<strong>Our recommended providers are outside the US, use encryption, accept Bitcoin, support OpenVPN, and have a no logging policy. <ahref="/providers/vpn/#criteria">Read our full list of criteria for more information</a>.</strong>
<p><strong><ahref="https://mullvad.net/">Mullvad.net</a></strong> is a fast and inexpensive VPN with a serious focus on transparency and security. They have been in operation since <strong>2009</strong>. Mullvad is based in <spanclass="flag-icon flag-icon-se"></span> Sweden and does not have a free trial.</p>
<p>Mullvad has <ahref="https://mullvad.net/en/servers/">servers in 35 countries</a> at the time of writing this page. Picking a VPN provider with a server nearest to you will reduce latency of the network traffic you send. This is because of a shorter route (less hops) to the destination.</p>
<p>We also think it's better for the security of the VPN provider's private keys if they use <ahref="https://en.wikipedia.org/wiki/Dedicated_hosting_service">dedicated servers</a>, instead of cheaper shared solutions (with other customers) such as <ahref="https://en.wikipedia.org/wiki/Virtual_private_server">virtual private servers</a>.</p>
<p>Mullvad's VPN clients have been audited by Cure53 and Assured AB in a pentest report <ahref="https://cure53.de/pentest-report_mullvad_v2.pdf">published at cure53.de</a>. The security researchers concluded:</p>
<pclass="mb-0">Cure53 and Assured AB are happy with the results of the audit and the software leaves an overall positive impression. With security dedication of the in-house team at the Mullvad VPN compound, the testers have no doubts about the project being on the right track from a security standpoint.</p>
<p>In 2020 a second audit <ahref="https://mullvad.net/blog/2020/6/25/results-available-audit-mullvad-app/">was announced</a> and the <ahref="https://cure53.de/pentest-report_mullvad_2020_v2.pdf">final audit report</a> was made available on Cure53's website:</p>
<blockquoteclass="blockquote">
<pclass="mb-0">The results of this May-June 2020 project targeting the Mullvad complex are quite positive. [...] The overall application ecosystem used by Mullvad leaves a sound and structured impression. The overall structure of the application makes it easy to roll out patches and fixes in a structured manner. More than anything, the findings spotted by Cure53 showcase the importance of constantly auditing and re-assessing the current leak vectors, in order to always ensure privacy of the end-users. With that being said, Mullvad does a great job protecting the end-user from common PII leaks and privacy related risks.</p>
</blockquote>
<p>In 2021 an infrastructure audit <ahref="https://mullvad.net/en/blog/2021/1/20/no-pii-or-privacy-leaks-found-cure53s-infrastructure-audit/">was announced</a> and the <ahref="https://cure53.de/pentest-report_mullvad_2021_v1.pdf">final audit report</a> was made available on Cure53's website.</p>
<p>Mullvad provides the source code for their desktop and mobile clients in their <ahref="https://github.com/mullvad/mullvadvpn-app">GitHub organization</a>.</p>
<p>Mullvad in addition to accepting credit/debit cards and PayPal, accepts <strong>Bitcoin</strong>, <strong>Bitcoin Cash</strong>, and <strong>cash/local currency</strong> as anonymous forms of payment. They also accept Swish and bank wire transfers.</p>
<p>In addition to standard OpenVPN connections, Mullvad supports WireGuard. WireGuard is an experimental protocol with theoretically better security and higher reliability, although it is not currently recommended for production use.</p>
<p>Mullvad supports the future of networking <ahref="https://en.wikipedia.org/wiki/IPv6">IPv6</a>. Their network allows users to <ahref="https://mullvad.net/en/blog/2014/9/15/ipv6-support/">access services hosted on IPv6</a> as opposed to other providers who block IPv6 connections.</p>
<p>Remote <ahref="https://en.wikipedia.org/wiki/Port_forwarding">port forwarding</a> is allowed for users who make one-time payments, and not allowed for accounts with a recurring/subscription-based payment method. This is to prevent Mullvad from being able to identify port users based on stored subscription information. See <ahref="https://mullvad.net/help/port-forwarding-and-mullvad/">Port forwarding with Mullvad VPN</a> for more information.</p>
<p>Mullvad has published <ahref ="https://apps.apple.com/app/mullvad-vpn/id1488466513">App Store</a> and <ahref="https://play.google.com/store/apps/details?id=net.mullvad.mullvadvpn">Google Play</a> clients, both supporting an easy-to use interface as opposed to requiring users to manual configure their WireGuard connections. The mobile client on Android is also available in <ahref="https://f-droid.org/packages/net.mullvad.mullvadvpn">F-Droid</a>, which ensures that it is compiled with <ahref="https://www.f-droid.org/en/2019/05/05/trust-privacy-and-free-software.html">reproducible builds</a>.</p>
<p>Mullvad is very transparent about which nodes they <ahref="https://mullvad.net/en/servers/">own or rent</a>. They use <ahref="https://shadowsocks.org/en/index.html">ShadowSocks</a> in their ShadowSocks + OpenVPN configuration, making them more resistant against firewalls with <ahref="https://en.wikipedia.org/wiki/Deep_packet_inspection">Deep Packet Inspection</a> trying to block VPNs. Supposedly, <ahref="https://github.com/net4people/bbs/issues/22">China has to use a different method to block ShadowSocks servers</a>. Mullvad's website is also accessible via Tor at <ahref="http://o54hon2e2vj6c7m3aqqu6uyece65by3vgoxxhlqlsvkmacw6a7m7kiad.onion">o54hon2e2vj6c7m3aqqu6uyece65by3vgoxxhlqlsvkmacw6a7m7kiad.onion</a>.</p>
<p><strong><ahref="https://protonvpn.com/">ProtonVPN.com</a></strong> is a strong contender in the VPN space, and they have been in operation since <strong>2016</strong>. ProtonVPN is based in <spanclass="flag-icon flag-icon-ch"></span> Switzerland and offers a limited free pricing tier, as well as premium options. They offer a further 14% discount for buying a 2 year subscription.</p>
<p>ProtonVPN has <ahref="https://protonvpn.com/vpn-servers">servers in 44 countries</a> at the time of writing this page. Picking a VPN provider with a server nearest to you will reduce latency of the network traffic you send. This is because of a shorter route (less hops) to the destination.</p>
<p>We also think it's better for the security of the VPN provider's private keys if they use <ahref="https://en.wikipedia.org/wiki/Dedicated_hosting_service">dedicated servers</a>, instead of cheaper shared solutions (with other customers) such as <ahref="https://en.wikipedia.org/wiki/Virtual_private_server">virtual private servers</a>.</p>
<p>As of January 2020 ProtonVPN has undergone an independent audit by SEC Consult. SEC Consult found some medium and low risk vulnerabilities in ProtonVPN's Windows, Android, and iOS applications, all of which were "properly fixed" by ProtonVPN before the reports were published. None of the issues identified would have provided an attacker remote access to a user's device or traffic. You can view individual reports for each platform at <ahref="https://protonvpn.com/blog/open-source/">protonvpn.com</a>.
<p>ProtonVPN does technically accept Bitcoin payments; however, you either need to have an existing account, or contact their support team in advance to register with Bitcoin.</p>
<p>In addition to providing standard OpenVPN configuration files, ProtonVPN has mobile clients for <ahref="https://apps.apple.com/us/app/protonvpn-fast-secure-vpn/id1437005085">App Store</a> and <ahref="https://play.google.com/store/apps/details?id=ch.protonvpn.android&hl=en_US">Google Play</a> allowing for easy connections to their servers. The mobile client on Android is also available in <ahref="https://f-droid.org/en/packages/ch.protonvpn.android">F-Droid</a>, which ensures that it is compiled with <ahref="https://www.f-droid.org/en/2019/05/05/trust-privacy-and-free-software.html">reproducible builds</a>.</p>
<p>ProtonVPN does not currently support remote port forwarding, which may impact some applications. Especially Peer-to-Peer applications like Torrent clients.</p>
<p>ProtonVPN have their own servers and datacenters in Switzerland, Iceland and Sweden. They offer adblocking and known malware domains blocking with their DNS service. Additionally, ProtonVPN also offers "Tor" servers allowing you to easily connect to onion sites, but we still strongly recommend using <ahref="https://www.torproject.org/">the official Tor Browser</a> for this purpose.</p>
<p><strong><ahref="https://www.ivpn.net">IVPN.net</a></strong> is another premium VPN provider, and they have been in operation since <strong>2009</strong>. IVPN is based in <spanclass="flag-icon flag-icon-gi"></span> Gibraltar.</p>
<p>IVPN has <ahref="https://www.ivpn.net/server-locations">servers in 32 countries</a> at the time of writing this page. Picking a VPN provider with a server nearest to you will reduce latency of the network traffic you send. This is because of a shorter route (less hops) to the destination.</p>
<p>We also think it's better for the security of the VPN provider's private keys if they use <ahref="https://en.wikipedia.org/wiki/Dedicated_hosting_service">dedicated servers</a>, instead of cheaper shared solutions (with other customers) such as <ahref="https://en.wikipedia.org/wiki/Virtual_private_server">virtual private servers</a>.</p>
<p>IVPN has undergone a <ahref="https://cure53.de/audit-report_ivpn.pdf">no-logging audit from Cure53</a> which concluded in agreement with IVPN's no-logging claim. IVPN has also completed a <ahref="https://cure53.de/summary-report_ivpn_2019.pdf">comprehensive pentest report Cure53</a> in January 2020. IVPN has also said they plan to have <ahref="https://www.ivpn.net/blog/independent-security-audit-concluded">annual reports</a> in the future.</p>
<p>As of Feburary 2020 <ahref="https://www.ivpn.net/blog/ivpn-applications-are-now-open-source">IVPN applications are now open source</a>. Source code can be obtained from their <ahref="https://github.com/ivpn">GitHub organization</a>.</p>
<p>In addition to accepting credit/debit cards and PayPal, IVPN accepts <strong>Bitcoin</strong>, <strong>Monero</strong> and <strong>cash/local currency</strong> (on annual plans) as anonymous forms of payment.</p>
<p>In addition to standard OpenVPN connections, IVPN supports WireGuard. WireGuard is an experimental protocol with theoretically better security and higher reliability, although it is not currently recommended for production use.</p>
<p>Remote <ahref="https://en.wikipedia.org/wiki/Port_forwarding">port forwarding</a> is possible with a Pro plan. Port forwarding <ahref="https://www.ivpn.net/knowledgebase/81/How-do-I-activate-port-forwarding.html">can be activated</a> via the client area. Port forwarding is only available on IVPN when <ahref="https://www.ivpn.net/knowledgebase/116/Port-forwarding-is-not-working-why.html">using OpenVPN and is disabled on US servers</a>.</p>
<p>In addition to providing standard OpenVPN configuration files, IVPN has mobile clients for <ahref="https://apps.apple.com/us/app/ivpn-serious-privacy-protection/id1193122683">App Store</a> and <ahref="https://play.google.com/store/apps/details?id=net.ivpn.client">Google Play</a> allowing for easy connections to their servers. The mobile client on Android is also available in <ahref="https://f-droid.org/en/packages/net.ivpn.client">F-Droid</a>, which ensures that it is compiled with <ahref="https://www.f-droid.org/en/2019/05/05/trust-privacy-and-free-software.html">reproducible builds</a>.</p>
<p>IVPN clients support two factor authentication (Mullvad and ProtonVPN clients do not). IVPN also provides "<ahref="https://www.ivpn.net/antitracker">AntiTracker</a>" functionality, which blocks advertising networks and trackers from the network level.</p>
<strong>Note: Using a VPN provider will not make you anonymous, but it will give you better privacy in certain situations. A VPN is not a tool for illegal activities. Don't rely on a "no log" policy.</strong>