1. Numerous locations and unlimited server switches
The most popular use for VPNs these days is to unblock websites and access geo-restricted content. Whether you want to watch Hulu overseas or access Facebook in China, a VPN lets you enjoy your favorite websites wherever you go.
That said, it’s important to choose a VPN provider that has a wide range of server locations around the world. For example, if your media diet includes a healthy dose of Netflix, BBC iPlayer, and Rai TV, you’ll want a VPN provider that has servers in the U.S., UK, and Italy.
What’s more, you should expect your VPN provider to offer unlimited server switches. Some companies have servers all over the world, but limit the number of server switches allowed per day or month. The result? You could still be seeing those pesky “content is not available in your location” screens when you run out of server switches.
Morale of the story: Find a VPN service that not only covers the globe, but also gives you the flexibility to hop around it.
2. Long encryption keys and open standards
Unlimited server switches across dozens of countries may be great, but it means nothing if your VPN provider can’t keep you safe and anonymous online. A great measure of a VPN’s security capability is its encryption strength. Nowadays, the industry standard is 256-bit encryption, so named because it uses 256-bit keys.
With a key that is 2256 digits long, even if someone could use all the supercomputers in the world for a billion years to guess the key through brute-force hacking, they still wouldn’t crack the actual combination. Certificates, used to establish the authenticity of the connection, should be as long as 2048 or 4096 bit.Furthermore, check that the provider offers leading VPN protocols like OpenVPN and IKEv2. OpenVPN is the current gold standard and offers the best combination of performance and security.
Don’t get tricked by VPN providers who simply claim to offer “military-grade encryption.” If they don’t provide 256-bit encryption or don’t use OpenVPN, move on.
3. No logs
The point of using 256-bit encryption is to prevent governments, internet service providers, and hackers from accessing your internet traffic. But while that may protect your personal information from external parties, it doesn’t prevent your VPN provider from gathering your data for themselves.
The solution? Look for a VPN provider that does not keep logs on you. In particular, make sure they won’t log your:
- Browsing history
- Traffic data
- DNS queries
While virtually all VPN companies collect some user data (e.g. connection date and server location used) for maintenance purposes, you should make sure the information they collect cannot be used to identify you.
Also, check that the VPN provider runs their own DNS service—you don’t want your online requests to end up on someone else’s records. And if the VPN provider accepts Bitcoin payments, it’s another sign that they respect your anonymity.
4. VPN kill switch and split tunneling
Even if a VPN checks all of the boxes above, it could still suffer from an occasional dropped connection.
In the event that happens, make sure your VPN provider has a kill switch that cuts off internet traffic when the VPN connection fails. A VPN kill switch ensures no internet traffic can leave your device without encryption and is a necessary feature of any decent VPN.
For those looking for the whole package, check that your VPN has split tunneling.
Split tunneling lets you “split” your device traffic, sending some of it through the VPN and letting the rest access your local network. By using a VPN with split tunneling, you can secure all your internet traffic while retaining access to local network devices like your network printer.