The Best VPN Services and Apps of 2019

Product Use case Rating
ExpressVPN 4.5
NordVPN 4
IPVanish 4
Windscribe 4
Hotspot Shield 4
CyberGhost 4
TunnelBear 4
VyprVPN 3.5

As you've made it this far, it's likely you already know what a VPN is. But, to be clear, this is all about Virtual Private Networks – a rather fancy way of describing software that hides and therefore protects your online identity by allowing you to relocate your IP address. That sounds simple but the uses of a VPN are many. So, could you benefit from using a VPN? And is it worth shelling out for the best VPN service available now?

A VPN creates a secure tunnel through the internet for your data. Nothing you do will be readable by others until it reaches the VPN servers at the other end of the tunnel. That makes it a crucial bit of software if you're looking to hide your identity for security reasons, to make sure your emails, browsing history and even bank details are super-secure.

And because a VPN effectively makes it look like you're logged on somewhere that you're not, they're handy for accessing blocked websites or getting location-specific results. You might just like the idea of your internet provider not being able to see your every online movement.

Whatever your reason for using a VPN, there are a lots of them to pick from. That's why we've tested the services, narrowed them down to our favorite few and placed our top 10 below with pros and cons so you can find the perfect VPN for you.

1. ExpressVPN

The best all-around VPN for speed, unblocking and security

Rating: 4.5/5 stars

Wide platform support; 30-day free trial; A 24/7 support service

Max three connections; Little bit pricey

ExpressVPN is the best VPN for most needs, thanks to its superb speeds, excellent 24/7 customer-service support and wide compatibility across devices. That means you can use the service on Mac, Windows, iOS, Android or even Linux and BlackBerry. Or you can enjoy a custom firmware for some routers if that's where you want your privacy to start.

For anyone new to the VPN world, ExpressVPN is super-simple to use with a one-click startup option. But for those looking for more complex options, it also offers a kill switch and DNS leak protection, plus you get industrial-level encryption and there's a clear no logging policy.

The only negative we found was a limit of up to three devices using the service at once. Although even that is probably enough for most people's needs – laptop, mobile and games console, for example.

Another nice addition to this service is a 30-day money-back guarantee. So, effectively, you can try this for free for 30 days, and if you don't like it you can easily cancel and walk away without having spent a penny.

Read our full ExpressVPN review.

2. NordVPN

Security at its most impressive

Rating: 4/5 stars

Super 2048-bit encryption; Up to six devices at once; Handy connection wizard

 Dropped connections

If pure security is your need, then NordVPN is one of the options for you, thanks to the provider's 2048-bit encryption that'd leave even the military impressed – and blocked out. To be specific, that's out of over 5,000 servers that are spread over 60 countries. All that gives you strong DNS leak protection, two kill switches and excellent connection speeds.

Unique features of NordVPN include proxy extensions for the likes of Bitcoin, PayPal, credit cards, Chrome and Firefox. In addition, you get SmartPlay, which helps you get around geo restrictions, making it ideal for watching the likes of Netflix, Amazon Prime Video or BBC iPlayer abroad. And if you run into problems, you can solve them with the aid of NordVPN's help center articles, email support or live chat support options.

On the downside, there were issues with server connections from time to time but largely we got online fine and speeds were well above average. With lots of payment options available, there should be something for everyone here. But compare the price of NordVPN to the rest, and it may just be the service for you.

Read our full NordVPN review.

3. IPVanish

Great support

Rating: 4/5 stars

Very reliable; Live-chat support; Fast speeds

Based in U.S.

IPVanish is a fantastic VPN that boasts over 1,300 servers in more than 75 countries, 24/7 customer service and a whopping 10 simultaneous connections available at any time.

You may yet use those 10, as IPVanish works on lots of devices, including Mac, Windows, Android and iOS. The desktop apps offer plenty of options that will keep the pros happy, while the just-work simplicity is also there for everyone else. That it all functions with far above average speeds is a nice bonus.

The lack of a kill switch on the mobile version of the app may be a downside for some but generally everything worked well. If you do want to give this VPN a go, you're covered by a seven-day money-back guarantee. However, its subscription price is kind of high, and its U.S. base may be a negative for some potential customers.

Read our full IPVanish review.

4. Windscribe

The one with unlimited connections

Rating: 4/5 stars

Affordable; Unlimited connections; Privacy wins

Isn't the fastest VPN

Windscribe's standout features are a very generous free service that gives you up to 10GB per month, and a moderately priced paid service that lets you connect as many devices at once as you like. Most other VPN services permit only five to 10 at a time.

Windscribe is compatible with many platforms – including routers and Amazon Fire and Kodi TV set-top boxes. The service offers a great variety of connection options, has a wide geographic reach with hundreds of servers, and presents an appealing, if minimal, user interface. It was also one of the best at connecting to foreign Netflix catalogs, if you're into that sort of thing.

Windscribe's network performance wasn’t quite as impressive, however. Our testing showed slower connection times than its competitors.

You can pay for a Windscribe subscription with bitcoin, and you don't even have to provide an email address. The service is based in Canada, which may appeal to users wary of U.S. authorities. The only feature lacking is a kill switch to stop all internet activity if the VPN connection is lost while in use. But Windscribe argues that its built-in firewall prevents data leakage.

Read our full Windscribe review.

5. Hotspot Shield

Speedy but mysterious

Rating: 4/5 stars

Free data allowance; Good performance; Servers in China and Russia

Proprietary VPN protocol; U.S. based

Hotspot Shield downloaded files rapidly in our performance tests and has over 2,000 servers around the world (including in China and Russia, which is rare for a VPN service). It offers an easy-to-use, attractive interface.

Hotspot Shield also offers a free, ad-supported VPN service, as well as an affordable lifetime subscription. The monthly and yearly costs are rather pricey, and you can pay with store gift cards to remain relatively anonymous. But whether you pay or not, you have to use Hotspot Shield's client software, which is limited to Windows, Mac, Google Chrome, Android and iOS. Many VPN services let you connect to their servers in other ways, and privacy advocates say that's the better way to do it.

Hotspot Shield depends on a custom VPN protocol that's not been publicly analyzed by independent experts. We don't know how private or secure it really is. The company has been accused of spying on users (it denies the allegations), and complaints abound online about Hotspot Shield software installing on PCs without users' permission. All this, and the company's U.S. location, may scare away customers who want to protect their privacy.

Read our full Hotspot Shield review.

6. CyberGhost

Tons of features and loads of servers

Rating: 4/5 stars

Wide server spread; Lots of features; 45-day money-back guarantee

Spotty performance; Interface could be better

CyberGhost has a feature-loaded, user-friendly interface, with convenient buttons in the Windows client software for streaming media, torrenting files, protecting your Wi-Fi transmissions and evading censorship.

There are about 3,600 CyberGhost connection points in over 55 countries worldwide. You don't need to provide your real name, just a working email address, and you can pay in bitcoin (should you have any) to remain nearly anonymous. As with most full-fledged VPN services, you can connect directly from your operating system's network settings or use third-party OpenVPN software to do so. You can also select from among VPN protocols and set up a home Wi-Fi router to use CyberGhost all the time.

CyberGhost is transparent about its company structure, posting photos and bios on its website of everyone from the CEO to the cleaning person, and privacy fanatics will like that the company is based in Romania rather than in the U.S. But CyberGhost's full-service subscription price is among the most expensive month-by-month — it's far better to just pay for a year at a time.

Read our full CyberGhost review.

7. TunnelBear

One of the easiest to use VPNs

Rating: 4/5 stars

Extremely user-friendly; Excellent security guarantees; Very secure

U.S. owned; Client software required

Goldilocks would love TunnelBear, as it's just right for VPN newcomers. It has a friendly, easy-to-use interface; offers a limited free plan that's ideal for casual use in airports and cafes; is uncomplicated yet offers a fair number of options; has about 1,500 servers in 20 countries; and doles out a large helping of security and privacy.

TunnelBear's network performance and pricing are just about average compared with other services we've reviewed The company takes security and privacy seriously, explaining its policies and protocols in plain English, and you can read the results of two third-party security audits on the company website.

However, you've got no choice but to run TunnelBear's client software – unless you use Linux – which may concern some privacy-minded users, and there's no option to set up TunnelBear connections on routers or other devices. Finally,, this tiny Canadian firm is now owned by U.S. antivirus giant McAfee, which may mean TunnelBear is subject to U.S. search warrants.

Read our full TunnelBear review.

8. StrongVPN

Breadth over depth

Rating: 3.5/5 stars

Works on 12 devices at once; Bypasses region locks for Netflix etc.; Has own DNS service;good general performance

No trial offer; Windows app is bare bones; limited features; high price

StrongVPN is a solidly performing VPN, perfect for bypassing region locks. However, beyond the basics, it offers some unique extra benefits while missing out on some more obvious others.

The really attractive feature is that you can have up to 12 devices running StrongVPN at once, which is more than enough to cover all of your devices and still have some left over. But this is balanced out by a lack of details, like information in the server browser or DNS settings, and the fact you have to pay a relatively high price for even an annual subscription in comparison to rival VPNs. You don’t get a free trial either, as the best StrongVPN offers here is a 30 day money-back guarantee, meaning you will have to pay first no matter what.

All the same, you do get 24/7 customer support, including a helpline with more limited opening times, plus a good speed in almost every server location, which makes it at least passable for any kind of user.

9. VyprVPN

Solid performance and security

Rating: 3.5/5 stars

Speedy performance; Powerful and configurable clients; Attractive annual plans

Some session logging; Monthly plans cost you more

VyprVPN is one of the most secure VPN options out there, thanks to it being a Swiss-based service. That means 73 server locations with zero-knowledge DNS plus its own famous-in-the-right-circles Chameleon protocol, which gets you online even in VPN-blocking countries – yup, including China.

This service has clients for most platforms, including Mac, Windows, iOS and Android plus Android TV, QNAP, BlackPhone and Anonabox, to name a few. You also get to enjoy superfast download speeds. Previously VyprVPN was criticised for its use of session logging, even if it was only a 30 day record of details connection times and IP addresses. Now though, the service has moved to a 'zero log' policy, keeping your information truly private.

Some server issues were spotted when testing this service but that could have just been bad luck, as generally it performed well. Pricing is reasonable, so this is an appealing offering indeed.

Read our full VyprVPN review.

10. SurfShark

Effective performance but a little unrefined

Rating: 3.5/5 stars

Cheap two year plan; live chat support; unblocks Netflix; some advanced features

Basic app interface; no free trial; web support is lacking; server locations may cause slowdowns

In general, SurfShark is both fast and powerful, with advanced features (although the mobile app is more bare-bones), and is capable of bypassing region restrictions with ease.

The 24-month deal works out at only $1.99 a month, which is clearly fantastic value. But there’s no free trial, meaning you have to commit for two years immediately or pay for a single month first if you want to try it out.

The other problems you might want to watch out for are a lack of online support beyond set-up (although the live chat makes up for this should you want it) and the fact that some of the servers have their physical locations separated from their IP locations, meaning that depending where you’re accessing them from, you could end up with sluggish performance.

How We Test VPNs

We start by collating all of the VPN service provider options. We then narrow down the options by checking security requisites for each one, so if one requires your personal details, for example, that would be a strike against it. We then look at the features offered to further whittle the selection. We also take into account  pricing, with not only the charge but how you're able to pay, and whether any money-back guarantees were on offer. Security also applies here as we look at those companies that keep your payment details private, allow you to pay with bitcoin and so on.

The next step in security testing is to delve into the Privacy Policy as well as the Terms and Conditions. Yup, we must really love you to be reading that stuff. We make sure that things like company-logging policies are clear, and that any information sharing is clear. We also check to see if there are any restrictions like age or commercial use.

Then comes the testing of the VPNs themselves. We not only test performance speeds for downloads and uploads across local and distant servers using but for leaks, too. Some VPNs can have DNS or other leaks that give clues to your identity, so we use to test that the VPNs are as secure as they claim to be.

Finally, we make sure that the client interface is simple to use but also that there are more complex options for those who need them. That includes things like tools for country, region, server, speed, filters, favorites, server load and ping time displays and so on.

What VPNS Do And Don't Do

Using a VPN can make it look like you're someplace else. It's a well-worn practice to evade online censorship, as is done in some countries, or to tap into U.S. streaming services while in Europe or Asia. We've used VPNs to read the New York morning paper in Beijing, and watch U.S. TV in England.

But there are some caveats. A VPN will give you more privacy but not more security. If you end up on a website harboring malware, the VPN can't prevent you from being infected. Some of the full-fledged VPN services block known malicious websites, just as some browsers do.

Also, although your data is encrypted as it travels between you and the far-off VPN server, it won't necessarily be encrypted once it leaves the VPN server for its final destination. If the data isn't encrypted — and that depends on the website you're connecting to — then the traffic might be intercepted and read. One well-known VPN provider was recently accused of inserting ads in users' web browsers, which would violate users' security and privacy.

If you just want to evade geographical restrictions on streaming content, such as BBC iPlayer or Hulu, you don't need a VPN to do so. You just need a proxy service that will make it look like you're in the right country. There are many free proxy services available, but do your homework before choosing one — some are a bit dodgy.

Finally, Netflix and the BBC are cracking down on VPNs and proxy services. There's no guarantee that a particular service will evade geographical restrictions on a particular day.

Know Your VPN Types

All of the VPN services we've reviewed use the AES-256 encryption standard, which would take a well-equipped hacker with a powerful computer many years to crack. Anyone eavesdropping on your Wi-Fi traffic in a café would see gibberish without the encryption key.

Nine of the VPN services we've tested — CyberGhost, ExpressVPN, IPVanish, Mullvad, NordVPN, Private Internet Access, PureVPN, VPN Unlimited and Windscribe — are what we call "full-featured." If you plan on running all your home internet traffic through a VPN, or you travel frequently, these are the services you should consider.

These services offer many ways to connect, including without the service's client software; support operating systems and devices, such as routers or set-top boxes, beyond just the "big four" operating systems of Windows, Mac, Android and iOS; have hundreds, or even thousands, of servers in dozens of countries; and generally let the user sign up and pay anonymously.

The flip side is that a few of these full-featured services are pretty anonymous themselves, operating behind shell companies in offshore tax havens. If you're trying to avoid government scrutiny, that's great, but you might have a hard time getting your money (or bitcoin) back in a dispute with the VPN provider.

Two more services, Hotspot Shield and TunnelBear, make you use their client software, which is limited to the big four OSes. You can't connect your home router or other nonstandard devices directly to these service's VPNs. TunnelBear makes an exception for Linux boxes.

Avast SecureLine and Avira Phantom VPN are run by antivirus companies as complements to their primary businesses. These services are also limited to Windows, Mac, iOS and Android and don't work without client software. But they offer few features, have a couple of dozen servers at most and don't let you pay anonymously. However, the companies are known quantities, and the services are handy for occasional travelers.

Finally, there's Opera VPN, which is completely free. The desktop version works only within the Opera web browser. But the mobile apps, which are made by a different company, encrypt all the internet traffic to and from an iOS or Android device. However, both the desktop and mobile versions of Opera VPN have servers in only five countries.

VPN Protocols

There are several different VPN protocols, not all of which are used by all of the VPN services we reviewed. Most operating systems have built-in support for at least one of these protocols, which means you can use that protocol — and a willing VPN service — without client software. The full-fledged VPN services have online instructions for how to do this, as well as how to set up routers to connect directly to the services.

OpenVPN: OpenVPN is very secure, open-source and widely used. Most VPN services support it, but except for Chrome OS and Linux, few operating systems do. This protocol can be used in either TCP (web) or UDP (streaming) mode; the latter is sloppier but faster. You'll need either the VPN service's client software or one of the many free alternatives. Either way, you'll still need to pay for the VPN service.

L2TP/IPsec (Layer 2 Tunneling Protocol with Internet Protocol Security): L2TP is not secure itself, so it's generally paired with the IPsec secure-networking standard. The combination of the two was once thought to be very secure when properly implemented, but some VPN services suggest that you use OpenVPN instead. L2TP/IPsec has native support in Windows, OS X/macOS, Android, Chrome OS and iOS. Most VPN services support it.

IKEv2 (Internet Key Exchange version 2, generally with IPsec): This is a newish standard that is very secure when properly implemented. It has native support in Windows, iOS and recent versions of OS X/macOS.

SSTP (Secure Socket Tunneling Protocol): SSTP is a Microsoft protocol with native support on Windows Vista and later versions. It's thought to be quite secure, but only Microsoft knows for sure.

PPTP (Point-to-Point Tunneling Protocol): This standard is largely obsolete, with many known security flaws, but it's fast. It has native support built into Windows, Android and older versions of Mac OS X and iOS; Apple dropped support with macOS Sierra and iOS 10. Use PPTP only for streaming content, as it won't protect your data.

streaming-device DEALS

Streaming DEALS

Credit: Tom's Guide

    Your comment
  • toshibitsu
    If you're just going to be "browsing the web", you could also just use Tails OS: /
    Load it onto a USB drive & boot from the USB(from any PC). As it states... providing complete Internet anonymity for the user.
  • maxxgem
    Great article though why would any VPN need to implement a kill switch on Android if it already has built-in system wide kill switch?
  • renecoder
    Cannot share a lot about others only that the speed of nord in this post is underrated: the speed when torrenting isnt dropping more than regular (since you are connecting to foreign server) but other than that - totally satisfying service.
  • krystianpotts
    Agree with RENECODER never had any speed issues with Nordvpn. Can't be more satisfied with a service
  • jandawson
    I'm a nordvpn user and was suprised that nord did not that well in this review. I never had any problems with connection speeds or buffers with them. Maybe it should be tested agai in this year as it has improved a lot.
  • safahpower
    Really curious how they conduct this review? Nordvpn is the top rated VPN in many reviews like Pcmag etc.!
  • blakeford223
    this article should be updated as the information in it is not completely true. for example opera vpn is discontinued already. after that i purchased nordvpn and now trying out their features, even from first look i can say that it's very user friendly and so far works with netflix streaming
  • ksh436
    Where is Nordvpn, top rated vpn not listed in your review.
  • person1000
    Unfortunately Private Internet Access PREVENTS you from sending email while connected unless your email provider is AOL, Google,, outlook or yahoo. MAJOR FLAW and makes the product useless to me now. I had been a happy customer. Just cancelled my subscription and moving to a better provider. AVOID PIA IF YOU SEND EMAIL
  • dsilverburgh
    Its a good read for sure. I want to know what is split tunneling and why it is significant for any VPN? I've googled it but can't get a good direction on it. Thanks
  • garrettrios
    I'm confused why NordVPN is not even on this list? I can't be the only one who finds this suspicious as they shine in other reviews in sites like pcmag, vpnspecial etc. Ratings can't vary that much. I'm using Nord myself so I know for a fact that they have a good product, 100% worth mentioning.
  • tanjan
    I completely agree that NordVPN is easy to use (even my wife know how to use it) and I didn't feel any speed drops.
  • fayeday183ef
    I think this article needs an update! I have no idea how you conduct your reviews, but reading your list chose a VPN provider and had nothing but problems. After all of the struggles switched to Nordvpn which is rated as slow VPN according to you guys, but my experience is completely opposite. Please don't mislead your audience
  • justin.m.beauvais
    I've been using VPN Unlimited and I can see what you mean about it being a bit slow, however, several fairly quick serves do exist... it is just trial and error to find them. Otherwise I'm pretty satisfied with my service.
  • mitchellyoung
    it would be interesting to see how did you test the speeds of these vpn's as it's strange that nord is rated not that well here. i'm using nordvpn for a few years and it's easy to see that they improved a lot lately. anyway, if you'd compare their speeds now, i think it would go right from six to ten.
  • jscuras
    Sadly, I engaged PIA, the number one rated and paid a "great price" for a 3 year service only to findout that dur to a recent SMTP abuses they no longer can be used when using Microsoft servers. So, all of my outbound email is rejected from Microsoft Servers due to this policy. In itself, fine, but as I enrolled in this service and while setting up the servie at no time was this mentioned nor, prior to a May 15 issue, was this a problem.

    And, after days of issues and trying to get support, I never once had a tech personally engage to try and resolve the issue. They continued sending crutic emails which were often difficult to interpret and therefore extended the agony.

    Then I find this new policy issued on 5/30 explaing that the email service I use, microsoft, is not supported. You think this would be made abundantly clear up front but it is hidden in a policy and never mentioned by setup support which is likely part of an unwritten policy of greed.

    So, I now findout this wonderful service will not support my client and request a refund and they tell me after 7 days no refunds are possible.

    I find this a disgrace and ask Tom's Hardware to reconsider vendors for their fairness and transparency and not their services alone when including a company like this into their list of "Best Services". And, any help you can provide in exposing this new policy would be appreciated also!


  • quintdailynews
    Excellent.. :) Thanks for sharing a detailed guide.
  • sandyrivers
    In the past few years, I had terrible luck with VPNs... one provider didn't work with Netflix at all, and the other one very cluttered app interface which drove me crazy, so every time I used it, I felt frustrated. Now I'm testing Nordvpn. I'm not very trustful with big names, and its price seems too high for my pocket, but I thought I should give it a shot. In a few months of using Nord I didn't see any bugs or issues, so I feel that it's better to pay a few extra bucks but have a stable service like this, so in the long shot, it's totally worth the price I paid. Don't be afraid to invest, people.
  • jorge58
    I see that everyone have various opinions on what's best, I guess people have different needs from such services. For me, nordvpn looks the most reliable, I'm not saying other providers are bad, but it seems the most flexible and tries to cover every angle a user would want. Well, that's what impression I got from using it for almost a year.
  • jojo_jang
    Any thoughts about SaferVPN? How about its speed?
  • kathleenrooney87
    I signed up with PureVPN for one month to see how it would go. So far so good experience
  • jscc
    I m very satisfied with vpnexpress, but yes its expencive (