VPN explained

VPN services, by default, offer excellent security and anonymity, but that does not mean they are indecipherable. Check out these five tips to make your VPN connection more secure.

Using a VPN is the best way to have your anonymity on the internet. VPN applications are designed to be easy to use, usually cost an affordable monthly amount and ensure that no one can see what you do online, or know who you are. But how could you be increasing the security of your VPN?

How to make your VPN more secure? While many VPNs claim their incredible security features, a surprising amount of time they are not enabled by default, or are only available for your Windows, without applications for Android and iOS. So, it is worth paying attention to some details in order to be more secure.

Change the VPN protocol

There is not just one type of VPN – in fact, there is a wide variety of VPN protocols, and many providers do offer this option. This choice is sometimes available in the connection application; it is sometimes simply a configuration option for third-party VPN tools. Most commonly, your options are PPTP (point-to-point encapsulation protocol), L2TP / IPSec (layer 2 encapsulation protocol) and OpenVPN.

In particular, if you are configuring VPN on a mobile device or a router, PPTP and L2TP are generally the best options, as they are much easier to configure. In many cases, you just need a server name, username and password.

PPTP uses an encryption of 128 bits, which is low, and the initial connection and authentication process can be intercepted and decrypted data beyond compromised. On the other hand, it is the fastest of the protocols, because it has the least encryption overhead.

L2TP is more secure, but it also adds a lot of overhead and is the slowest of protocols.

Lock switch

If the VPN connection fails – if the VPN server goes down or the connection is lost – your computer will immediately return to your normal internet address, making you vulnerable; this is known as an IP leak.

That’s where the kill switch comes in. It ensures that if your VPN is disconnected, the Internet connection will be terminated, or the apps that use it. If you are not connecting via the VPN, you will not be able to connect.

Some VPN connection applications actually have an integrated lock switch. But an alternative to the absence of this feature is a VPN lock switch, which can be added to any VPN. These applications, such as VPN Watcher and VPNetMon , are configured on Windows to instantly close selected applications, if the VPN does not work, and restart them.

Activate a network lock

Just like a lock switch, enabling network lock is another quick and easy way to help ensure your connection is secure in the event that your Wi-Fi is interrupted.

In the event of VPN interference, the network block will automatically prevent the device from accessing the Internet. This means that your information can remain protected as long as your VPN reconfigures itself.

Keeping your network – whether mobile or desktop – locked, means you won’t have to worry about exposing your IP. It is a useful feature to have, but not every VPN provider offers this.

Watch out for DNS leaks

DNS, which stands for Domain Net Server, is the service that your computer uses to translate URLs to an IP address, as we explained in this article. When you are connected to a VPN, you will automatically use the secure DNS provided by the VPN service. But sometimes it happens that your computer uses its regular DNS connection, bypassing the VPN. This is called a DNS leak, and compromises your security.

Some VPN servers have built-in DNS leak protection, but if yours doesn’t, you can run a test here . The location he reports must be your apparent VPN location, not your current location.

Blocking IPv6 leaks

For most Internet activities, we use the good old version 4 of the internet protocol (four-number IP addresses). The problem is that there is also a version 6 of the protocol, which is designed to provide many more Internet addresses than IPv4. Internet service providers are still making the transition from IPv4 to IPv6, although your computer supports both.

IPv6 operates outside the VPN, and an attacker can use you to discover who you are. It is not something that is done frequently, but it is possible, and the only real fix is ​​to disable IPv6.

Watch out for WebRTC leaks

It is also important to ensure that your network does not unintentionally expose your address. WebRTC (Real-time Communication on the Web) is a common protocol that allows two devices to communicate quickly with each other, transmitting each other’s IP address.

Unfortunately, doing so sometimes also shares a user’s location without knowing it. Since WebRTC leaks are related to your browser and not to specific applications, the flaw can actually detect and transmit your real IP address, even when you are using a VPN.

An easy way to test for WebRTC leaks is to check your IP address before and after connecting to a VPN. You can use an IP test site like this to verify your address before connecting to a VPN server and afterwards. Your address should change, depending on which VPN connection you are using. If not, then it could be a sign that your browser is leaking your location.

Many VPNs have started offering their own protection against WebRTC leaks, but you can also use free ad blockers to manually block all local WebRTC leaks.

Maintaining VPN security requires constant vigilance and some caution, but if you follow these 5 tips, you are much less likely to have VPN-related security issues.