Want to know what a VPN is? In this guide, we highlight all the benefits of a VPN, the best features to look out for, and explain how a VPN protects you.
A Virtual Private Network (VPN) is an online privacy tool anybody can use to protect themselves online. With a VPN, you can connect to the internet without worrying about local WiFi networks, Internet Service Providers (ISPs), government snoops, and other third parties tracking what you do online.
Besides the privacy and security benefits, many netizens turn to a VPN to gain online freedom of access. A VPN allows you to pretend to be in a different location. In tech jargon, this is called location spoofing. Connecting to a VPN lets you bypass blocks at work or on campus, circumvent government censorship, get around public WiFi restrictions, and access region-locked streaming services.
You don’t need to understand how a VPN works to start using one. Market-leading VPNs make apps for Windows, Mac, iOS, and Android. These allow anybody to get online privacy and spoof their location in just a few clicks.
Keep scrolling to learn everything there is to know about VPNs.
What is a VPN?
A Virtual Private Network is a service that encrypts your internet connection and routes it through a proxy server in another location. All data that passes between the VPN client—your computer or smartphone—and the VPN server is encrypted. If anyone were to intercept your data, they wouldn’t be able to decipher it due to the encryption.
VPN companies operate hundreds or even thousands of servers around the globe, so you can pick which country you want to access the internet through. When you connect, websites, apps, and online services will see the IP address and location of the VPN server instead of your own.
An IP address is a unique string of numbers and decimals assigned to every device on the internet, and they are associated with geographic locations. When you connect to a VPN, your IP address is hidden and replaced by that of the VPN server. This allows you to securely access content that is blocked in your own location.
What are VPNs used for?
Public WiFi protection
The most important reason for using a VPN nowadays is to gain online privacy and data security. In 2024, it is extremely rare not to be offered free access to the internet almost everywhere we go. Hotels, coffee shops, malls, sports venues, airports, restaurants, and many other public spaces all provide free WiFi. Unfortunately, this creates risks for the billions of people who connect to WiFi hotspots each day.
When we connect to a WiFi hotspot, we put our trust in the administrator of that hotspot. Unfortunately, some WiFi hotspots use old routers and outdated encryption that puts your data at risk as it passes over the local network. If a hacker is in the room, they could potentially intercept your data or piggyback on your sessions.
You might encounter Evil Twin hotspots. These hotspots appear in public places where you would expect to find free WiFi, but they are set up as honeytraps by hackers. Ever been to a coffee shop or airport and noticed that there are two similarly-named WiFi hotspots available? One of those could have been a fake hotspot set up by a hacker.
A VPN makes it safer to use public WiFi safely because it encrypts all your traffic on your device before being sent over local networks and the internet. This means that you can use any WiFi hotspot without fear of misconfigurations—or hackers—because you are in full control of your own security.
Tracking prevention
A VPN helps prevent WiFi networks, ISPs, and government agencies from tracking everything you do online.
A VPN encrypts connections to stop your ISP from tracking the domains you visit. This not only protects your activities against unwanted surveillance capitalism but also thwarts governments' ability to collect browsing information from ISPs.
Finally, a VPN also stops websites, apps, and services from tracking your IP address. While connected, they will only see the VPN server’s IP address, which is usually shared with dozens or hundreds of other users. This makes it nearly impossible to trace online activity back to a specific device. Note that a VPN will not prevent tracking cookies and other tracking technologies by default, so be sure to block them or use your browser’s incognito/private browsing mode as well.
Freedom of access
One of the most widespread and popular reasons for using a VPN is to gain additional freedom when surfing the web. A VPN is like a Swiss army knife because it can provide you with added freedom in various situations.
At home, it can let you overcome regional blocks to watch foreign TV channels or use regional internet services. At work, it can let you access social media sites, streaming platforms, game servers, or any other website that the work WiFi has blocked.
In countries that enforce high levels of censorship, you can use a VPN to regain access to restricted news sites, or any other website that has been blocked. Plus, a VPN will get you private access to VoIP services to make free calls.
The best VPNs allow you to get an IP address in dozens if not 100+ countries, which gives you an unbelievable amount of choice when it comes to accessing foreign TV channels, streaming platforms, websites, or game servers.
Improved internet speeds
A VPN stops your ISP from detecting the websites and services you use. This makes it harder for automated systems to throttle your bandwidth when you use services that it has deemed data-hungry. As a result, you can escape the throttling, leaving you free to play games or do other data-intensive activities.
The final reason for the popularity of VPNs is for bypassing bandwidth restrictions imposed by ISPs. In many countries around the world, ISPs will throttle their users’ bandwidth when they engage in certain activities, such as streaming and torrenting, or when they visit certain websites. The result of bandwidth throttling is that you suddenly start to experience slower internet speeds.
Note that a VPN can only help if your ISP is throttling a specific destination or type of data, such as BitTorrent. If your ISP is throttling indiscriminately, such as when you hit your monthly data cap, then a VPN won’t make things faster.
How do VPNs work to protect you and give you freedom?
It all starts with the VPN application. This software is usually referred to as a VPN client, and it is the software that handles the connection between your device and the servers you connect to. The best VPNs have their own VPN clients, which come packed with useful features. These applications are aesthetically pleasing and easy to use.
You can alternatively connect to a VPN using the native client in your operating system, router, or NAS drive if it has one. For example, Windows, Android, iOS, and macOS all have a native VPN client that is available for you to set up a VPN. The only issue with this is that it requires manual setup, which is more taxing than using a VPN app.
Once the VPN application has been installed on your device, you are ready to start using it. The VPN will usually come set up by default to use the OpenVPN or WireGuard protocol. The protocol is the part of the VPN that handles the data encryption and keeps your data secure against eavesdroppers.
When you choose a VPN server location and connect, the VPN jumps into action. The VPN protocol contacts the VPN server, securely shares encryption keys, and starts encrypting all incoming and outgoing data.
The websites you visit can only detect the IP address of the VPN server. The same is true for any devices you connect to peer-to-peer, such as when torrenting. The encrypted connection stops tracking by local networks, ISPs, governments, and other eavesdroppers.
It is worth noting at this stage that internet traffic is made up of two parts. DNS requests allow you to establish a connection with the website you are seeking. This addressing information allows you to establish your communication with the website or service. Following that the connection is established and data packets are transmitted between the two endpoints.
A secure VPN encrypts both of these things to prevent your ISP and local networks from detecting any metadata regarding your activities, the websites you visit, and the type of traffic being transferred.
What are the different VPN protocols?
The VPN protocol is the meat and bones of any VPN. It handles the connection to the server and protects your data with encryption. We have a detailed guide about VPN protocols. You can use it to take a deep dive into VPN protocols if you want to. Below, we have provided an outline of the best protocols currently available:
- OpenVPN. This is the most trusted VPN protocol. It is an open-source VPN protocol that is known to provide highly secure connections. The protocol can be implemented in several ways, so you have to check that the VPN you choose has implemented the protocol securely. We recommend VPN services that use the AES-256 cipher, robust authentication (at minimum 2048-bit keys), and perfect forward secrecy. This ensures that your data is always protected against eavesdroppers. OpenVPN can be implemented using either UDP (User Datagram Protocol) or TCP (Transmission Control Protocol). Both of these are secure, but UDP is the best option for faster speeds.
- WireGuard. This is the fastest widely-used VPN protocol to date, developed in 2017. WireGuard was created to provide users with an open-source protocol with a smaller code base, allowing it to be audited more easily. The protocol relies on modern cryptographic primitives with high levels of security and fast speeds. WireGuard uses ChaCha20 for encryption and Poly1305 for authentication by default. Perfect forward secrecy prevents old keys from being used to decrypt new sessions. The protocol is also modular, which means that it can easily be updated if any single component of the protocol is found to be vulnerable to attacks at some point.
- IKEv2. This secure protocol is often provided by VPNs, particularly on Mac and iOS where it is easier to implement than others. The protocol is implemented using IPsec’s suite of security protocols, robust AES encryption, and a Diffie Helman key exchange for perfect forward secrecy. It isn't as fast as WireGuard, but it’s great at quickly reconnecting if the internet unexpectedly drops, or when you switch from wi-fi to mobile data. Unlike WireGuard and OpenVPN, IKEv2 is not open source.
- L2TP/IPsec. This is an older VPN protocol that most consumer VPNs have phased out because newer protocols like WireGuard offer better performance, simpler configuration, and stronger security. Unlike WireGuard and OpenVPN, L2TP is not open source.
- Proprietary protocol. Some VPNs roll their own custom protocols. These are often forks of popular open-source protocols like Wireguard that are given a fancy name for marketing purposes. The problem with closed-source proprietary protocols is that it is hard for users to ascertain how the protocol is implemented and whether it is secure.
What are the most trusted encryption ciphers used by VPNs?
The encryption cipher is that part of the protocol that secures your data. It works by scrambling data to make it undecipherable. This ensures that the contents of your traffic, including DNS requests, are transported safely in the private tunnel.
The two data channel encryption ciphers most commonly implemented by commercial VPNs in 2024 are AES-256 and ChaCha20. These ciphers are highly secure and future-proof, which means that they offer protection that is considered fit for purpose both now and for the foreseeable future.
Below we have provided additional information about each VPN encryption cipher:
- AES-256: This stands for Advanced Encryption Standard with a 256-bit key. It is a trusted protocol that is used by businesses, militaries, and governments worldwide to securely encrypt data in transit and at rest. This protocol is highly popular because it is widely recognized and proven to be robust against cyberattacks.
- ChaCha20: This is a newer cipher that is comparable to AES-256 in terms of security. It is popular due to its high-speed performance, which makes it better suited for devices that have less processing power and for tasks that require faster speeds, such as VPN connections.
What is a VPN privacy policy?
To provide their services, VPN servers must handle your data. To do so, your VPN provider must decrypt your data to process your DNS requests and forward your data to the website, app, or service. This means that you have to trust your VPN provider not to keep records of your identity or what you do online.
Not all VPNs are implemented securely and not all VPNs can be trusted. For example, not all VPNs handle DNS requests with their servers, which means that your requests are being handled by a third party such as Google. This raises some privacy concerns, which is why we exclusively recommend VPNs that handle DNS queries with their own servers.
Many free VPNs have dodgy privacy policies that allow them to harvest user information for profiling purposes. These VPNs will use your data to create a revenue stream by selling it to third parties such as advertisers and data brokers. This makes it completely unsafe to use these free VPNs.
Even some paid VPNs have badly written or purposefully invasive privacy policies that allow them to harvest user data. This turns the VPN into a honeypot of personal data, rather than a service providing you with robust digital privacy. This is why it is vital to check that each VPN provider is genuinely dedicated to user privacy – rather than to lining its own pockets.
To find trustworthy VPNs we analyze VPN privacy policies closely. We only recommend VPNs that have reliable no-log policies. This means that the VPN has made a legal promise about how it handles data passing through its servers, and it will not keep logs of:
- Your source IP address.
- The VPN servers you use.
- Content of your data (websites visited, files downloaded, search queries, videos watched, items purchased, etc).
- Your DNS queries.
While not strictly required, we also prefer VPNs that refrain from recording connection timestamps, bandwidth used, and advertising IDs.
The very best VPNs not only provide a no-log policy but have paid for a recognized security auditing firm to check that policy, as well as the implementation of their apps and servers. This kind of audit provides additional transparency and increases trust in the VPN’s policies.
What are the most important VPN features?
Below, we have included a list of the most important VPN features available in custom VPN apps. Please note that not all providers have all of these features, so you must check that the VPN has the features you need.
- Global server network. Each VPN has servers in a different number of locations. Always check that the VPN has servers in the countries or cities you require.
- Apps for all platforms. Check that the VPN has apps for Windows, Mac, iOS, Android, Linux, Firestick, or any other device you intend to use.
- VPN protocols. The best VPNs provide protocols like OpenVPN and WireGuard.
- Robust encryption. It is vital to check that the VPN has implemented the encryption in its cipher to a high standard. Having the OpenVPN protocol does not necessarily mean it has been implemented to the latest standards for security.
- DNS leak protection. The best VPNs have protection in place to prevent DNS and WebRTC leaks. Always check that the VPN has been tested and is free of these types of leaks.
- Kill switch. This is a protection feature that cuts your internet off if the VPN connection fails. This ensures that you never leak any unencrypted data outside of the VPN tunnel which would expose your data to third parties, and allow websites to detect your real IP address.
- Split tunneling. This is a useful feature that lets you decide whether or not to route traffic or apps through the VPN. This lets you use your regular non-VPN-protected internet connection for some tasks.
- Port forwarding. This feature lets you route traffic to certain ports in your router. It is useful when hosting servers or seeding torrents.
- MultiHop. This feature lets you route your data through multiple VPN servers for added protection.
- Obfuscation. This is a specialist feature that disguises VPN traffic as regular HTTPS traffic bound for a website. This helps to connect to the VPN on networks (or in countries) that block VPNs. It prevents network administrators from detecting that a VPN is being used.
- Tor over VPN. This is a feature that provides access to the Tor network via the VPN. It is perfect for using the dark web without your ISP finding out.
- Ad and tracker blocking. Some VPNs use DNS-based filtering to block domains associated with trackers and adverts. This makes your online experience smoother and safer.
How do you choose the right VPN service?
To choose an appropriate VPN service for your needs, first consider why you want to use a VPN. We provide lists of VPN recommendations for various use cases and purposes. For example, you may want a VPN for streaming Netflix or accessing British TV streams abroad. Other people want a VPN to access VoIP services in the UAE, or to watch blackout MLB games in the US.
No matter what your specific reason for using a VPN is – or even if you want an all-rounder that is good for doing a variety of things – it is important to stick to secure VPNs. The best way to choose a VPN that is known to be reliable is to stick those we recommend in our guides.
We have carefully tested and reviewed each VPN using a detailed VPN testing methodology. This means you can trust the VPNs we recommend to provide robust privacy and data security – in addition to being good for individual tasks such as accessing TV streams.
If you want to do the hard work yourself, you can use the following checklist to find a VPN that is suitable for your needs:
- What protocols are available.
- Has all the features you need.
- Free of DNS and IP leaks.
- Has a kill switch, obfuscation, DNS leak protection, and any other features that you require.
- Has servers in the countries you require.
- Works to access the specific services you are interested in.
- Has servers optimized for different tasks (streaming, torrenting, etc)
- Privacy policy is transparent and does not include any concerning grey areas.
- Reliable customer support.
- Independently audited.
- Learn the VPN’s history to find out whether it has ever transgressed or suffered from vulnerabilities.
Here are some of our most popular VPN lists so that you can easily find a VPN for your needs:
- Best all-around VPNs
- VPNs for Netflix
- VPNs to watch British TV
- Most secure VPNs
- Fastest VPNs
- VPNs for torrenting
- VPN to get US IP address
- VPNs for Windows
- VPNs for Android
- VPNs for Mac
- VPNs for iOS
A brief history of VPNs
The technology was first conceived in the 1990s as a means for internet users to send data over the internet in a securely encrypted tunnel. To this day, the technology is used by hundreds of thousands of businesses worldwide to transmit data between offices or to workers who are at home.
By 2005, it had become apparent that the benefits of a VPN extended beyond the workplace, and companies began to spring up that offered VPN connections to home internet users.
The rise of VPNs was also driven by the popularity of the BitTorrent protocol – a file-sharing technology developed in 2001. Torrenting revolutionized the way that people could send large files over the internet. It arrived just in time for people who had become accustomed to using Napster to share music. The privacy provided by a VPN can be seen as part of the natural evolution of the internet, and how people sought to find ways to share the files they had safely and privately.
Nowadays, things have changed. The proliferation of music and TV streaming has made torrenting less important to the average internet user. Still, VPNs remain a hugely important tool used by millions of internet users worldwide.
What is a VPN – FAQs
Can I use a free VPN?
Many free VPNs have invasive privacy policies that allow them to harvest user data for profiling purposes. These VPNs will sell your data to third parties such as advertisers and data brokers to create a revenue stream. In addition, many free VPNs are deceptive about the level of protection they provide. They often lack encryption, have badly implemented apps, or suffer from vulnerabilities. This makes using the vast majority of free VPNs a huge risk to your data and the safety of your devices.
Is it legal to use a VPN?
In most countries around the world, it is completely legal to use a VPN to gain online privacy and security. However, in some countries such as Iran, the UAE, and Russia, the use of a VPN is illegal for bypassing government restrictions. For this reason, it is a good idea to check the legal status of VPNs where you live, or in the country you are traveling to. Nothing in this guide should be taken as legal advice.
Can VPNs be hacked?
As long as you stick to a reputable VPN provider that has reliable VPN protocols and strong encryption, your data should be safe. The best VPNs closely monitor ongoing threats and update their systems accordingly. They also pay for regular audits to ensure that their VPN is protecting users to the latest standards and is considered future-proof.
Of course, there is always the underlying potential for an extremely sophisticated hacker to find new ways to break into computer systems and networks. Under these exceptional circumstances, a VPN could theoretically be hacked.
Unfortunately, this is true of all secure computer networks and devices. It is impossible to guarantee that data will never be hacked, which is why cybersecurity is such a hot topic, and why it is vital to always stick to VPNs that are at the forefront of the industry and are doing everything they can to stay ahead of the curve.
Comments have been disabled for this article.