• February 23, 2018 - We’ve updated our review to include additional tips for secure web browsing. We’ve also made some light changes to our methodology to include up-to-date sources. Our top picks haven’t changed — we still think NordVPN is the best VPN service for most users.

The Best VPN Service

“VPN” stands for “Virtual Private Network,” and it’s exactly what it sounds like: an online network that keeps prying eyes away while you surf the web on your laptop or mobile device. A VPN essentially takes the data you send online — which includes personal information such as your IP address — and disguises it so that nobody spying from another computer can identify who’s sending it, or where it’s coming from. The best VPN allows you to continue using the internet at normal or close-to-normal speeds, but scrambles outbound data enough that hackers and government officials will have a much harder time tracking your every movement.

VPNs are essential for small businesses. Because businesses have more proprietary information to protect, they’re a bigger target for thieves. For small businesses in particular, VPNs represent a layer of security that doesn’t require exhaustive resources while allowing remote and travelling employees to keep sensitive information private when connecting to a hotel or public Wi-Fi.

Do you need one? After speaking with security experts, we’d frame it like this: If you wouldn’t ask a complete stranger to hold your wallet for you, then you shouldn’t be using public WiFi without a VPN service. And “public” doesn’t just mean your average coffee shop or an airport. Even if your WiFi connection is password-protected and comes from a trustworthy source, like a hotel or a university, a VPN service can seriously boost your online security. And neither is a VPN service just for laptops. As banking apps and digital wallets become increasingly popular, it’s important to consider VPNs for mobile devices, too. Our picks work well with both types of devices.

All of our top picks offer top-notch security, a no bull privacy policy, and refreshingly fast connection speeds, but NordVPN emerged as the best VPN service of them all. It performed well during every round of our hands-on testing, which assessed both the connection speeds and user interface of every top contender. It also has rock-solid, reliable security — and simple, elegant apps for both desktop and mobile — all for $69 per year.

If you're looking for additional options, ExpressVPN had the fastest connectivity of any VPN service we tested — a must for users whose primary concern is streaming videos — and also provides top-notch security, but at nearly $100 annually, costs a little more than NordVPN. If you’re looking for a low-cost VPN option that will still get the job done, Private Internet Access has no frills, but gives you the most bang for your buck (or your bitcoin, as the case may be) for just under $40 per year.

But no matter which service you choose, be warned: VPNs are not a one-stop security shop. “If someone really wants to get at what you have, there are tons of ways for them to do it,” explains Jennifer Golbeck, a computer scientist and world-renowned internet security expert at the University of Maryland, College Park. A VPN service improves your online privacy, but even the best cannot make you totally anonymous (as some services imply). A good VPN is “absolutely the first priority if you’re on public WiFi,” Golbeck told us. But she notes that it’s most effective when used in conjunction with other common-sense security measures, such as an online backup service and a solid password manager — we look at some of these additional options down below.

Our Picks for the Best VPN Services

Best
Overall
NordVPN
NordVPN
Reliable, elegant, and secure — all for a reasonable price ($69 per year).

We poked and prodded to find cracks in NordVPN, but we couldn’t find anything that failed to impress us about this simple, elegant, and highly secure VPN service. At $69 for a full year of service, it ranks among the less expensive options (Golden Frog’s VyprVPN, by contrast, can cost as much as $120 per year) but still offers more premium features than just about any other service out there. Users can choose from three encryption methods (PTP, L2TP/IPSec, and OpenVPN) to further customize their security on desktop and mobile, and a single subscription covers six simultaneous connections. That’s three more than other top contenders like IVPN and Proxy.sh, giving you a perfect excuse to go out and buy those three extra cell phones.

Screenshot of NordVPN VPN

These features are all nice on paper, but we truly fell in love with NordVPN once we tried it for ourselves. Connecting to a VPN every time you log onto the internet can seem like a real pain — and with some services it is. VPN S, for example, was never able to establish a stable connection in multiple tries, while OctaneVPN offered up a clunky, confusing desktop interface that reminded us of the ‘90s for all the worst reasons.

But NordVPN’s simple, dedicated mobile app for Android and iOS allows you to establish a secure connection with just a tap of your finger. A lot of VPNs feel like they’re made for coders or criminals — just check out the cheesy image on SlickVPN’s homepage — but NordVPN offers an inviting, unintimidating interface for all levels of user.

While NordVPN probably won’t give you the fastest speeds possible, it’s well above average: Our tests indicated a roughly 14 percent decrease in browsing speed, and since we’re talking milliseconds here, it’s a discrepancy we didn’t even notice. To sweeten the deal, NordVPN also offers dedicated streaming servers.

Another stand-out feature? NordVPN offers an additional level of security simply because it’s based in Panama and operates under Panamanian jurisdiction. Unlike other countries, Panama has no mandatory data-retention laws, so users can be absolutely sure that the company’s “no logs” promise doesn’t contradict local laws. This isn’t something that most people need to worry about, but it does reinforce the notion that NordVPN protects your information as well as — if not better than — any other service out there.

And finally, it’s surprisingly pretty to look at. Rather than simply displaying a list of servers and countries, NordVPN presents you with a beautiful interactive world map that works great on both desktop and mobile. If you do decide to switch over to the list format, it clearly displays the exact distance of each server from your current location, ensuring that you always know where your best connection will be.

Best
For Streamers
ExpressVPN
ExpressVPN
Offered consistently faster speeds than other finalists, but a little pricer, at $100 per year.

As with NordVPN, we are huge fans of ExpressVPN’s clean, simple desktop and mobile interface, which doesn’t bog you down with unnecessary information, but makes it clear that you’re protected. A large graphic of a padlock clicks into place as soon as you successfully connect to a server, and bold green and red color-coding leave no doubt as to your current state of security.

ExpressVPN offers 136 server locations spread out across 87 countries (versus NordVPN’s undisclosed number of servers across 49 countries). This wealth of options means you can find a connection almost anywhere in the world. ExpressVPN also allows unlimited server switches, which lets you test out as many as you’d like to find the fastest connection. And once you do, boy, is that connection fast. ExpressVPN finished at the very top of our speed test, slowing down browsing by less than 10 percent without compromising anything in the way of security (the network is SSL secured with 256-bit encryption).

Screenshot of ExpressVPN VPN

ExpressVPN’s clean, well-designed desktop app is almost as impressive as its speeds.

Combine high speeds with two of the cleanest desktop and mobile apps we tested, and ExpressVPN is a perfect service for people who prefer not to be reminded by slow connection speeds that they’re using a VPN service. It’s pretty stable at those speeds, too; none of the connections we established were dropped at any point of the test. The only real downside we could find was the price: At nearly $100 per year, ExpressVPN is considerably more expensive than NordVPN, without offering much more. It may be worth it if you use a VPN primarily for streaming and other activities that necessitate super-fast speeds, but otherwise it’s hard to justify paying that much more.

Best
On a Budget
Private Internet Access
Private Internet Access
Not as elegant as our other picks, but fast, simple, secure — and only $40 a year.

Private Internet Access offers a lot of things we like: Speed, a responsive support team, thousands of servers for you to hop between, and a low price. It runs just $40 a year, roughly half the cost of a subscription with NordVPN. In short, Private Internet Access is a VPN that does what it says it’s going to do, and does it on the cheap.

Screenshot of Private Internet Access VPN

Compared to the sleek designs of our top picks, we found the Private Internet Access interface notably clunky.

And as you can see from the screenshot above, Private Internet Access also offers compelling features such as a kill switch, DNS leak protection, and PIA MACE, which automatically blocks ads and malware when engaged. There’s even IPv6 leak protection, which ensures that you stay protected when connecting to an IPv6-enabled website (more on that later).

But as you can also see from the screenshot, that is one ugly and unintuitive app. And we found the website similarly confusing. We only recommend Private Internet Access to experienced users who just want a VPN that won’t skimp on the truly important stuff, like speed and security. If you’re new to using VPN services and need help getting set up, this provider will be harder to figure out than our other picks.

Other VPN Services to Consider

We wouldn’t normally suggest a free VPN service, since our research suggests that these providers are typically slower, and offer less-stringent security plus a generally underwhelming experience. But Cyberghost's free VPN hit all of our check boxes, and if cost is your sole determining factor, you won’t find a better free option. The service is easy to use and offers all of the key protections we look for in a top VPN, including shared IPs, a kill switch, and DNS leak protection. There are a few trade-offs: You can only connect on one device, and during our speed tests, service slowed down by about 40 percent, enough of a difference that browsing could become frustrating. If you can spare just a few dollars a month, we’d suggest our budget pick, Private Internet Access, as a more reliable option.

IVPN is also worth a shout-out. It ranked an impressive second place in our speed test, and unlike Cyberghost, boasts an interface that’s simple and streamlined enough for newbies to figure out quickly. The company also has a clear commitment to privacy, with a transparent privacy policy, as well as a collection of privacy guides designed to clear up any confusion. At $100 a year, IVPN is on the pricey side, however, and didn’t distinguish itself among our very top picks. There’s nothing wrong with it, but it offered nothing we couldn’t already get from NordVPN or ExpressVPN.

Additional Tips for Secure Browsing

Be cautious about the details you share on social media.

Robert Schifreen, the founder of SecuritySmart and an expert on internet security, warns that a VPN won’t help you if you aren’t smart about how you use the internet. Social media sites like Twitter and Facebook are one area where he sees a real vulnerability.

“If you want to get hacked as a result of using social media, it’s very easy. Just make sure you post loads of personal information. Make it public. And use the same password on your social media accounts as you use everywhere else.”

Robert SchifreenFounder, SecuritySmart

“A lot of that data — What elementary school did you go to? What was your pet’s name? — is really easy to get from social media profiles,” Golbeck explains. Instead, make sure your security questions revolve around topics that no one else is likely to know, whether long-buried childhood nicknames or hobbies you’ve never shared with anyone.

Invest in a secure password manager.

Between the danger of having your password stolen, the necessity of periodically changing your password to keep Facebook and Gmail happy, and the experts who warn against using the same password for all of your accounts, it can be a struggle to keep up with your own credentials. A good password manager can be a lifesaver, keeping track of all your login info for you — all you have to do is remember one master password.

  • Don’t rely on the password manager embedded in your browser. You’ve probably gotten the helpful browser prompts: “Do you want Chrome to remember your password?” Just say no. Wired reports that web browsers don’t have the same commitment to encryption that third-party managers do. Opera, for instance, experienced a data breach in 2016 that exposed the log-in credentials of 1.7 million users.
  • Do use an encrypted, third-party password manager. Unlike your web browser, these providers rely upon incredibly complex algorithms that are nearly impossible to crack. We like Dashlane, which offers both a free service tier and a $3.33 a month service tier, and you can also look into similarly priced options like 1Password ($2.99 a month).

Don’t forget about antivirus software, lock screens, and secure connections.

These suggestions might feel too simple to matter, but they all bear repeating:

  • Make sure your devices have a lock-screen enabled. Setting your phone down or walking away from your laptop for even a minute or two in a public place can pose a security risk. This may seem like an obvious precaution, but 64% of people don’t use a screen lock at all. For phones, we’d also suggest taking advantage of long passcode options: iPhone goes up to 6-digits, and Androids allows 16 digit passwords.
  • Invest in good antivirus software for your computer. Large companies like McAfee, Norton and Kaspersky are perennial favorites, and free antivirus providers like Avast and AVG are also popular (although you’ll have to put up with ads.) These services help flag potential issues if a hacker does slip through your defenses.
  • Always check to see if you’re using a secure http connection. When logging onto email or using a social media site like Facebook, look at the URL and make sure there’s a green lock followed by “https” at the front. This means you’re connected through a secure http connection, which ensures that a website is only sending you encrypted information. “If you’re on a site and it’s not secure, just put that ‘s’ after the ‘http’ in the address bar, and on a lot of sites it will switch you over to a secure encrypted connection,” says Golbeck. It should look like this:
    HTTPS screenshot for VPN
  • If you’re a Google Chrome user, Golbeck also recommends using the Do Not Track extension so that third-party advertisers can’t track your activity across the web.
  • Set up remote wipe, in case your phone is lost or stolen. If you can’t find your property, you can at least protect your information. This setting can be toggled through iCloud or Google Sync, and all data will be remotely erased once your phone is connected to the internet. (PCMag walks you through setup, if you’re not sure how.)
  • Don’t ignore your operating system updates. While they often pop up at the most inconvenient times, clicking “remind me later” can be a security risk. These OS updates often patch up security holes, so that hackers and bots don’t gain entry as they become more familiar with the system.

You can set up your router with a VPN.

Rather than connecting to your VPN manually each time you log into the internet, your devices can be automatically routed through a VPN-enabled wireless router. Since the router is the device that distributes WiFi, when a VPN is installed on it, anything connecting to the router is also encrypted. This also allows you to encrypt devices that aren’t typically VPN compatible, like smart TVs and gaming consoles. The only downside is that you’ll have to sacrifice some bandwidth and speed: Expect about a 10 percent reduction.

You can either go the DIY route, or buy a router that comes pre-configured with a VPN. If you opt for DIY, first be sure that your router is compatible with your VPN service (as a client, not server). This information is usually found on the VPN’s website, but in general, any router that supports DD-WRT will work. You’ll work through your router’s access portal, where there should be a menu option for VPN. By adding a VPN client profile, selecting your encryption level, and saving all your settings, you can get a VPN tunnel set up fairly painlessly. Once you’re done, check that the VPN is live by doing a leak test, on a site like ipleak.net. It should display a virtual location, where your VPN server has settled, instead of your actual location.

If you’re in the market for a router, you can also check out our review of the best wireless routers: We especially liked the Asus AC88U for VPN configuration.

If you’re worried about ID theft, look into an identity monitoring subscription.

The best VPN service, coupled with the precautions we’ve listed above, go a long way toward mitigating the risk of having personal data stolen, but if you still crave extra peace of mind, it may be worth looking into an identity monitoring service. We look at some of our favorites in a separate review. Though these services can’t prevent your information from being stolen (that’s where a VPN can help), they can ensure you’ll know about it as soon as it happens and will guide you through the steps to resolve the issue.

Our VPN Provider Review: Summed Up

VPN Provider
Best...
NordVPN
Overall
ExpressVPN
For Streaming
Private Internet Access
On a Budget