Quote:
What is VPN and how it works?
Normally, if you want to browse the Internet, first you need to connect to your Internet Service Provider (ISP), which then forwards you to the desired website or other Internet resource. It means, all your Internet traffic goes through and can be viewed by your ISP.
A Virtual Private Network (VPN) allows you to connect to the Internet via a remote server run by a VPN service provider. All the data traveling from your computer, tablet or phone is transferred via an encrypted connection, also known as a VPN tunnel. That means all the traffic coming from your device is encrypted, so that it is no longer visible to your Internet Service Provider (ISP).
How secure and reliable is NordVPN?
NordVPN uses AES (Advanced Encryption Standard) with 256 bit-keys. In fact, it was used by the U.S. government to secure classified information and by the NSA to protect national security data, before it became the most frequently used algorithm in symmetric key cryptography. Now it is an ideal option for software applications, hardware, and firmware that require either high throughput or low latency.
Furthermore, NordVPN recommends two different security protocols that provide strong VPN encryption between your device and the server you have connected to. Usually, when you connect to one of the NordVPN apps, it automatically selects the encryption settings most suitable for your speed and security circumstances.
Here you will find more detailed information about each security protocol and NordVPN recommendations for choosing between different VPN encryption types.
IKEv2/IPsec
The most exciting addition to the NordVPN security protocol family is IKEv2/IPsec. It encrypts and secures users’ traffic by employing high-level cryptographic algorithms and keys. In addition to this, NordVPN utilizes NGE (Next Generation Encryption) in IKEv2/IPsec.
In fact, at the moment the IKEv2/IPsec security protocol cannot be cracked even by the strongest computers. Therefore, it provides military-grade encryption standards, stability, and high-performance speed. For these reasons, it is highly recommended by NordVPN and has been adopted as a default in the NordVPN apps for iOS and macOS.
OpenVPN
OpenVPN is a mature and robust piece of open-source software, which provides reliability, online security, and fast VPN experience. It is a versatile protocol and can be used for both TCP and UDP ports. Choose the TCP port as a more reliable option for accessing the web and UDP for faster online gaming and live streaming experience.
OpenVPN supports a high number of strong encryption algorithms and ciphers – to guarantee the protection of your sensitive data, we use AES-256-CBC with a 2048-bit DH key. It is currently used by default for Windows, macOS, and Android.
On the final note, these security protocols have their advantages and disadvantages in certain situations. However, both of them are recommended by NordVPN and are safe options to use if you are concerned with your online privacy and security.
Complete privacy with double VPN
Use double encryption to create an extra layer of privacy.
When a high level of online security and privacy is required due to censorship and strict Internet regulations, use Double VPN to encrypt your Internet traffic not once but twice.
Double VPN, also known as a process of chaining VPN servers, is a technology solution that allows hiding your online activity behind several servers via a VPN tunnel. As a matter of fact, the working principle is rather simple: you connect to the first VPN server, which in turn redirects all the traffic to another server, from which the online traffic reaches the final destination.
This way, the connection goes through two separate servers in different locations: the external IP address is changed and the traffic is encrypted once, and then it gets re-encrypted in the second server in another location.
In general, double encryption may not be necessary if you only want a secure access to censored content, streaming websites or specific media platforms.
However, the advanced VPN encryption feature can be extremely useful and even necessary when a high level of online security and privacy is required. That is especially relevant to all the journalists, political activists and bloggers working and living in countries with authoritarian governments along with a high level of Internet censorship and surveillance.
Luckily, by using Double VPN, you can create an extra layer of privacy, which follows from these premises:
the online traffic is encrypted not once but twice;
the second VPN server will not be aware of your real IP address since it was changed by the first server;
the final destination on the web will remain unknown, even though your ISP will recognize that you are using a VPN service;
the connections are mixed between UDP and TCP, which also increases the security level when you are browsing the web;
an extra layer of additional security is created.
Despite the many advantages and benefits double encryption provides in the context of Internet security and privacy, there are only a few service providers that support the Double VPN technology. Meanwhile, NordVPN offers it for all our clients at no extra charge.
To make it possible, we apply advanced encryption by using remote servers to create a VPN chain and increase your online privacy and anonymity. Currently, you can choose from several Double VPN combinations, including Canada-US, Netherlands-Russia, Sweden-Netherlands, UK-France, UK-Netherlands, and Taiwan-Hong Kong. If you wish to see the full selection, check our server list.
However, it is important to mention that advanced security features such as Double VPN may slow down your Internet speed due to the multiple layers of encryption. In some cases, the link between the two VPN servers is highly optimized – this way the time lost due to decryption/encryption can be simply compensated.
Nonetheless, it is important to mention that advanced VPN encryption is advisable and even required when a high level of security and online privacy is necessary due to censorship and strict Internet regulations.