To narrow the hundreds of VPN providers down to a manageable list, we first looked at reviews from dedicated sites like vpnMentor and TorrentFreak, research and recommendations from noncommercial sources such as That One Privacy Site and privacytools.io, and user experiences and tips on various subreddits and technology-focused websites like Lifehacker and Ars Technica. We settled on 32 VPNs that were repeatedly recommended. From there, we dug into the details of how each one handled issues from technology to subscriptions:
While individuals are ultimately responsible for the information they share, having an extra layer of protection is highly recommended. We’re delighted that NordVPN has become our first official cyber security partner. With so much information constantly shared online, we’re committed to introducing greater levels of protection to secure the confidential data of our fans.
In recent times, VPN services have made giant leaps in growing from niche online products hidden away in a dark corner of the internet to almost must-have services for anyone with an internet connected device. VPN is very much in the mainstream now and luckily that broadened appeal has done wonders for the usability of the services themselves - there are some brilliant options available in 2019.
When we test VPNs, we use the Ookla speed test tool. (Note that Ookla is owned by PCMag's publisher, Ziff Davis.) This test provides metrics for latency, download speeds, and upload speeds. Any one of these can be an important measurement depending on your needs, but we tend to view the download speed as the most important. After all, we live in an age of digital consumption.
The Android app is actually fun to use, and you got to give TunnelBear credit for really doubling down on its name by really running with the concept. TunnelBear does not currently support torrenting, so if that's an important feature you're best to look elsewhere. If you're only looking for a casual VPN for your phone, TunnelBear is a great free option with affordable pricing for upgrading to the premium service.
To be fair, not all pay VPN services are legitimate, either. It's important to be careful who you choose. Over on ZDNet's sister site, CNET, I've put together an always up-to-date directory of quality VPN providers. To be fair, some are better than others (and that's reflected in their ratings). But all are legitimate companies that provide quality service.
We haven’t tested every single VPN product on the market because there are hundreds of them. What we did was establish affiliate relationships with a number of what we think are leading VPN services on the market for private use. We then analysed those products by performing a series of objective tests, assessed our subjective personal user experience, and reported our findings to help you make an informed decision to choose the right VPN service for you. Of course, there are other VPN products out there and you should feel free to shop around outside this site. However, on this site, all testing and findings were performed by a qualified member of our staff with a minimum of a university bachelor degree in computer science and over 10 years of experience in software development. Some of the VPN software used for testing was given free for testing purposes. Most were actually purchased. We think you will struggle to find another website out there which actually downloads and tests the different VPN software using a qualified professional.
If you are interested in an added level of protection, there are intriguing gadgets called Tiny Hardware Firewalls. These devices range from about $30 to $70 and connect via a network port or a USB slot to your laptop. They make the initial network connection, and so your computer's communication is always blocked before it calls out to the internet.
CyberGhost gives Mullvad some stiff competition in the speed department, especially for locations in North America and Europe. It does a good job protecting user anonymity, too—requiring no identifying information and using a third-party service for payment processing—albeit not to the same degree as Mullvad. Add to that CyberGhost’s unique, easy-to-use interface, good price, and streaming unblocking (although not for Netflix), and this VPN is a solid choice. (See our full review of CyberGhost.)
Obfuscation – Obfuscation is a key feature if you are using a VPN in China, schools, work networks, or anywhere that VPNs may be blocked. However, if you are not in a restricted network situation, obfuscation is generally not necessary and may impact performance. (See the best VPN for China guide for a great selection of VPNs with built-in obfuscation features.)
For local VPN issues, you have a couple of options. First, consider installing VPN software on your router and not using a VPN on your local machines. Alternatively, many VPN services offer browser plug-ins that only encrypt your browser traffic. That's not ideal from a security perspective, but it's useful when all you need to secure is your browser information.
Many companies proudly display “warrant canaries” on their websites. These are digitally signed notices that say something to the effect of “We have never been served a warrant for traffic logs or turned over customer information.” Law enforcement can prohibit a company from discussing an investigation, but in theory, it can’t compel a company to actively lie. So the theory goes that when the warrant canary dies—that is, the notice disappears from the website because it’s no longer truthful—so does privacy. The EFF supports this legal position, though other highly regarded companies and organizations think warrant canaries are helpful only for informing you after the damage has been done. Such notices may provide a nice sense of security, and they are important to some people, but we didn’t consider them essential.
Reddit users give Nord praise because it actually seems trustworthy, especially compared to other VPNs that may hand over information to the wrong people. Nord is also equipped with the ability to connect to a Double VPN, which encrypts your traffic twice for double the protection. One NordVPN fan on Reddit, Sacredkeep, even mentioned that NordVPN solved the problems that PureVPN and PIA gave them. Plus if you have any issues, Nord offers a 24/7 live chat. If you want a no frills, no worries situation, NordVPN is the simple, smooth operator that has your back. Get one month for $11.95, one year for $6.99/month, or two years for $3.99 per month.
In 2011, a LulzSec hacker was arrested for his involvement with an attack on the Sony Pictures website. Cody Kretsinger used HideMyAss VPN to conceal his identity, but the company complied with a court order to hand over evidence that led to his arrest. This occurred in spite of the company’s pledge not to keep any logs of user activity. HMA says it does not log the contents of its users’ internet traffic, but it does keep detailed metadata logs that include users’ real IP addresses, which was enough to charge Kretsinger with a crime.
Before anything else, understand that if you want to use a VPN you should be paying for it. Free VPNs are either selling your browsing data in aggregated form to researchers and marketers, or giving you a paltry amount of data transfer every month. Either way, a basic rule of thumb is that a free VPN will not protect your privacy in any meaningful way.
Computer and software providers work hard to make sure that the devices you buy are safe right out of the box. But they don't provide everything you'll need. Antivirus software, for example, consistently outperforms the built-in protections. In the same vein, VPN software lets you use the web and Wi-Fi with confidence that your information will remain secure. It's critically important and often overlooked.
HotSpot Shield is a product that has had some ups and downs in terms of our editorial coverage. Back in 2016, they picked up some very positive coverage based on founder David Gorodyansky comments about protecting user privacy. Then, in 2017, a privacy group accused the company of spying on user traffic, an accusation the company flatly denies. Finally, just this year, ZDNet uncovered a flaw in the company's software that exposed users. Fortunately, that was fixed immediately.