Using a VPN is the best way to increase your security and anonymity online. Consumer VPN apps are designed to be very easy to use, cost less than a pint of beer per month, and ensure that no-one can see what you do online, nor who you are.
While many VPNs shout about their amazing features, a surprising amount of the time they are not enabled by default, or are only present in the Windows app and not the Android or iOS apps. So it pays to understand what those features do and how to check and change settings.
Use the best VPN protocol
A VPN protocol is basically the method of encryption used to secure your connection. There are a few different ones, and some are a lot better than others. Typically, a VPN app will default to whatever that service prefers, but you might find you can change this by delving into the settings.
It’s worth using OpenVPN is almost every situation. It’s fast and uses 256-bit encryption which is the best security on offer currently.
You might find that there's no option to change the protocol on mobile VPN apps, nor even know which protocol is being used. You can check with your VPN provider if you're unsure. Typically, they use OpenVPN though.
Enable the kill switch
VPN connections can fail for a variety of reasons. Maybe the server goes down or there's a different issue. Whatever the problem, when a VPN connection stops, your device will automatically go back back to your regular, unprotected method of contacting the internet which could make you vulnerable, even if the VPN connection is automatically re-establised a few seconds later.
A kill switch, as the name suggests, will stop any data being sent over your internet connection. Many VPN clients will have their own kill switch built into their software, but not all. And sometimes, you'll find they are switched off by default.
If your VPN service doesn't offer a kill switch you might want to change and sign up for a service that does. Here are the best VPN services.
Domain Name Servers (DNS) are essentially the phone books of the internet. They are a directory of domain names (websites) that have Internet Protocol (IP) addresses associated with them. This is why you can type a website’s name instead of the the string of numbers that makes up its IP address. It's no different from tapping a name in your contact list instead of keying in that person's number.
When you’re connected to a VPN, it should automatically use a secure DNS server. However, this is not always the case as your computer may be defaulting to a standard public DNS server or the one provided by your ISP. This is known as a ‘DNS leak’ and it's bad: it can reveal to your ISP which sites you're looking at and clearly compromises your anonymity.
You can test if your VPN service has any DNS leak problems on DNSleaktest.com. First visit the site without your VPN connected. Look at the IP address at the top and the location.
Now connect to a server in a different country in your VPN app, then refresh the site in your browser. You should see a location in that country and a new IP address.
If you see no change, then your VPN is leaking your DNS details.
I am based in London, but as far as any website or online service is concerned, I am soaking up the atmosphere in lovely Prague – so my DNS is not leaking. If it showed me in London, then it would be leaking.
The same website has further instructions on how to fix a DNS leak, should you need it.
While we’re on the subject of leaking, it's important that your VPN doesn't leak your real IP address, which would reveal your true location and possibly even your identity.
Naturally, most VPN services automatically assign you a new IP address in the country you've connected to. Some, such as Hotspot Shield, have a 'Prevent IP leak' option in the settings, but most don't because there's no need: it's a fundamental feature of a VPN service. But it's worth checking that your VPN isn't leaking your true IP address.
To do that, connect to a VPN server in a different country to the one you're in and head to ipleak.net and make sure the IP address it reports shows the country you just chose.
IPv6 is a version of internet protocol that allows a larger amount of internet addresses than IPv4, which is was the previous standard. Internet providers are in the process of moving to IPv6, but it currently operates outside of the VPN, so it can give away your identity.
Some VPN clients will have the built in ability to disable IPv6, and you can check if your VPN is giving you away here at ipv6leak.com.
If your IPv6 is leaking, you can disable it manually to preserve your anonymity.
Making these changes will ensure that your VPN use experience is as safe as it can be, taking your security that extra step further to give yourself that complete peace of mind.