A VPN is a powerful tool for boosting your privacy and circumventing geographic blocks or content censorship. However, if you really want to unlock the power that a VPN can provide, the default settings aren’t enough. This is especially true if you are using a VPN for work or business, where data security is critical. Luckily, a quick trip to the settings menu will turn your VPN from a good security tool into a great one.
Here’s a closer look at the most important settings you need to change for maximum privacy:
1. Kill Switch and Private DNS
(Credit: NordVPN/PCMag)
It’s easy to assume that once a VPN is connected, your IP address and browsing activity are hidden. While that’s largely true, it isn’t always the case. If your VPN disconnects suddenly, or if your device is still using your ISP’s DNS servers, you could be leaking data without realizing it. Here’s how you can avoid it.
Featured Deal
Most modern VPNs include a built-in kill switch. This feature blocks all internet traffic when the connection is lost, offering essential data leak protection. However, not all VPNs ship with the feature switched on out of the box. Some bury it deep in their settings, so it’s worth checking manually. Enabling the kill switch in the settings should be your first step toward securing your VPN.
Additionally, it is a good idea to switch to a private DNS. While many VPNs offer built-in DNS servers for privacy or ad-blocking, these are often locked behind premium tiers. Instead, consider switching to a privacy-focused DNS like 1.1.1.1 by Cloudflare. A privacy-focused DNS doesn’t log your browsing activity and is designed to avoid redirecting or filtering content.
Finally, most VPNs only support IPv4 traffic. Disabling IPv6 on your operating system prevents traffic from leaking out. While IPv6 is a modern internet standard, many VPNs don’t route IPv6 traffic through an encrypted tunnel. Turning it off closes that gap and ensures all traffic flows through the VPN as intended.
The Best VPNs We’ve Tested
2. Protocol
(Credit: NordVPN/PCMag)
A VPN protocol controls how your internet traffic is encrypted and tunneled. While the best VPN services use modern protocols to secure your internet, it’s still a good idea to double-check your settings. The right protocol maximizes privacy and can also increase your connection speed.
If your VPN supports it, WireGuard should be your default choice. This modern protocol is built for speed and supports more efficient encryption, making it lighter on system resources. Some VPNs have even built their own protocols based on WireGuard for better security and lower latency. If WireGuard is not available, OpenVPN is an excellent alternative. Some VPN providers may let you choose between UDP and TCP connectivity. While UDP is generally faster, TCP offers a more stable experience on flaky networks like public Wi-Fi.
Get Our Best Stories!
Your Daily Dose of Our Top Tech News
By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy.
Thanks for signing up!
Your subscription has been confirmed. Keep an eye on your inbox!
Avoid using PPTP and L2TP protocols, as both are outdated and prone to vulnerabilities.
3. Multi-Hop and Tor Over VPN
(Credit: NordVPN/PCMag)
A standard VPN uses a single encryption tunnel to route your traffic. While that’s an excellent starting point, you might want stronger anonymity, especially while traveling or working with sensitive information. In this case, a second layer of protection can help.
Many VPNs include dedicated servers for Multi-Hop or Double VPN connections. This routes your traffic through two VPN servers in different geographical locations for an added layer of security. Keep in mind that this setup can slow down your internet speeds and increase latency, making it less than ideal for streaming video or other bandwidth-intensive tasks. However, it can be a useful tool in your arsenal if enhanced privacy is your priority.
Recommended by Our Editors
Similarly, you may consider using Tor over VPN, which further enhances anonymity at the expense of speed.
4. Automation
(Credit: NordVPN/PCMag)
Mistakes happen, and it can be easy to forget to switch on your VPN. But if you’re trying to keep your activity private, even a brief lapse can expose your real IP address to your ISP. If you frequently find yourself in this position, setting your VPN app to automatically activate when you connect to an untrusted Wi-Fi network is a smart move. Most popular VPN apps include this option within the settings.
While you’re at it, consider enabling automatic updates. This ensures that your app is always up-to-date with the latest security patches and performance updates.
5. Device Security
(Credit: NordVPN/PCMag)
While your VPN can offer privacy by encrypting your internet traffic, it can’t always protect you from devices or apps leaking data outside the tunnel. For example, wireless peripherals like printers connected to your device can still leak data. Some of the most popular VPN apps let you block access to the local LAN for enhanced protection. This prevents peripherals, like printers, from connecting to your device while the VPN is on.
Additionally, you might want to consider hardening your entire home network by restricting all outbound traffic to go through your VPN tunnel. This usually means installing your VPN on your router. Don’t worry—it’s not as daunting as it sounds. If you still don’t want to, some VPN providers sell routers with their apps pre-installed, ready for you to use.
About Our Expert
Experience
I’m a seasoned journalist who has been writing about consumer tech for the last fifteen years, and dabbling in it for longer still. Outside of writing, you’ll find me nerding out over coffee, watching a horror movie, reading a sci-fi novel, or playing the latest heavy metal records.
Read Full Bio
