A VPN, or Virtual Private Network, gives you privacy and security online, unblocks restricted content and allows you to appear to be in another country. It does this by encrypting your internet connection and diverting you via a remote VPN server in order to replace your IP address.
What is a VPN?
To use a VPN you need to sign up with a VPN provider in order to download the VPN software and get access to their remote servers. There are both free VPNs and paid options, although there’s a big drop-off in quality with most free choices – more on that later on.
A VPN does not replace your Internet Service Provider (ISP), as you need internet access in order to use a VPN. You can use a VPN on any network, such as your home, school or work network, or public WiFi. They’re not just for PCs and laptops, either – in addition to Windows 10 and MacOS you can also use them on Apple iPhones, Google Android handsets, streaming devices, games consoles like the Sony PlayStation 4 and Microsoft Xbox One, and more.
Don’t confuse the VPNs we talk about here with business VPNs, though. Corporate VPNs that allow its users remote access to far-away networks are not the sort of product we cover on Top10VPN.com – we’re consumer VPNs only.
Want to get straight to our highest-scoring reviews? Why not check out our Best VPNs for 2019.
Why Have a VPN?
A VPN keeps your internet activity private and secure. It stops your ISP and the authorities from tracking what you do online. A VPN will allow you to use public WiFi networks securely, safe from hackers. It will also give you unrestricted access to the internet by making it appear you are from another country.
There are four big reasons to use a VPN:
- Keep your internet activity private from your ISP, the authorities and any other snoopers
It’s not just repressive regimes like China and Russia that strictly monitor their citizens online.
The UK, US and Australia have some of the most aggressive mass surveillance laws in the world, forcing ISPs to track customers’ every move and hand over all data.
This sensitive personal data can also be sold to advertisers without your explicit consent. The only way to stop this is by using a VPN.
When you connect via a VPN server, your ISP is unable to see your data – as it’s encrypted. Nor can it track your onward journey past that initial connection, keeping your internet activity private.
If your ISP can’t log your activity then there’s nothing for the authorities to snoop through beyond the fact that you connected to various VPN servers. Even that scant information can be limited by choosing VPN with a strict no-logs policy (more on that later).
- Access the internet with IP addresses other than your own
Maybe you don’t want your internet activity traced back to you for whatever reason.
Or perhaps you are frustrated at the growing realization that your physical location is being used to limit your internet experience in different ways, blocking you from accessing the content you want.
When you use a VPN, your real IP address is replaced with the IP address of the VPN server, which can be located anywhere in the world. This means that as far as the websites and apps you are using are concerned, you are just another visitor from that country.
Better yet, you can appear to be connecting from any country you choose at the click of a button.
- Protect yourself from hackers on public WiFi
While these networks are convenient, they are highly vulnerable to hackers sniffing out personal information to use in fraud. WiFi in restaurants, coffee shops, department stores and on public transport are all highly at risk.
A VPN encrypts your connection, making it impossible for anyone to intercept your data or as it’s transmitted over the network.
- Evading censorship by the government, your ISP, your workplace or school
Online censorship works by the owner of the network blocking specific sites. That can be at the top level by governments forcing the the hand of ISPs or on local closed networks like schools or workplaces.
A VPN is an effective way around these blocks.
This is because the remote VPN server provides the onward connection to the censored site, rather than the internet provider. Even if a particular VPN server itself gets blocked, there are typically many more to choose from.
How Does a VPN Work?
A VPN creates an encrypted tunnel between an internet-connected device, such as a laptop, and a remote VPN server.
Data is encoded at one end and decoded at the other, appearing safely as gibberish in between.
Onward traffic from the VPN server also assumes its IP address, replacing its original identification.
The VPN Basics: Software and Servers
A VPN has two parts: the software on your device and the remote VPN server, which is part of a global network.
The software creates an encrypted ‘tunnel’ between your device and your chosen VPN server, which then routes you on to whatever website or app you are trying to access.
You effectively take a detour via the VPN server on the way to your destination, but from your perspective there’s basically zero difference to how you would normally browse the web.
Your ISP can only follow you as far as the VPN server. It’s unable to track your onward journey, meaning your internet activity remains private.
The more distant the VPN server from your physical location, the slower the speed of your connection, as your data has further to travel. Connecting to the nearest possible server will give you the best possible performance.
This can be no easy task if you live outside of Western Europe or North America. Users in the Oceana region should see our Best VPN for Australia.
Why do you need an encrypted connection to the VPN server?
This is best explained by looking at what happens when you go online normally:
- Your ISP logs every website you visit and app you use
- For websites without HTTPS implemented – a surprising number of popular sites – your ISP is able to monitor every individual page you visit and any data you might enter
- On a public network, it’s also easy for a hacker to do the same thing or trick you into exposing sensitive personal data.
When you use a VPN, all of that becomes impossible. Here’s why:
- Your data is broken down and each part, or ‘packet’, is hidden inside another packet, keeping it private from prying eyes.
- These packets are then encrypted so that only your VPN software and the VPN server you are connected to can read the data, as only they have the key needed to decode its encryption.
- Even if the data is intercepted, it will simply look like gibberish.
There are several different methods of encrypting and transmitting data in this way, collectively known as VPN protocols.
These include, but are not limited to:
While it’s not necessary to understand them in detail in order to use a VPN, just be aware that some are more secure than others – we’d advise you stay away from the totally outdated PPTP in particular.
You typically choose which VPN protocol to use in the settings of your VPN software, or just set it to auto and forget about it.
OpenVPN is the best option for most people as it not only has the best balance of performance and security, but it’s also open source, meaning that it’s transparent and trustworthy.
A simple rule of thumb is that the stronger the security of the protocol, the slower it will be. While this is not usually too much of an issue on newer devices on fast internet connections, if you find yourself on an old device or slow internet, you may need to sacrifice one or the other.
As you dig deeper into VPNs, you will come across talk of ciphers, hash authentication and handshake encryption. Unless you are a privacy geek, there’s little practical difference between AES-256 and Blowfish-128, they will both get the job done. If you do want to school yourself in the technicalities, our Guide to Encryption will keep you busy.
Preventing DNS Leaks
There are also other factors involved in effectively hiding your IP address when you connect to a VPN, such as preventing DNS leaks.
When you click a link or type in a URL, your browser’s request for the website you want to visit is made to a DNS server.
Every ISP has its own DNS servers, which act like an internet telephone directory, matching the user-friendly names with the actual IP addresses your browser needs to connect.
Problems arise when your browser’s DNS requests are made directly to the ISP’s servers, exposing your activity.
An effective VPN will prevent this by operating its own DNS servers and forcing all traffic through them. To find out more about DNS (and other) leaks, head over to our DNS and WebRTC leaks guide.
It’s important to understand that by using a VPN you are shifting visibility of your internet activity from your ISP, who is not privacy-focused, to your VPN provider, which at least claims to be.
That’s why it’s vital to pick a VPN provider that takes every precaution to ensure that it logs the tiniest possible amount of information about your connection.
No respectable VPN will directly log any of your activity, but it may well collect general metadata about your connection, like when you logged on and off, and which server you connected to, for example.
Collection of these usage stats allows a VPN provider to keep its server network running as effectively as possible.
For more information take a look at our comprehensive guide to VPN logging.