Product Use case Rating
Private Internet Access VPN Best of the Bunch 9
CyberGhost Flexible, Half Free 8
IPVanish A Jack-of-All-Trades 8
Avast SecureLine Best Built-In Feature Set 7
Opera VPN Free, But Constrained 7
Avira Phantom VPN Generous But Erratic 6
ExpressVPN Powerful But Pricey 6
NordVPN Easy, But Slow 6
PureVPN Looks Good, Acts Bad 6

Why You Need a VPN

Cybercriminals, spies, overeager retailers and even internet service providers can watch your internet traffic to find out what you do online — but only if you let them.

To stop them, consider using a virtual private network, or VPN, which creates a secure tunnel through the internet for your data. Everything you do will be unreadable by the rest of the internet until it reaches the VPN servers at the other end of the tunnel.

Credit: Adobe StockCredit: Adobe StockWith hundreds of VPN services and clients available, it can be difficult to decide which to use. We extensively tested several popular VPN services that met three requirements: They had desktop and mobile client software, they had servers in many countries, and they offered unlimited data use, at least in their paid versions.

Based on our performance tests and a comparison of features and pricing, Private Internet Access is the best overall VPN service. Of the services we tested, it's the best overall performer, has the most servers and is the cheapest full-fledged VPN service we reviewed, at $39.95 per year.

Both Private Internet Access and one of our two runners-up, IPVanish, are based in the United States, which may deter some customers who are trying to evade Uncle Sam. Our other runner-up, CyberGhost, is based in Romania, which has strong privacy laws.

News & Updates

AmpliFi announced Teleport, a piece of hardware that lets you create a secure tunnel back to your home network when you're traveling. You'll need an AmpliFi HD router on the home end. The connection from the home router out into the internet won't be protected, however, unless you have a regular VPN as well. (You could create a similar system with an old computer and free OpenVPN software.)  AmpliFi is taking pre-orders of $199 and up via Kickstarter.

PureVPN may have shared customer logs with the FBI in a Massachusetts cyberstalking case, according to an affidavit filed by an FBI special agent. We've reached out to PureVPN and will update this note when we receive a reply.

How We Test VPNs

One basic test for a VPN service is to see how long a VPN client takes to connect to a VPN server and get online. We installed each vendor's VPN client software on a Lenovo ThinkPad X1 Yoga notebook, an Apple MacBook Air, an iPad mini and an Android-based Samsung Galaxy S6 phone. We used all four devices with all VPN services.

  • Using Wi-Fi on the X1 Yoga, we timed how long it took to connect to websites, measured latency times (how long it took a server to respond), and recorded upload and download speeds with Ookla's Speedtest meter, both with and without the VPN activated. We also saw how long it took to download a 428MB file of a 4K video shot by NASA about the International Space Station, both with and without VPN activation.
  • We measured how quickly a VPN service connected after we clicked the activation button. These readings, and those of the data speed and latency — how long it took to get a response from a destination server — were repeated three times and averaged.
  • During each test run, we noted how many times (if any) we needed to re-establish the VPN link.
  • We also used each VPN for a variety of more mundane things, such as receiving and sending email; retrieving, updating and saving Google Docs files; and playing a few online games.

Features Compared

Avast SecureLineAvira Phantom VPN (Pro)CyberGhost (Premium Plus)Express
IPVanishNordVPNOpera VPNPrivate Internet AccessPureVPN
Client softwareWindows, Mac, Android, iOSWindows, Mac, Android, iOSWindows, Mac, Android, iOSWindows, Mac, Android, iOS, Linux, BlackBerry, Kindle Fire, Nook, routersWindows, Mac, Android, iOS, Amazon FireWindows, Mac, Android, iOSWindows, Mac, Linux, Android, iOSWindows, Mac, Android, iOS, Linux, Chrome extensionWindows, Mac, Android, iOS, Chrome, Firefox extensions
Max. devices at onceDepends on planUnlimited5356Unlimited55
Number of servers27408751458501,044500 max desktop; 586 mobile3,251750
Countries with servers192029946057525141
Ad blockerNoNoYesNoNoYesYesYesDesktop only
Payment optionsCredit card, PayPalCredit card, PayPalCredit card, PayPal, BitcoinCredit card, PayPal, BitcoinCredit card, PayPal, Bitcoin, moreCredit card, PayPal, Bitcoin, moren/aCredit card, PayPal, Bitcoin, gift cards, moreCredit card, PayPal, Bitcoin, gift cards, more
ID requiredReal name, street addressReal name, street addressValid email addressValid email addressValid email addressValid email addressNoneValid email addressReal name, email address
Country of registrationCzech RepublicGermanyRomaniaBritish Virgin IslandsUnited StatesPanamaCanadaUnited StatesHong Kong
Kill switchNoYesYesYesYes (Mac & Win)Yes (Win, Mac, iOS)NoYesYes
Supported protocolsOpenVPN, L2TP/IPsecOpenVPN, L2TP/IPsecOpenVPN, L2TP/IPsec, PPTPOpenVPN, L2TP/IPsec, SSTP, PPTPOpenVPN, L2TP/IPsec, IKEv2,
OpenVPN, L2TP/IPsec, SSTP, IKEv2,
OpenVPN, L2TP/IPsec, SSL proxyOpenVPN, L2TP/IPsec, PPTPOpenVPN, L2TP/IPsec, SSTP, IKEv2, PPTP

Our Top Picks

Private Internet Access was our top overall performer and the cheapest full-fledged VPN service we tried out, and it has more than 3,000 connection servers. The only downside is that you can't select your own username. Making Private Internet Access our VPN service of choice was almost a no-brainer, but anyone wary of the U.S. government may want to consider another service.

CyberGhost was one of the best and most reliable performers in our tests. Unlike most other full-fledged VPN services, it's transparent about its company structure, with online profiles of all staffers, including the office cleaning lady. Privacy fanatics will like its Romanian location, and there's a decent free option. But CyberGhost's full-service subscription is expensive.

IPVanish wasn't the top performer in our tests, but it was one of the most reliable, connecting smoothly and staying connected every time we used it. It has a decent array of connection points and reasonable pricing, but its U.S. base may be a negative for some potential customers.

Avast SecureLine VPN offers good overall performance and steady connections, and was the best of the limited-feature services we tested. But whereas most VPN services have a single license for all of a user's devices, Avast SecureLine VPN charges you for each Windows computer, plus extra for Mac software or an iOS or Android app. Fortunately, Avast recently introduced a package deal of $80 per year for up to 5 devices of any platform, making SecureLine VPN a little less expensive than it previously had been.

Opera VPN is really two different services. The free desktop version works only through the Opera web browser, and while it's very fast, it shouldn't be used for sensitive communications. But the mobile apps, also free to use, are full-fledged VPN services that perform decently and are perfect for occasional travelers who are seeking to avoid the risks of hotel and airport Wi-Fi networks.

Like Avast, Avira got into the VPN business to complement its antivirus offerings. Phantom VPN is easy to use and gives you up to 1GB of data per month for free, making it ideal for vacation travelers who just need to check email. Its unlimited paid plans are reasonably priced, but it had slow downloads and dropped connections in our tests.

ExpressVPN has the largest range of client software available, a dedicated proxy service for streaming media and its own DNS service. But it dropped many connections, its overall performance was in the middle of the pack, it allows only three devices to be connected simultaneously per account and it's one of the most expensive services we evaluated.

NordVPN is easy to set up and use, has more than 1,000 servers across the world, encrypts your data twice, has an easy-to-use Chrome extension to provide a quick proxy service, and is reasonably priced. But its performance was only so-so.

PureVPN has servers in more than 140 countries and can be very inexpensive if you pay for two years up front. It also lets you "split-tunnel" your service so that some data is encrypted and other data isn't. But PureVPN was at or near the back of the pack in almost all of our performance tests. In October 2017, the U.S. Department of Justice disclosed in a criminal complaint that PureVPN had given the FBI customer logs in reference to a cyberstalking case.

What VPNs Do and Don't Do

Using a VPN can make it look like you're someplace else. It's a well-worn practice to evade online censorship, as in China, or to tap into U.S. streaming services while in Europe or Asia. We've used VPNs to read the New York morning paper in Beijing and watch American TV in England.

But there are some caveats. A VPN will give you more privacy, but not more security. If you end up on a website harboring malware, the VPN can't prevent you from being infected. (A couple of the full-fledged VPN services have started blocking known malicious sites.)

Credit: Opera VPNCredit: Opera VPNAlso, although your data is encrypted as it travels between you and the far-off VPN server, it won't necessarily be encrypted once it leaves the VPN server to get to its final destination. If it isn't encrypted — and whether it is depends on the website you're connecting to — then the traffic might be intercepted and read. (One well-known VPN provider that we haven't yet reviewed was recently accused of inserting ads in users' web browsers, which would violate users' security and privacy.)

If you just want to evade geographical restrictions on streaming content, such as BBC iPlayer or Hulu, you don't need a VPN to do so. You just need a proxy service that will make it look like you're in the right country. There are many free proxy services available, but do your homework before choosing one — some of them are a bit dodgy.

Finally, Netflix is cracking down on both VPNs and proxy services. There's no guarantee that a particular service will evade Netflix's geographical restrictions on a particular day.

Know Your VPN Types

All of the VPN services we reviewed use the AES-256 encryption standard, which would take a well-equipped hacker with a powerful computer many years to crack. Anyone eavesdropping on your Wi-Fi traffic in a café would see gibberish without the encryption key.

Six of the VPN services we tested — CyberGhost, ExpressVPN, IPVanish, NordVPN, Private Internet Access and PureVPN — are what we call "full featured." If you plan on running all your home internet traffic through a VPN, or you travel frequently, these are the services you should consider.

These services offer many ways to connect; support operating systems and devices beyond just the "big four" operating systems (Windows, Mac, Android and iOS); have hundreds, or even thousands, of servers in dozens of countries; and generally let the user sign up and pay anonymously.

Credit: IPVanish VPNCredit: IPVanish VPNThe flip side is that a few of these full-featured services are pretty anonymous themselves, operating behind shell companies in offshore tax havens. If you're trying to avoid government scrutiny, that's great, but you might have a hard time getting your money (or bitcoin) back in the event of a dispute with the VPN provider.

Two other services — Avast SecureLine and Avira Phantom VPN — are run by antivirus companies as complements to their primary business. These VPN services offer fewer features; are limited to Windows, Mac, iOS and Android; don't work without client software; have a couple of dozen servers at most; and don't let you pay anonymously. But the companies are known quantities, and the services are handy for occasional travelers.

Finally, there's Opera VPN, which is completely free. The desktop version works only within the Opera web browser. But the mobile apps, which are made by a different company, encrypt all the internet traffic to and from an iOS or Android device. However, both the desktop and mobile versions of Opera VPN have servers in only five countries.

VPN Protocols

There are several different VPN protocols, not all of which are used by all of the VPN services we reviewed. Most operating systems have built-in support for at least one of these protocols, which means you can use it — and a VPN service that supports it — without client software. Most of the full-fledged VPN services have online instructions for how to do this, as well as how to set up routers to connect directly to the services.

OpenVPN: OpenVPN is very secure, open-source and widely used. Most VPN services support it, but except for Chrome OS, few operating systems do. It can be used in either TCP (web) or UDP (streaming) mode; the latter is sloppier but faster. You'll need either the VPN service's client software or one of the many free alternatives. (Either way, you'll still need to pay for the VPN service.)

Credit: ShutterstockCredit: ShutterstockL2TP/IPsec (Layer 2 Tunneling Protocol with Internet Protocol Security): L2TP is not secure itself, so it's generally paired with the IPsec secure-networking standard. If properly implemented, the combination of the two is very secure. It has native support in Windows, OS X/macOS, Android, Chrome OS and iOS. Most VPN services support it.

IKEv2 (Internet Key Exchange version 2, generally with IPsec): This is a newish standard that is very secure when properly implemented. It has native support in Windows, iOS and recent versions of OS X/macOS.

SSTP (Secure Socket Tunneling Protocol): SSTP is a Microsoft protocol with native support on Windows Vista and later versions. It's thought to be quite secure, but only Microsoft knows for sure.

PPTP (Point-to-Point Tunneling Protocol):This standard is largely obsolete, with many known security flaws, but it's fast. It has native support built into Windows, Android and older versions of Mac OS X and iOS; Apple dropped support with macOS Sierra and iOS 10. Use PPTP only for streaming content, as it won't protect your data.

Create a new thread in the Antivirus / Security / Privacy forum about this subject
Comment from the forums
    Your comment
  • SR-71 Blackbird
    IPVANISH or Nord , have used both , very good , better connections on IPVANISH.
  • rastakrautpasta
    Bravo Brian, this article is worth the time
  • ajack46
    A very good article i must say, have used Astrill and Purevpn works great.
  • Ronald Ruffner
    I didn't see Hidemyass VPN and was wondering how it stacks up against IPVanish.
  • SR-71 Blackbird
    IPVanish is much better , probably the best in my opinion.
  • Ronald Ruffner
    Thanks SR-71 for your response to my inquiry, but do you know where they have a comparison of HMA and IPVanish? I'm probably going to test out IPVanish as I've used HMA and didn't seem to have a problem with it, yet they cost about the same.
  • ajack46
    IP Vanish must be having some money back option as well, so you can always try it out.
  • Avast-Team
    Anonymous said:
    Thanks SR-71 for your response to my inquiry, but do you know where they have a comparison of HMA and IPVanish? I'm probably going to test out IPVanish as I've used HMA and didn't seem to have a problem with it, yet they cost about the same.

    Thanks for using HMA :) A search turns up several results on "HMA vs. X" and "HMA comparisons" if you're looking for opinions from around the web.

    Here's a recent review:

    If anyone has any questions on HMA I'll be happy to help. Lots of answers here too:
  • SR-71 Blackbird
    Huge Fan of IP Vanish.
  • Kayeye
    I've used IPVanish in the past. I had no problems with it and it was simple and fast to use. It's been a while since I've used a VPN and am currently in the market at the moment for a VPN service. I found a site which did a side-by-side comparison of many VPN services and there was one from Sweden or something like that. Their security measures used seemed a notch ahead of the others but I completely forgot their name. I'll probably get IPVanish again but I'm pretty open to reading about other recommendations as well
  • ajack46
    PureVPN is worth giving a try. Although they do not offer a free trial but have a 7 day money back offer.
  • SR-71 Blackbird
    I agree IPVanish is great and affordable.
  • ajack46
    Anonymous said:
    VPN service is really effective to ensure your online security. IPVanish is one of the best VPN services. It has some excellent features that protect you from online threats.

    Can you identify some of those features for that instance. Just asking
  • The Paladin
    I think SR 71 Likes IP Vanish :) just saying

    personally I prefer to use more expensive than IP Vashing, (unless you pay 60/6month but if you pay the yearly price its 8.30/month.. but monthly is 13.00
  • Morble
    Of your criteria, the most important should have been privacy. Does the VPN keep connection logs? Do they keep logs of where you are going or what services you ae using? The best VPN.s, in my opinion, are the ones that have a "No logging" privacy even if served with subpoenas for records, there are none to give. Should have been the most important point in an article on 'Virtual PRIVATE Networks'. No?
  • James_carton00
    I agree with the NORD VPN is the best VPN in my analysis because too much server and internet freedom and privacy to all in one personally use with no issue in speed and auto kill switch enables. In my recommendation NORD VPN :
  • SR-71 Blackbird
    Just went with NordVPN $79.00 \ 2 years , couldn't pass it up. Usually go with IPVanish but this price is unbeatable.
  • zeroplanet9
    Tor Guard is what I use
  • MastiffShack
    Have used NordVPN for three years now. All others on list appear to retain IP traffic logs of the user; especially in US where laws are more strict. Great support service w/NordVPN too.
  • CuddlyPop
    I'm for NordVPN. As many have tried it performed for me best.