VPN Guide in 2023

What is a VPN?

VPN is an acronym for Virtual Private Network. To explain fully what a VPN is and what it does, let’s first look at how you connect to the internet normally.

When you connect to the internet, your device, such as a laptop or mobile, connects to a router via WiFi or an ethernet cable. The router is connected to a modem that, in turn, connects to the internet via your internet service provider (ISP).

Your device sends small clusters of information, called data packets, through these connections that contain instructions on what you want the internet to “do,” i.e., which website to visit, log-in details, etc.

The website then responds by sending data packets back to you that show the website and any content or details required.

Source and further reading: Cloudflare

These data packets can give away a lot of information about you to your ISP and the websites you visit, such as:

• Your precise location is based on your IP address.
• Which web pages do you visit, when, and for how long.
• Any information you enter into websites that aren’t secured with HTTPS.

This information can track your behavior or location and restrict your access to content. Your ISP, ThePirateBay, may restrict content; for example, a well-known torrent-sharing website is blocked by all ISPs in the UK due to government regulations.

Websites themselves may also restrict it. Netflix is one of the most commonly used examples of restrictions because each country has a different library of available titles, which we’ll take a deeper look at in just a moment.

Now, what a VPN does, on the other hand, is to create a secure VPN tunnel or also called a VPN gateway, between your device and the internet.

This means that all those data packets I mentioned earlier are encrypted and sent through your ISP to a remote server owned by the VPN company, where they are decrypted and sent on their way to the internet.

Packets coming back follow the same path. This means that even if the network you’re connected to is compromised and someone is monitoring the data packets you send and receive (known as packet sniffing), they will only see a load of jumbled-up letters and numbers (known as ciphertext).

Source and further reading: AT&T Cybersecurity

The main differences between a VPN connection and regular internet are:

• All information is encrypted at the point of origin (your device) and only decrypted once it reaches the server controlled by the VPN company.
• Your true IP address is masked by the IP address of the VPN server.
• Your ISP can’t see which websites you visit.
• VPN use may cause the internet to slow down due to the time it takes to encrypt and decrypt data, and it also depends on the speed of the VPN server.

However, one of the most popular uses of a VPN is to change your apparent location. That’s because you get the IP address of the VPN server, which could be anywhere on the planet.

Say you’re on vacation in Bali and want to take an evening off partying to enjoy some downtime with Netflix.

Still, the show you’re watching isn’t available on Netflix Indonesia; you can use a VPN to change your IP address (and, thus, your apparent server location) to your home country, where the show is available.

Bypass blocks and restrictions

There are three main ways websites are blocked.

• Network blocking – The administrator of your network, say at school or work, has decided certain websites are not allowed.
• Government censorship – When the government decides certain websites aren’t allowed, they can block them for the entire country.
• Geo-blocking – Online services such as YouTube, Netflix, and BBC iPlayer utilize geo-blocking to only allow access from certain parts of the world.

There are many good reasons to block access to certain websites, but this blocking is often done not to protect people but to control them.

YouTube, for example, has been blocked at one point or another in at least 25 countries, Facebook is completely blocked in China, and ThePirateBay is blocked in the UK.

For more information on the above, you can check out our guide to unblock YouTube in your country.

Many websites themselves limit their content to specific countries. Netflix and HBO, for example, offer different libraries depending on your country. Most people prefer the full Netflix catalog rather than a watered-down version.

They do this by checking the IP address of the connected device, which tells its location and offers the content they’ve decided for that region.

Now, if you use a VPN to change your IP address to one in a location where there is no blocking, you get to enjoy unrestricted access to the internet.

How to set up and use a VPN

Using a VPN is simple. Most of the best VPN service providers have created products that are simple to set up and use.

Signing up to a VPN provider is typically uncomplicated, and many allow payment via cryptocurrency and only require an email address for people who want an additional level of anonymity.

The exact steps vary between providers but usually look something like this:

• Choose a quality Service; this is probably the most important step, as some VPNs promise a lot but deliver very little. We have loads of VPN reviews so have a read of those first.
• Sign up with the service. Many will offer a free trial or a money-back guarantee, so you won’t lose anything if you discover that you don’t use it.
• Download the software and install it on your advice. Many services have different apps for each device.
• Open the VPN software and sign in. You may have to choose some settings to get started; they are covered in the appropriate review.
• Choose a server or country you want to connect to.
• Make sure it’s working correctly by heading over to https://www.iplocation.net/find-ip-address and checking it shows the correct country for the server you chose. For a more thorough test, check https://www.dnsleaktest.com/ for a potential DNS leak.
• Enjoy a private, borderless, internet experience.

Which Devices Will a VPN Work With?

As I mentioned, most popular VPNs have apps for Windows, macOS, Linux, Android, and iOS, so you can download the right one and get connected within a few minutes.

Check out our companion guide on the best VPNs for Mac for further info.

Many companies also have apps or at least detailed setup guides for devices such as smart TVs, game consoles, and even tablets.

Not every device that can connect to the internet can have a VPN installed on it, but it is possible to run a secure VPN on a router (again, not all routers), which means every connected device gets the benefits.

Moreover, with a VPN router, you can choose which devices connect to the VPN and which to the regular internet.

There are many reasons to go for a paid VPN rather than a free one, which I’ll discuss later. One of which is the software provided by the service.

Up-to-date software is critical in the world of cybersecurity, as vulnerabilities that are patched will only be present in an update.

Should a VPN be left on at all times?

There are arguments for and against leaving a VPN running in the background.

Some people regard their online privacy with a higher degree of a concern than others, and people from countries where the internet is censored or monitored by the government, law enforcement, or ISPs, may want to keep their VPN on at all times to enjoy the internet in the democratic and free manner in which it was conceived.

Someone might have a VPN subscription mainly to access geo-blocked content such as Netflix or get a wider range of live sports by watching overseas TV channels.

Others might feel safer carrying the protection of a VPN for Android to help keep their data secure when they need to connect to an untrusted WiFi network such as a public WiFi.

Luckily, the best VPNs can always be left on without worry. If you want to do this, make sure your VPN has a killswitch so that the internet connection will be cut off in the event of VPN failure, and you won’t be left unprotected without realizing it.

Popular misconceptions (lies) regarding VPNs

Many inaccuracies are floating around the internet regarding what a VPN does and doesn’t do. Some of these are from VPN services, others from review sites whose staff lack appropriate knowledge.

As I said, I don’t trust anyone who says a VPN provides 100% anonymity, but there are a couple more misconceptions it’s worth pointing out here.

Misconception 1: You need to use a VPN when connecting to your bank

I see many people who should know better saying that you need to use a VPN to access any banking or financial website.

This is not true.

No reputable bank in the world allows non-secure connections. You can see that just by visiting your bank’s website and checking the address begins with HTTPS:// rather than HTTP:// – the s stands for secure, and it is.

Just like a VPN creates a tunnel between your device and the VPN server, a secure website uses an encrypted tunnel to keep your data safe from snooping and ensure that the website you’re visiting is authentic.

Misconception 2: Using a VPN will protect you from viruses and other malware

A VPN encrypts data you send and receive through the internet and allows you to choose your IP location; it has nothing to do with malware protection. VPNs do not protect you from viruses or other malware. It’s just not what they do.

Windows has malware protection preinstalled, but I recommend using premium real-time anti-malware such as BitDefender, MalwareBytes, or AVG. Additionally, it would help if you were using a firewall.

Windows and macOS have them preinstalled, but they may not be active, so it’s worth checking your settings.

Misconception 3: VPNs stop you from being tracked online

User tracking is a massive business. Facebook ads are built on track, as are Google Ads. People think a VPN will stop them from being tracked online because someone has told them a VPN makes them anonymous, and therefore they believe marketing trackers won’t work.

Again, this is not true. Most web tracking is done via cookies, which you can block from your computer if you’re worried about, but you will lose some other web functionality.

You can block Google Analytics from tracking you using different means.

When you should be using a VPN

You should always use a VPN if you need to connect to an untrusted WiFi network, such as at a cafe or airport. This is because you don’t know if someone is monitoring the network.

If you’re on an open WiFi with no password, anyone connected could be capturing your data packets and snooping on your internet activity.

Most websites nowadays use TLS to encrypt data in transit between your device and the website, but not all, and any snooper would still be able to see which websites you visit, which could become the basis of a larger attack.

Another time you’ll want to use a VPN is when accessing content that’s blocked in your country, yet not illegal. Pornographic websites are blocked in several countries despite pornography itself being legal.

At the time of writing, the UK is about to roll out a porn-block that would require adults to register for a “porn-pass” with a valid ID to access any pornographic site.

I agree that children should be prevented from accessing such content, but this approach is typically heavy-handed by the current government.

Anyway, if you want to access those sites in the UK when the ban has been implemented, provided you’re of legal age, you can use a VPN to connect to the closest country with less draconian laws.

Set it and forget it

A quality VPN will provide security and can be left on at all times without any need to switch it off.

I haven’t yet found a VPN service that runs so perfectly that I can leave it all the time, although I have sometimes gone several days without switching it off, not noticing it’s even on.

Will My Internet Be Slower with a VPN?

Probably, a little bit, but it depends a lot on the particular VPN.

Some of the best services have a barely noticeable drop in speed, whereas others make internet use laborious and slow. Two things could cause your internet to become slower while using a VPN.

The first is VPN encryption. Encrypting and decrypting all the data passing between your device and the VPN server requires calculations to be constantly made that are in addition to everything that normally happens when you connect to the internet.

These calculations take time. The time depends on your device’s processing power, the VPN server you’re connecting to, and the quality of the VPN app.

The other things that can affect speeds are the quality, configuration, and distance of the server you’re connecting to and the number of other people connected. The weakest equipment and the available bandwidth limit the maximum data transfer speed.

So the quality, configuration, and number of people connecting to the server you’re connecting to will play a major role in actual VPN speed and the distance between you and the server, as there will be more parts to the chain when it’s further away.

Most of the time, any loss in speed is barely noticeable, provided you go with a reputable VPN provider that properly maintains its service.

How to check VPN speed

To check your VPN connection speed, head over to https://testmy.net/, a free speed test website that’s very easy to use and has a good, if a little dated, graphical interface.

Does a VPN use more data?

Yes, a VPN uses more data, but only a small amount. It depends on the cryptographic functions applied to your data and how the packets are transmitted.

As encryption gets stronger, it creates longer ciphertext and uses more data. Some VPN providers offset this by compressing data before it’s encrypted, although that can lead to vulnerabilities.

Are VPNs legal?

Yes, using a VPN in most countries is perfectly legal, but it’s certainly not a carte blanche for breaking other laws.

Using a VPN is illegal in:

• Belarus
• China
• Iran
• Iraq
• Oman
• Russia
• Turkey
• Uganda
• United Arab Emirates
• Venezuela

And governments in the following countries are taking steps to outlaw VPN use; however, the legal status is not certain:

• Bahrain
• Cuba
• Egypt
• North Korea
• Libya
• Myanmar
• Syria
• Turkmenistan
• Vietnam

However: What you use a VPN for is still confined by the laws of the country you’re physically in. We don’t condone illegal activity of any kind, and you should remember that even when you’re using a VPN, you’re not 100% anonymous.

While there are certain countries such as Iran, Saudi Arabia, the UK, Germany, UAE, Turkey, and many more whose leaders have a rather authoritarian outlook towards the internet, there is nothing inherently untoward about VPNs.

Check out our guide on how to find a VPN for Saudi Arabia for more info.

Does a VPN make you anonymous?

Basically – No.

There is no such thing as a truly anonymous VPN. A quality VPN will provide a degree of anonymity and privacy, but not 100%.

Privacy VS Anonymity

There is a very important distinction that I want to make here, which is between anonymity and privacy. While many think of them as the same, they’re quite different.

Privacy is curtains; anonymity is a mask.

You can expect that when your curtains are drawn in your living room, no one can look in, so your actions are private.

If you wear a mask when you go out, your actions aren’t private, but people won’t know who is performing them, giving you anonymity. Batman is anonymous.

A VPN provides privacy and anonymity but should not be relied upon to provide absolute anonymity or privacy.

There are ways to make your VPN account closer to being anonymous, but anyone claiming a certain VPN service is 100% anonymous or private is either lying or doesn’t hold the necessary knowledge on the subject to be worth listening to.

Masking your IP address is the main way a VPN hides your identity. By doing this, your location is unknown. There are other ways, however, to trace who you are.

Your device’s MAC address, as well as the accounts you’re logged into, can reveal you’re true identity. Your identity can also be revealed at any time by the VPN provider.

The amount of data they hold about you depends on how much they collect, making a careful analysis of VPN providers’ logging policies so important.

What a VPN does better is provide privacy. Because you connect to the VPN server through a secure tunnel, often using extremely strong encryption suites, your internet usage can be considered private.

If you’re logged into Chrome, then Google can still track everything you do. Additionally, your VPN provider could monitor your internet activity, another reason to go with a zero logs service.

This issue is confounded by the fact that practically all VPN services use proprietary closed-source software, meaning the source code of the software you use can’t be independently vetted by analysts.

The implication is that if a VPN company were forced or otherwise persuaded to add a back door for the NSA to access network traffic, we wouldn’t know about it.

For further reading on surveillance and tracking, see our internet surveillance guide. Either way, remember that you can achieve a degree of anonymity and good general privacy from a VPN, but nothing is 100%.

Free vs. paid VPNs

A high-quality paid VPN will outperform a free VPN in almost all cases. One of the main reasons behind this is that it costs money to run VPN servers, develop secure apps, and keep them updated.

So if the service is free, you should wonder who’s paying to keep it running and what they’re getting in return.

As the famous phrase goes,” If you are not paying for it, you’re not the customer; you’re the product being sold.”

This is true for some companies in the VPN industry. Here are a couple of notable examples:

HolaVPN

Hola is probably the most famous free VPN service that funds its network by selling access to your computer and network to third parties by creating an exit node on your device!

From their website (as of May 1st, 2019):

That is just as sinister as it sounds and bad for a company that appears to be privacy-focused from the outside. But what does this mean?

So, Hola VPN is operated by a company called Luminati. By using Hola VPN, you agree that they can sell the use of your internet connection through your computer or even the mobile data of your mobile device!

Your computer will be used to send bot traffic for market research. Still, it could be used for illegal activity, and guess who would become the focus of the police or government attention – yes, you.

That’s the most insidious monetization of the free VPN service I know about. Still, several others place cookies in your browser to browse the internet so they can sell you as advertising targets.

VPNs that track you with cookies

Some free VPNs store a cookie on your browser or otherwise track your behavior, so their affiliates can target you with ads:

• Betternet
• Psiphon
• HotspotShield
• Onavo
• ZPNTouchVPN

And many more.

Now, internet tracking is nothing new. Facebook, Google, Instagram, and many others, make vast amounts of money by allowing advertisers to target you based on your behavior and interests.

What is shocking about this is that people expect privacy when using a VPN (that P stands for Private, after all), which they don’t get and probably have no idea how these services are monetized.

They look like genuine VPN services when you’re on the website unless you read the lengthy terms and privacy policies.

VPNs aren’t that expensive (Check our NordVPN review to see one of the best with subscriptions from around $3/ month). I recommend not choosing a free one.

How to choose a VPN

There are many VPN service providers these days, and they are certainly not all equally good.

Some are subsidiaries of major corporations, while others were put together after school by a kid who wanted to watch YouTube in class, neither of which are definitive indicators of quality.

We’ve reviewed around 40 VPN services and strive to develop more rigorous testing criteria with each review iteration. Please look at what we consider important criteria for selecting the best VPN to fit your needs further down this post.

Location and Jurisdiction

The jurisdiction can be extremely important when choosing a VPN. Certain countries may require companies to log information about their users.

Similarly, if you’re doing any torrenting (which, of course, we don’t condone), you’ll want to make sure they’re not located in the USA, where they could be subpoenaed into handing over your details because of a DMCA request.

Security

For maintaining a private and secure connection, you should be aware that there are various ways your VPN can encrypt your data.

These are called VPN protocols, and there are usually several different ones to choose from, depending on your requirements. Some of these are so good not even professional data forensics services will be able to decrypt them.

All our reviews have a section on security that cover the specific protocols offered by the VPN.

VPN Protocols

Most VPNs offer the following protocols:

• OpenVPN
• L2TP/IPsec
• PPTP
• L2TP/IPsec
• SSTP
• IKEv2

OpenVPN is usually considered the “best” VPN protocol option due to its high level of protection, speed, compatibility on most devices, and the fact that it’s open-source and has been vetted by security researchers.

IKEv2 is another excellent option for those using a VPN service provider on their mobile while traveling, as it can quickly reestablish a connection when it gets cut off.

Other protocols can be insecure, so I don’t recommend them unless you know how to set up your VPN connection and understand the risks.

OpenVPN provides optimal security, compatibility, speed, and reliability for almost all users.

Logging policies and privacy commitments

A VPN’s logging policy is one of the most scrutinized parts of the service, with good reason. This is where you’ll find out whether they store your data, including the websites you visit, the services you use, and what they do with that information.

As we saw with the free VPNs, some companies don’t care much for your privacy.

So what are we looking for in a logging policy? Ideally, no logs at all.

While many VPN services claim to have zero logs policies, they wouldn’t be able to run the service without holding any information about you or your computer.

So, the norm in the VPN industry is that zero logs mean no PII (personally identifiable information). But there is a caveat.

Most VPN services provide their customers with software to run the VPN on their device, known as a VPN client. This client is almost always closed source, proprietary software, so impossible for independent cybersecurity professionals to audit.

So we have to trust them. Well, not quite. We can judge VPN companies on their actions.

There have been several cases where VPN companies have been caught providing user data to the authorities.

On the other hand, several VPN companies have shown that they keep their users safe by not storing any PII.

Audited VPN services

NordVPN has been independently audited by PricewaterhouseCoopers AG and found to present no risk to users’ PII. The audit is available only to NordVPN customers.

VyprVPN has been publicly audited by Leviathan. While the audit initially identified PII in some logs, they confirmed that this has now been fixed, and VyprVPN presents no risk to users’ PII.

VPNs that have stood the test of the law

My favorite way for a VPN company to show that they protect their users is when they do so when faced with seizures or legal challenges.

ExpressVPN had its servers seized in Turkey, but the authorities could not obtain user data due to ExpressVPN’s no logs policy.

Private Internet Access was subpoenaed by the FBI to provide the IP address of a bomb hoax suspect but responded that they were unable to do so as they did not have the information.

Finally, Perfect Privacy had servers seized in Rotterdam in 2016, but no user data was compromised.

Servers and locations

The speed of the VPN service ultimately relies upon the quality and number of servers. Be sure to read our VPN reviews before jumping into any subscriptions.

If one of your goals with a VPN is to access geo-restricted content (think Netflix/Hulu outside of the US), you’ll want to ensure that the company has servers in the country where these services are accessed.

If you use P2P for downloading, make sure the company has servers in a country that’s P2P-friendly (Switzerland, Spain, The Netherlands, and Hong Kong are a few), which leads us nicely to our next section.

Additional features

Sometimes too many features can seem gimmicky, especially for VPNs. Too many features could lead to security vulnerabilities and require more frequent updates.

There is. However, a feature set is present in several excellent VPNs that improve the service.

P2P/ Torrenting servers

While I’m not going to recommend that anyone uses P2P file-sharing networks to download pirated content or software, torrenting is an incredibly efficient way of sharing files with multiple users.

Whether it’s static content or live shows such as sports, if you want to use these services, make sure you use a good VPN that allows or ignores it.

Shared IPs

Shared IPs make it almost (but not 100%) impossible to connect the activity with an individual, as many people can access the internet from the same VPN server simultaneously.

Killswitch

A VPN killswitch is a safety mechanism that shuts off access to the internet in the case of failure. If your VPN connection gets cut off for any reason, a killswitch will protect your real IP from exposure and stop unencrypted data from leaving your machine.

Many VPN clients have a killswitch, and we check whether or not one is present when we review a VPN. For more details, check our VPN killswitch guide.

Multi-hop

A multi-hop, or double-VPN, the connection is when your traffic is encrypted multiple times and sent through multiple VPN servers.

A multi-hop VPN connection is unnecessary for most users and will slow down the service. For whistleblowers facing a global adversary, multi-hop connections may be necessary.

This makes certain vulnerabilities of VPN (remember I said it’s not 100% private), such as timing attacks, almost impossible to exploit.

Obfuscated servers

Certain countries use a blanket firewall to block VPN traffic. In China, where VPNs are outlawed, and many websites are blocked, the only way to get a VPN to work is to package data, which looks like normal internet traffic.

VPN obfuscation still provides encryption, just disguised to look like normal HTTPS traffic.

Obfuscated servers generally have quite limited capacity, so unless you need to disguise the fact that you’re even using a VPN, you should keep them free for those who do.

Ease of use, devices, and support

Different VPN services provide different levels of support to their users. This could be an actual online chat to help you if you get stuck, ticket systems, or just FAQs on the website.

I prefer live chat as it means you get the answer immediately, but I’d rather use a ticket and get the right answer than end up chatting with someone who doesn’t know what they’re talking about.

Again, we test this in all our reviews, so ensure you read them.

Almost all commercial VPNs these days offer their VPN client. While I mentioned earlier that this could lead to privacy concerns, it goes a long way toward providing ease of use.

Most clients are simple to set up and generally have a nice GUI that makes sense.

Payment options

Most people won’t care about this, but some will. I think it’s important for privacy-focused companies to offer at least Bitcoin payment options so that journalists and whistleblowers in authoritarian states such as Russia, Saudi Arabia, the UK, and the USA can protect themselves from government tyranny.