There are a Number of Ways to Make a VPN Even More Secure
We’ve already discussed the many advantages of using a VPN (Virtual Private Network). However, enjoying ultimate online privacy and anonymity is not always as simple as signing up and installing a VPN service. In this article we explain a number of ways to make your VPN more secure and thereby maximize your online anonymity.
Choose a VPN Wisely
When choosing a VPN, a critical factor is to make sure it does not keep logs of your activities.
Most VPNs on the market today will prevent your ISP and third parties from monitoring your traffic in real time, but if your VPN maintains logs of your activities, your ISP or third parties could get their hands on these logs by, for example, filing complaints to the VPN provider.
In contrast, the best VPN providers keep no logs of your activities. This way, they have no information to disclose to would-be snoops that could link your online activities back to you personally.
Pay with Bitcoin or other “Anonymous” Payment Methods
You can also make your VPN more secure by choosing one that lets you sign up by paying “anonymously”. This lets you pay for a VPN service without having to provide any personally identifiable information.
If you pay for a VPN with PayPal or a credit card, the provider will have these details on file and they could be potentially obtained by snoops. However, leading VPN providers accept payment by Bitcoin and prepaid credit cards.
Top Tip – to use pre-paid credit cards for “anonymous” payments, you have to buy them in person with cash
These payment methods don’t require you to reveal any personally-identifiable information about yourself. By paying “anonymously” in this way you ensure that the VPN has zero knowledge about you.
When using an anonymous payment method, use Tor (or another VPN) during the sign-up process. This way, your true IP address will never be used when interacting with your VPN provider. Truly, zero knowledge.
- read more about ‘Anonymous Payment Methods‘
Take Protective Measures Against Possible VPN Drops
Even the most reliable VPNs never achieve 100.0% up time and will fail at some point. If this happens, your IP address will be exposed and potentially your cover will be blown.
There are a number of measures you can take to protect yourself from those unpredictable situations, including kill switches and DNS leak protection.
Get a VPN with a Kill Switch
Firstly, you can choose a VPN with a so-called “Internet kill switch” feature. Enabling it will make sure that you are disconnected from the Internet if your VPN ever fails, even if only for a brief moment.
- see our detailed discussion about kill switches and connection drops
Kill Switch Software
There are separate software tools available that try to accomplish the same thing to make your VPN more secure. They monitor your VPN connection and will shut down the programs of your choosing if your VPN connection breaks. Despite the availability of these tools, we recommend you opt for a VPN with a kill switch feature built-in rather than rely on third party software.
Prevent DNS Leaks
DNS stands for Domain Name System. DNS is used to translate IP addresses such as 192.0.2.24 into more memorable domain names such as www.cogipas.com that people can actually remember, and vice versa (translating domain names into the IP addresses that computers use). Whenever you type a website’s domain name into your browser, it looks up that domain name’s IP address in a DNS server to connect to it.
When navigating the Internet under the cover of your VPN, your computer or device should resolve domain names through your VPN’s DNS servers, so that even your DNS lookups are private and protected within the VPN’s tunnel. However, some VPNs cut corners and do not do this.
In addition, sometimes your operating system may malfunction or be tricked into bypassing your VPN provider’s DNS servers and routes the request directly to your ISP’s DNS servers. This leaks your true IP address and potentially exposes you to snoops.
To make sure this doesn’t happen, carefully choose your VPN provider and ensure it doesn’t suffer from DNS leaks. To check, you can use these tools.
- our top recommended VPN (only $3.08/month) PrivateInternetAccess has built-in features to prevent DNS leaks
If you already have a VPN and it fails the DNS Leak test, switch from it as soon as you can.
Use Two VPNs at the Same Time
You can use two VPNs at the same time for doubled up protection. It’s actually much easier than it sounds.
You connect to one VPN and then to a second VPN without disconnecting the first. The first VPN will mask your IP address and encrypt your data, and then route your traffic to the second VPN which performs the same operations. This will slow you down, but literally doubles your protection.
- NordVPN (visit site | read our review) has a cool, built-in ‘double VPN’ feature which lets you accomplish this same technique at a single click
If you use VPNs that are based in different countries, or better yet in different continents, this really provides the maximum protection possible, but will impact connection speed.
Use Split Tunneling
Some VPN providers offer a Split Tunneling option. This novel feature allows you to choose what traffic to route through your VPN and what traffic to leave untouched and routed through your ISP.
- see our in-depth discussion about ‘Split Tunneling’
At first glance, splitting your connection in this way may seem like a bad idea. But the fact is it can improve your online anonymity.
If you log in to password protected accounts while using your VPN, you are essentially “admitting” that you were that (masked) IP address at that time. For example, If you use your VPN while torrent file-sharing, mass downloading files from the web, using Usenet newsgroups or streaming geo-blocked videos or other censored content, while at the same time accessing your social media or email accounts, traffic analysis techniques can make the link between these two separate activities that were “signed” by the same IP address.
A concrete example will help illustrate this. If IP address 192.0.2.24 was sharing a torrent and at the same time was also logged into the Gmail account of Bill Gates, it doesn’t take the NSA to conclude that it was Bill Gates that was sharing the torrent.
By splitting your connection, you can route through your ISP the online activities that can directly identify you personally (such as password protected accounts) while using your VPN to route the traffic you want to keep private and hidden. This gives you a separate IP address for each set of activities at the same time. In this way your VPN-enhanced anonymity will not be compromised through traffic analysis.
Route Related Activities through your VPN too
This measure follows similar logic to the Split Tunneling technique above. For example, if you use a VPN to conceal your IP address while downloading a video via torrent file-sharing, you should also make sure to use your VPN when downloading subtitles for the same video.
If you download the subtitles file unprotected without a VPN enabled, traffic analysis could link your downloading of the subtitles while unprotected to the video file you downloaded while protected by the VPN.
Related protected and unprotected activities are more easily correlated for rare content, but can also be effective for popular content in large enough quantities. If the data set is large enough, traffic analysis can be used to detect patterns in downloads even for very popular content.
Therefore, don’t think you are necessarily safe “in the crowd”. Use your VPN, not only for your sensitive online activities, but for everything related to them too.