers, but you don’t want to run afoul of the company to which you’re paying a monthly fee.
Speaking of fees, the average cost I’ve seen across the VPN services PCMag has reviewed is $9.96 for a monthly subscription. A VPN service that is charging more per month isn’t necessarily ripping you off, but it should offer something significant, such as a great interface or lots of server locations to sweeten the deal.
You can usually get a discount if you buy longer-term contracts. The average price of an annual VPN subscription I’ve seen across 38 products is $68.49. However, we recommend avoiding long commitments until you’re certain that you’re happy with the service. Start instead with a short-term subscription or, better yet, a free subscription, so you can test a VPN in your own home.
It’s also useful to know where a VPN company is based. Keep in mind that this isn’t always the physical location of the business, but a legal distinction that outlines what jurisdiction the company operates under. The local laws may (or may not) mean that these companies are not beholden to data retention laws, which would require them to hold on to certain information that could be obtained by law enforcement.
Unlike this VPN server, Mullvad VPN is located in Switzerland.
Many readers are concerned about the impact VPNs will have on their internet speeds. At PCMag, we perform extensive speed testing to determine the fastest VPN. That said, we don’t believe speed should be the primary factor when choosing a VPN. There’s so much variation in performance that a service with top scores today could be very slow tomorrow. We recommend testing a service on your home network to see for yourself how it performs—with the understanding that there’s always going to be a performance cost, and that it may vary from day to day.
One question people often have is if they can trust a VPN. After all, VPNs have access to all the same traffic that an ISP does, and they could try to monetize it or be a poor steward of your privacy and hand over information to hackers or law enforcement. In our reviews, we spend a lot of time trying to answer this question by talking with companies, looking over their policies, and so on. Some signs of a trustworthy VPN are a clear and understandable privacy policy, a transparency report, and third-party audits that examine policy enforcement and infrastructure.
The most important thing about a VPN is trust. If the location, pricing, or terms of service don’t fill you with confidence, try another service. In all our VPN reviews, we make sure to report on all these issues and highlight anything we think is confusing or problematic.
Should I Pay for a VPN?
Worthwhile free VPNs are rare, but they do exist. A few VPN services offer a free trial, but it’s usually for a limited time. Others, like TunnelBear and Atlas VPN, have totally free subscriptions but limit the data free subscribers can use. ProtonVPN is our top choice for free VPNs, because it places no data limitation on free users.
Unfortunately, most VPNs are a far cry from free, but you don’t need to break the bank to get one. Our list of cheap VPNs is a great place to start if money is tight.
TunnelBear has an extremely friendly interface and offers a free subscription.
Getting Started With a VPN
Once you’ve settled on a service, the first thing to do is download the company’s app. There’s usually a Downloads page for this on the VPN service’s website. Go ahead and download the apps for your mobile devices as well. If the VPN service you’re considering doesn’t offer an app for the devices you use, consider finding a different service.
Some companies have different apps available on App Stores and others found on the company website. This appears to be for compliance with restrictions imposed by app store owners. Figuring out which will work for you can be tricky, so be sure to read the company’s documentation carefully.
Once you’ve installed the apps, you’re usually prompted to enter your login information. In most cases, this is the username and password you created when you signed up for the service. Some companies, such as Editors’ Choice winners IVPN and Mullvad VPN, use privacy protecting login schemes that can be confusing at first. Be sure to read the instructions carefully.
Mullvad VPN uses an account system which only requires your account number to access.
Once you’re logged in, your VPN app usually connects to the VPN server closest to your current location. That’s done to provide better speeds when using the VPN, as performance degrades the farther the VPN server is from your actual location. That’s it: Your information is now being securely tunneled to the VPN server.
Some readers may balk at the idea of installing yet another app on their devices. If you have more of a DIY mentality, you can skip the app and do it the old-fashioned way. This usually involves making changes in the operating system Settings to use the VPN service’s infrastructure. Most VPN services will have documentation on how to configure your device.
That said, we discourage people from going down this path. Manual configuration means you’ll have to manually update the server information on your computer. You also won’t be able to access any of the other features provided by the VPN service that you’re already paying for. See our story on How to Set Up a VPN in Windows 10 for a deeper dive.
How to Choose the Right VPN Server
Sometimes you might not want to be connected to the server the VPN app recommends. Perhaps you want to spoof your location or take advantage of custom servers provided by your VPN. Or maybe the server the app recommends just doesn’t work or is very slow. Whatever the reason, the best VPNs let you quickly and easily jump to a different VPN server.
Sometimes, VPN apps present their servers in lengthy menus or pull-down lists. The best VPN services include search bars and highlight servers for specific activities such as streaming and BitTorrenting. Many VPN companies include an interactive map as part of their app. TunnelBear and NordVPN, for example, let you click on countries to connect to servers there.
ProtonVPN has a list of available servers, but you can also use an interactive map.
Choosing a server depends entirely on what you want to accomplish. For better speeds, you should choose a nearby server. To access region-locked content, you’ll want a server that’s local to content you want to watch.
Some VPN companies have specialized servers for streaming video. These specialized servers are useful because streaming services such as Netflix block VPNs. At issue are the licensing deals Netflix secures with studios, which provide different content for different regions.
Other services like NordVPN, Surfshark VPN, and ProtonVPN have enhanced security options, such as access to Tor or multi-hop VPNs. Tor, as mentioned above, is a way to better protect your privacy, and it lets you access hidden websites on the so-called dark web. Multi-hop VPN is similar: Instead of just routing your traffic through a single VPN server, a multi-hop connection tunnels you to one server and then another. Both these offerings trade speed for enhanced privacy.
ProtonVPN brands its multi-hop connections as Secure Core because its multi-hop servers are given additional levels of physical security.
Beyond the Basics
The set of features in each VPN varies from service to service, so we can only generalize about what you might see when you open the VPN Settings. But we encourage you to read through the documentation and try clicking some buttons. The best way to learn a tool is to use it, after all.
Most VPN services include a Kill Switch, which prevents your computer from transmitting or receiving information if the VPN becomes disconnected. It’s useful for preventing little bits of data sneaking through unencrypted. If you suddenly find that the internet has cut out, check to see if your VPN’s Kill Switch has been tripped.
Most services offer an option to select a VPN protocol. This can be intimidating, since they have weird names and companies rarely provide information about what these are, and what changing the protocol will do. In general, this is something you can leave alone.
If you’re interested, though, WireGuard is the latest VPN protocol. It’s open source, boasts the newest encryption technology, and appears to be faster than other protocols. OpenVPN and IKEv2 are good choices, too. Note that your ability to manually select a protocol, and the protocols available, may vary depending on the device you’re using.
When Should I Use a VPN?
When you use a VPN will depend on what you want to use a VPN for. If you’re just trying to access region-locked content, you’ll probably leave your VPN off until it’s time to stream. If you’re concerned about privacy, you’ll probably want your VPN on as much as possible. But even that latter category will depend on individual preferences. If you’re militant about your privacy, you’ll never switch off the VPN. If you’re mostly concerned about shady Wi-Fi networks, maybe your VPN only comes out when you’re traveling.
If your VPN is causing problems and you need to switch it off, don’t beat yourself up. At minimum, you should use a VPN whenever you’re using a network you don’t control, especially if it’s a public Wi-Fi network.
VPNs for Android and iPhones are a little trickier, particularly if you frequently move in and out of cellphone coverage. Each time you lose and regain data connectivity, the VPN has to reconnect, which adds a frustrating wait. It’s also just less likely that your cell traffic can be intercepted by bad guys, though we’ve seen researchers prove that it can be done.
NordVPN has a coherent design across all platforms, including iOS.
Most devices automatically connect to any familiar-looking Wi-Fi network. That’s out of convenience to you, but it’s trivially simple to impersonate a Wi-Fi network. Your phone or laptop may be connecting to a digital honeypot without you even realizing it. This and other exotic attacks are, definitionally, rare. It’s still useful to understand what threats are out there, so you can choose what to do.
Split Tunneling Is the Best of Both Worlds
If you’re concerned about VPNs slowing your connections or blocking important traffic, you should look at split tunneling options. Names for this feature vary by company, but the gist is that you can decide which apps use the VPN for their traffic and which apps can transmit without the VPN. Editors’ Choice winner TunnelBear VPN, for example, includes an option to not tunnel any Apple apps, to ensure they function properly on a Mac. Frequent video streamers and gamers in need of a VPN may want to investigate this option.
Some VPNs have settings to allow your machine to communicate with local devices (that is, LAN devices or devices on the same network), which may help as well. Keep in mind, however, that even with LAN traffic and split tunneling, applications that let you remotely cast media to other devices—like Chromecast and Apple AirPlay—often don’t play nice with VPNs.
VPNs Should Work for You
Far from being arcane networking tools, modern VPNs are exceptionally easy to use. Most are now set-and-forget tools, as they should be. The bigger problem these days is consumers misunderstanding what a VPN can and can’t do. Worst of all, some VPN companies seem content to let this confusion drive their sales.
A VPN will absolutely make it harder for your ISP and others to keep tabs on your web traffic. They can also help access blocked streaming content and make it harder for you to be tracked online. Everything else is a bit iffy. Once you understand what you want a VPN for, you’ll be able to find one that meets your needs (at a price you can afford) and that will fit into your life.
source:https://www.pcmag.com/how-to/how-to-set-up-and-use-a-vpn