20+ free VPNs rated side by side, 2017 list

Published by on July 12, 2017 in VPN & Privacy

Free VPN services are a dime a dozen these days. While we strongly recommend our readers purchase a subscription to a paid VPN service, we realize that many people, for any number of reasons, will opt for a free alternative. With that in mind, we’ve curated a detailed list of more than 20 free VPN services and the vital details you should know before installing them on your device.

See also: The best VPNs with free trials.

free vpn ratings 2

To be clear, we do not endorse every VPN on this list. We chose to look at these VPNs due to their popularity, not their quality. They appear at the top of Google results and app store rankings when searching for free VPNs. With over 800 VPNs available across all major platforms, this is obviously not a comprehensive list, but it should help guide your decision among the top contenders.

All of the VPNs in this list adhere to the following criteria:

  • They are either completely free or have a no-expiry free tier
  • They are virtual private networks, not just HTTPS or SOCKS proxies
  • They provide a VPN service and not just an app to connect to a third-party server

All of the information we’ve gathered is based on personal experience and published information on the respective VPNs’ websites and apps. Please remember that even if a free VPN service says it does not log activity or sell your data to third parties, we have no way to actually verify these claims. As the saying goes: if you’re not paying for the product, you probably are the product. We always recommend a reputable paid VPN provider over any free service for this reason.

The VPNs are listed in no particular order.

Tunnelbear

As far as free VPNs go, Tunnelbear is one of the more privacy-conscious. It keeps no logs and uses strong encryption, including perfect forward secrecy. The biggest limitation is on data, which is capped at 500MB per month. That’s right, per month, making Tunnelbear’s free tier only usable for occasional web browsing while on public wifi connections. You could easily burn through 500MB in a prolonged Facebook or Instagram binge while on the commuter train. You get 19 server locations, only one less than the premium tier that includes Australia. There are no trackers or ad injection. Apps are available for Windows, Mac, iOS, and Android. Torrenting is not allowed.

CyberGhost

CyberGhost is a privacy-focused VPN service with a free tier that promises all the functionality of a paid VPN service, but you’ll have to wait in line. To prevent server congestion and maintain a high standard of performance, free users must join a waiting queue before connecting to one of 15 server locations. Sometimes the queue will last for a few seconds, and other times a few minutes, depending on the time of day and how many other concurrent users there are. Once you’re connected, the only other limitation is on torrenting: it’s not allowed. CyberGhost uses strong encryption and keeps no logs. There’s no bandwidth or data limit. Apps are available for Windows, Mac, iOS, and Android.

We should mention, however, that a recent study (PDF) did give CyberGhost’s Android app a positive AV rank, meaning at least one antivirus program detected some malicious activity, but it did not meet the threshold for being considered truly malicious.

Hotspot Shield

Hotspot Shield is a freemium provider that has improved its privacy practices in recent years, but still isn’t perfect. The company records users’ source IP addresses, which could be linked to their device and identity, although no activity logs are explicitly recorded. OpenVPN connections are protected with 256-bit encryption. You can download up to 750MB per day, and there’s no bandwidth limit. Server selection is pretty much nonexistent in the free tier. You can only connect to the United States. The company’s privacy policy states it does allow advertisers to track users, but isn’t totally clear in what capacity. Torrenting is allowed, which is rare for a free VPN, just bear in mind the 750MB per day data cap.

Update: A privacy advocacy group has filed an official complaint with the US Federal Trade Commission (FTC) alleging that Hotspot Shield has been covertly injecting tracking cookies into users’ web browser to monitor their online activity. They also allege that the app hijacks HTTP requests to certain ecommerce websites, including Macy’s and Nike, and redirect users to affiliate websites from which they make money.

Betternet

One of the most popular options out there when it comes to free VPNs, Betternet can seem too good to be true. You get 256-bit or 128-bit encryption on the OpenVPN or IPSec protocol, respectively. The service keeps no logs. There’s no bandwidth or data caps. Some trackers are used, but the app won’t inject any ads into your browser. Only two server locations are available on the free tier. Apps are available for Mac, Windows, iOS, and Android. Torrenting is allowed.

It all sounds fairly reasonable and even enticing. But users should be aware that a recent study (PDF) gave Betternet’s Android app an AV rank of 13, meaning 13 antivirus programs detected malicious activity in the app. That makes it the fourth-most malicious app out of 283 tested. Not a good sign. Betternet’s website is also quite opaque about who operates it and what their background is.

VPN Gate

VPN Gate is a long-term “experiment” run by the University of Tsukuba in Japan. The network of servers is run entirely by volunteers around the world, the bulk of which are in Asia. Anyone can add their computer or server to the network and become a volunteer “node” for end users to connect to. It’s essentially a peer-to-peer network that piggybacks off of the SoftEther VPN client. While SoftEther runs on almost every major OS, the extension that simplifies the connection process to VPN Gate is limited to Windows. Other platform users will have to set connections up and update the list of available nodes manually. Those who host nodes cannot decrypt the traffic travelling through their computers, so users shouldn’t need to worry too much about malicious nodes intercepting their traffic. But the University of Tsukuba says it does monitor packet contents, i.e. web traffic, along with users’ source IP address and other details. VPN Gate can be forgiven for its bad logging policy since it’s for academic purposes, but users should still steer clear if they’re concerned about privacy. The main purpose of VPN Gate is to unblock censored content. Note that torrenting is not allowed, and there’s no support staff to help if you have trouble connecting. Getting connected can be a process of trial and error.

Spotflux

Spotflux uses OpenVPN on Windows, Mac, and Android, and IKEv2 on iOS. The OpenVPN connections are 128-bit SSL encrypted, but only when using a web browser. Spotflux has a lot of problems when it comes to transparency, and this is one of them. None of your traffic from other applications–torrent clients, Spotify, video games, etc–will be tunneled through the VPN on the free tier. This crucial detail isn’t mentioned anywhere on Spotflux’s website. The other big problem with Spotflux’s free version is that it not only uses tracking cookies for advertising purposes, it also injects advertisements into your browser. This might come as a surprise since Spotflux boasts about its ad blocking capabilities, but the privacy policy is clear:

“These third-party ad servers or ad networks use technology to send, directly to your browser, the advertisements and links that appear on the Spotflux [sic] These third parties may automatically receive your IP Address for the purposes of serving geographically contextual ads.”

Torrenting is not allowed. Apps are available for Windows, MacOS, iOS, and Android. Note that some reviews in the Google Play Store flagged Spotflux as being invasive or malicious.

Hola

Despite Hola‘s terrible record, it has somehow maintained its popularity. Hola relies on peer-to-peer infrastructure rather than centralized servers. This means your internet traffic travels through other users’ computers and, likewise, other users’ traffic travels through your computer whenever you have idle bandwidth and resources available. In one of the most famous cases of abuse in VPN history, this P2P network was once weaponized to turn all participating users’ computers into a massive botnet and carry out a distributed denial-of-service (DDoS) attack on a website. Because anonymous traffic is traveling through your computer as an Hola user, you could be held responsible for what that traffic contains, be it spam or child porn. Hola also sells your idle bandwidth through a sister company, Luminati.

Suffice to say, Hola should be avoided at all costs. We won’t even go into the specific technical aspects here. Just don’t use it.

Surfeasy

Surfeasy was acquired by Opera in 2015 and now operates Opera’s built-in VPN as well as its own standalone VPN service. Here we’ll discuss the latter, but many of the details apply to Opera VPN as well. Mac, Windows, and Android clients use the OpenVPN protocol and 256-bit encryption. iOS devices use the IPSec protocol and 128-bit encryption. The company doesn’t keep any identifying logs. There’s no bandwidth limit, but downloads are limited to a mere 500MB per month on the free tier, the same as Tunnelbear. Torrenting is allowed so long as you don’t exceed that 500MB, so you won’t get far downloading HD video. 16 server locations are available in the free tier. There’s no tracking libraries or ad injection to worry about, however this is not the case for Opera VPN, which we’ll discuss next.

Opera VPN

The so-called VPN that now comes bundled with Opera browser is at least partially operated by SurfEasy, a company that Opera acquired in 2015. But it does not include all of the same protections as Surfeasy. Opera owns and operates an advertising network, and that advertising network depends on collecting usage data in order to make a profit. When you use Opera VPN, the company still tracks what you do online and uses that data to sell ads, in particular by using the browser’s unique device ID.

Furthermore, “VPN” is actually a misnomer here. Opera VPN is a proxy that only tunnels traffic to and from the Opera browser. It will not tunnel the traffic from other applications or processes. Technically this does not meet our criteria, but we’ve included it because it’s very popular.

Windscribe

Windscribe offers users both a native VPN app and a Chrome browser extension and encourages users to enable both simultaneously, although that’s not strictly necessary. The service keeps no logs and features the strongest available encryption suite including 256-bit AES with perfect forward secrecy. Data is capped at 10GB per month on the free tier, which is a pretty large amount for a free service. Eight server locations are available, on which P2P filesharing/torrenting is allowed on some but not all.

The Chrome extension is an HTTPS proxy, not a VPN, that selectively routes your browser traffic through the remote server. It’s not as secure as a VPN but it will get the job done in most cases. There are no tracking libraries or ad injection to worry about. If you’re looking for a competitive free VPN, Windscribe should be at the top of the list.

Hide.me

Hide.me does not support OpenVPN on its free tier, but you can connect using L2TP, IKEv2, or SSTP (see our cheat sheet to understanding VPN protocols). All connections are protected with 256-bit encryption, although there’s no mention of perfect forward secrecy. The company doesn’t store any identifying logs. Data is capped at 2GB per month. Free users are guaranteed at least 3 Mbps, but paid tiers get priority on speed. Three server locations are available, and torrenting is allowed. Apps are available for Windows, MacOS, iOS, and Android. There are no trackers or injected ads. Overall, Hide.me deserves your attention if you’re looking for a free VPN.

Speedify

Speedify uses its own proprietary VPN protocol rather than OpenVPN or another traditional protocol, which it says is faster and better suited to mobile phones that frequently switch between wifi and a mobile data network. It’s protected using ChaCha, a beefed up version of TLS encryption used on many HTTPS websites. The service keep no logs and allows torrenting on a select few servers, but not its fastest ones. Data is capped at 1GB per month in the free tier. 35 server locations are available, which is more than you’ll find on many paid services. Apps are available for Windows, MacOS, iOS, and Android, though the company seems heavily focused on the mobile market. From what we can tell there’s no trackers or ad injection.

SecurityKISS

SecurityKISS is an Ireland-based VPN provider with both free and paid tiers. Free users get 300MB of data transfers per day. Windows and Android users can connect with OpenVPN using the SecurityKISS apps, but other platforms require third party apps or manual L2TP configuration. 128-bit Blowfish is used for encryption, which is slower and less secure than the newer AES standard, but should be enough protection for most users. SecurityKISS doesn’t require free users to register for its service, which means you can start using it without handing over any personal details. The catch is that the company logs the real IP address of your device to manage the data cap on each user. A bandwidth limit is also implemented as needed to make room for the paying users. Eight server locations are available. The company doesn’t make any specific comment about torrenting or P2P filesharing, although the terms of service say users should respect copyright laws. As far as we can tell there are no tracking libraries or injected advertisements.

ProXPN

ProXPN offers a free logless VPN service to desktop users on MacOS and Windows. The app connects using 512-bit Blowfish-encrypted OpenVPN. Free users are limited to 300 Kbps on the free tier and a single server int he US, but there is no data cap. ProXPN says it keeps no logs of any sort. It does not use trackers or ad injection to make money so far as we can tell. Torrenting is allowed. Despite the limitations, this is a secure free VPN we can recommend for light use on desktops.

Avira Phantom

Avira Phantom VPN uses OpenVPN on Windows and Android, L2TP/IPSec on MacOS and iOS. Users can use the apps on any platform without registration, but will be limited to 500MB of data per month. If you register, but don’t pay for a premium plan, that amount doubles to 1GB per month. Free users of the app also can’t enable the kill switch, which blocks all internet traffic in the event that your connection to the VPN server unexpectedly drops. Avira keeps no logs and uses 256-bit AES encryption on all connections. Free users get access to all 20 server locations, and there’s no bandwidth limit. Torrenting is allowed. Customer support is not available for free users. The app is free of trackers and ad injection.

Turbo VPN

Turbo VPN is one of the most popular VPN applications on mobile, particularly for Android where it has over 10 million downloads from the Google Play Store. And yet, we know almost nothing about it. The privacy policy notes that it does collect users’ real IP address. And while it says it doesn’t record activity logs, it does perform “real-time analysis of Internet and data traffic including destination websites or IP addresses, originating IP addresses.” The app has no website, instead directing users to its Facebook page. It offers scant technical information about its encryption standards and other details. No terms of service or end user license agreement is available. A who.is lookup shows Turbo’s parent company, All Connected, registered its website in the United States.

The Android app asks for an excessive number of permissions, including device app and history, identity, contacts, phone, photos/media/files in storage, device ID and call info, and more. Compare that to a paid VPN, which only asks for access to wifi connection info and network control, and you can see why we’re a bit sketched out by Turbo VPN. We strongly advise you to avoid this VPN.

Browsec

Browsec makes an encrypted proxy browser extension for Firefox and Chrome browsers as well as VPN apps for iOS and Android. Despite a professional-looking website, Browsec is not a provider we would trust. It offers zero technical information about the encryption standards used by its service. It’s logging policy is extremely vague, saying, “we have to automatically record some information from your web browser additional/or client software. The information does not identify the User personally. [sic]” That could be anything, so let’s just assume the worst to be safe. Free users are limited to 1 Mbps download speed and three server locations. We did not notice any extra ads in our browser during testing on Android, but we’re unable to confirm whether the app uses trackers. There’s some evidence in the Apple App Store page that the company is incorporated in Russia, which, if true, is probably the worst place from which to operate a VPN.

ZenMate

ZenMate‘s free version is limited to browser extensions for Chrome, FireFox, and Opera. These are technically HTTPS proxies, not full VPNs, which means they’ll only send traffic from your browser through the encrypted tunnel. DNS requests and data from other apps is not routed through the VPN. That means it can’t be used for torrenting or on mobile, for example, unless you pay. The browser extension encrypts your data with TLS, an updated version of SSL, which is the same encryption used on HTTPS websites. Zenmate keeps no permanent logs but might temporarily save your source IP address on its servers. There’s no hard limits on data or speed, but bandwidth might be throttled to make room for paid users. Free users have access for four servers. The service does not use tracking libraries or ad injection.

VPNBook

Everything about VPNBook seems a bit shady, and we don’t recommend using it. No one knows exactly who the people are that operate the service or where they’re from. VPNBook doesn’t make any apps, and simply provides PPTP and OpenVPN-enabled servers to connect to using third-party software. OpenVPN connections are protected with “encryption techniques such as AES-256 and AES-128”, although there doesn’t seem to be a set standard. You should be able to see what level of encryption is used in the .ovpn configuration file by opening it in a plaintext editor like Notepad. Six locations are on offer. The service is entirely free and asks for donations in Bitcoin. A paid tier used to be available but has gone missing. Torrenting is allowed on some servers.

The company’s sparse privacy policy says it doesn’t keep activity logs but does record users’ real IP address. In 2013, hacking collective Anonymous accused VPN Book of being a honeypot for law enforcement after logs from the provider showed up in court documents.

DotVPN

DotVPN doesn’t make a Windows or MacOS client yet and instead gives desktop users the option to use a browser extension for Chrome, Firefox, and Opera. This is actually an HTTPS proxy, not a full VPN, that uses TLS encryption, the same sort of protection you get on HTTPS websites. The iOS app uses IPSec encryption, while the Android app uses OpenVPN with 128-bit AES encryption. The company logs each user’s real IP address and stores it for 10 days. Data isn’t capped but speed is limited as needed to make room for paying subscribers. 12 server locations are available. Torrenting is not allowed on the free tier. There are no signs of ad injection or tracking libraries.

The criteria

Here we’ll explain each of the criteria in the table above by which we judge each VPN. All of the information is gathered from the respective VPN website, our own experience using the VPN, and other reliable sources.

  • Protocol is the way that a VPN client connects to the server. The VPN protocol helps determine the speed and security of a connection. Many VPNs offer multiple protocols. OpenVPN is considered the most secure, but IKEv2, SSTP, and L2TP/IPSec are also viable. We recommend avoiding PPTP, which is fast but has known security flaws.
  • Encryption is the algorithm and strength used to scramble data in the VPN tunnel. 256-bit AES encryption is generally the strongest you’ll find on any commercial VPN, although 128-bit AES and 448-bit Blowfish are also fine. We also mention if the VPN uses perfect forward secrecy, or PFS, which prevents past sessions of VPN traffic from being decrypted if the current encryption key is compromised.
  • Logs shows whether the VPN collects data on the user’s activity while they are connected to the VPN. This can encompass a lot of things, but we’re mainly concerned with activity logs–browsing history, purchases, videos watched, social media posts, etc–and the source IP of the user’s computer. Those should be off limits for any VPN provider that takes privacy seriously.
  • Data cap determines the amount of data you are allowed to transfer in a given time while connected to the VPN. Sometimes this includes all transfers, uploads and downloads, and other times it only refers to downloads.
  • Bandwidth limit refers to the maximum download/upload speed you can utilize while connected to the VPN.
  • The number of server locations is how many places you can connect to on the free version of the VPN.
  • VPNs that have waiting queues might force users to wait until sufficient capacity is available on a free server before connecting.
  • Some VPNs utilize tracking cookies to collect advertising data. These cookies are injected into users’ browsers when they use the VPN. This is a breach of privacy and is considered a negative.
  • Advertising injection occurs when the VPN places display ads into the user’s browser. This is a breach of privacy and is considered a negative. Note that this doesn’t include advertisements on the VPN app itself.
  • While all of the VPNs on this list are free, some offer a premium tier where users can pay to access more servers, removed bandwidth caps and data limits, and take advantage of other functions and features.
  • Platforms refers to the operating systems that apps made by the VPN provider are available for.
  • Torrenting uses up a lot of bandwidth and can cause legal issues for some providers, so it is banned on many free VPNs.
  • Support means you can ask for help if you’re having issues. We weren’t too strict on this point. So long as there’s some sort of customer service email address or ticket submission system, we gave this a “Yes”. We did not test each VPN’s support ourselves, so we cannot vouch for whether or not they actually respond.

Leave a Reply

Your email address will not be published. Required fields are marked *