Should I keep my VPN on all the time

Using a VPN might also cause you to see more CAPTCHAs than you’d like. As their name (Completely Automated Public Turing test to tell Computers and Humans Apart) implies, a CAPTCHA is a challenge-response test used to determine whether or not the user is human – you’ve seen them before, right?

Should You Leave Your VPN On All the Time?

Most of the time, yes, you should use your virtual private network (VPN)—but not always. It depends on what reasons you’re using a VPN service for in the first place. If you’re only using a VPN connection while streaming your favorite TV shows, then it makes sense to turn your VPN server on or off for those purposes (like turning it off when you want faster internet).

• When to leave on a VPN
• When to turn off a VPN
• Next steps

But if you’re using a VPN for privacy reasons or to keep yourself anonymous online, then you should keep it on all the time. Since your VPN is your best form of protection against hackers and helps keep your information private, it’s best to leave your VPN on whenever you’re on the internet.

When should I have my VPN on?

Below, you’ll find a short list of reasons to keep your VPN on, but there are many reasons we didn’t list. A VPN helps you maintain online privacy, security, and stay anonymous online, which is especially important in stopping hackers. But how often do you need to have it on?

Here are some of the most common scenarios where you should keep your VPN on:

1. When you are using public Wi-Fi
2. When you want to browse the internet privately
3. Whenever you’re doing online banking or shopping
4. To have more browsing freedom

Using public Wi-Fi

Number one is extremely important. Whenever you’re connected to public Wi-Fi, there’s a higher chance that someone else connected to the Wi-Fi can hack your personal data and IP address. In order to keep your information safe, it helps to use a VPN whenever you’re in public places.

It’s easy for hackers to steal information to your device by using MITM (man-in-the-middle) attacks. This happens when a hacker can essentially “stand” between your device and the Wi-Fi network you’re using. It only takes a hacker 15 minutes to steal your information when performing a MITM attack.1

In addition to being more susceptible to hackers, 34% of public Wi-Fi networks aren’t encrypted, making it even easier for someone to steal your data. 2 So long story short, keep your VPN on when you’re using public Wi-Fi.

Browsing the internet privately

If you want more privacy while browsing the internet, then you should definitely keep your VPN on. VPNs use encryption software to keep your information private. In 2017, Congress passed a bill that allows internet providers to sell your search history to advertisers. 3 Because of this decision, privacy is not a guaranteed right on the internet. If you want to be safe and keep your information private, invest in a good VPN.

Banking and shopping online

Whenever you do online banking or shopping, use your VPN. Online banking requires you to share sensitive information about your finances, various passwords, and bank account information. Don’t make things easy for a hacker by accessing this information without a VPN. Your sensitive data (including credit card information) needs to be kept private and protected.

Browsing freely

Another reason for keeping your VPN on is to have more freedom to browse. Whether it has to do with research for school or accessing websites that are monitored by the government, keeping your VPN on will prevent you from running into website censorship.

You can access the content you’re looking for by connecting to a country where it’s available. Just make sure you’re following your VPN’s terms of use policy and respecting the laws of the country you’re using.

Are there any reasons to turn your VPN off?

Slow internet isn’t always because of your internet service provider. A VPN will slow your internet speed slightly. Even though it’s hard to say if you’ll notice the difference, you might decide to turn off your VPN to improve your internet speed.

You will most likely notice slower internet if your VPN is connected to a server far away from you. In order to prevent this from happening, connect to a closer server. Some VPNs are known for their streaming capabilities. When you use these, it’s less likely you’ll notice a difference in your connection speed.

Turning off your VPN can help protect your battery life. Some VPNs are known for draining your battery faster, although this isn’t true for all VPNs. If your VPN is causing your network to timeout and making you sign in multiple times, it might be affecting your battery. In order to prevent this, make sure you use a VPN provider that’s reliable, tested, and trusted. NordVPN, Private Internet Access, Hotspot Shield, and ExpressVPN are all high-quality VPN clients that provide secure connections and give you lots of server options to choose from.

Turning your VPN on and off is helpful, depending on why you use a VPN. In order to protect your privacy and keep your information safe from hackers, it helps to just keep your VPN on. That way, you won’t forget to turn it back on when you’re using public Wi-Fi.

Should I keep my VPN on all the time?

Why would you want to keep your VPN enabled all the time? There are actually some compelling reasons to do this. We look at the pros and cons of an always-on VPN.

Marc Dahan Specialist in online privacy
UPDATED: February 8, 2023

I get asked that question often when discussing VPNs – and it’s a good question. While there may be a limited set of circumstances in which you may need to turn it off, my answer is that yes, you should keep your VPN on whenever you can.

We’ll get into the ins and outs of that position, but first, let’s provide a bird’s-eye view of what VPNs actually do.

What do VPNs do?

VPNs – and by VPN, I mean a trustworthy VPN – enhances your online privacy. This is an important distinction because, in recent years, the number of what I like to call “small & shady” VPN providers that cropped up is staggering. Most of them are not trustworthy. They tend to support obsolete protocols and collect truckloads of data on their users – defeating the point of using a VPN in the first place. On the other hand, a trustworthy VPN provider puts forth a clear no-logging policy, collects only the data necessary to fulfill its services, and focuses on providing privacy-preserving tools like kill switches and tracker blockers. Being an established player in the industry with a good reputation also helps.

VPNs enhance your online privacy by creating an encrypted tunnel between your device (smartphone, tablet, laptop, etc.) and the VPN server you selected. All traffic from your device is sent to the server through the encrypted tunnel from that point on. It is then decrypted by the server and forwarded to the website or service you requested. The response is sent back to the server, which delivers it back to you through the encrypted tunnel. The encryption makes your online activities much harder to track. But that’s not all.

The request came from the VPN server, not your device, as far as the website or service is concerned. So the website or service will assume your IP address is that of the VPN server. This already affords you some extra privacy. But online, your location is tied to your IP address. So as far as the website or service is concerned, your location appears to be the location of the VPN server, affording you some extra privacy.

You may have noticed that while I answered “yes” to the question, it’s somewhat tempered by my statement that you should keep it on whenever you can. That’s because there will be some situations where you may need to turn it off. I’d be inclined to minimize those situations, but they do exist.

Always-on VPNs for business

The advent of cloud services, such as Microsoft 365, Google Drive, and Salesforce presents a problem for businesses when most system security packages focus on defending a single site. Always-on VPNs provide a solution to this problem because, connecting each site and remote user through a central, cloud-based hub hosted by the VPN provider creates a secure virtual network across the internet.

Applying VPNs to sites and leaving them on all the time reconceptualizes the corporate network and makes it a flexible system that can easily extend worldwide. Cloud VPN vendors like Perimeter 81 use always-on VPNs as part of its corporate security solution. These are available in a site-to-site format and for individuals. A Zero Trust Access (ZTA) service in the package lets you add in access rights management to the VPN system, so the VPN app presents a menu of applications that the user can access rather than a list of VPN server locations.

Perimeter 81 Coupon
Save 20% on annual plans
Coupon applied automatically

Let’s start by looking at the benefits of an always-on VPN.

Benefits of an always-on VPN

Actual private browsing

Most web browsers today provide what they call “private browsing.” It may sound as if it enables you to browse the web anonymously, but it doesn’t. What it actually does is delete your web history and cookies once you close your browser. Your ISP can still see everything you’re doing online. That doesn’t mean it isn’t a nice tool, as long as you understand what it does.

But if you want to browse the web privately, a VPN will allow you to do that. As I mentioned above, a VPN will swap out your IP address and location to that of the VPN server. And the encrypted tunnel will make your activities much harder to snoop on by third parties. Also, most VPN providers supply their users with shared IP addresses. This mixes the traffic of all users of a given VPN server together and has the benefit of making it much harder to correlate specific traffic to an individual user, enhancing every user’s privacy.

However, if you want to remain anonymous while browsing the web over VPN, make sure not to log in to any online services, like your email or Facebook. As soon as you do that, VPN or not, you will be identified and will no longer be anonymous. Also, bear in mind that the cookies stored on your system could also be used to identify you even if you don’t log in to any services. So it’s best to use both a VPN and private browsing in your browser.

Here’s a small tip if you want to log into your services using a VPN: find a server in the same geographic region as your actual location and always use that server when logging into services tied to your real identity. That way, you can still benefit from the VPN’s encryption even though you won’t be anonymous.

Thwart location tracking

As mentioned above, when you connect to a VPN server, your IP address appears to be that of the VPN server you’re connected to. And your IP address is used to approximate your physical location. That means that if you connect to a French server from the United States, any websites you connect to will “see” you as being located in France, not the U.S. And you’ll benefit from location privacy even if you log in to different services. However, remember that insofar as VPN server IP addresses are public, the service you log into may deduce that you’re using a VPN and that your actual location is likely different.

Stay secure on public WiFi

Many businesses today provide free WiFi to their customers. Nice. But many of these are unencrypted, are vulnerable to Man-in-the-middle attacks, and could be used for malware distribution, to name a few caveats. Some of these free WiFi networks could also be malicious, such as rogue networks set up to emulate a legitimate network nearby (for example, Hotel_WiFi – legitimate network, vs. Hotel_WIFI – rogue network) in the hope that unsuspecting users don’t notice the difference and connect to the rogue network. As soon as you do, the operator of the rogue network can see everything you do online.

Access the open web in restrictive jurisdictions

Some countries have restrictive policies regarding internet access and actively block access to certain websites. China comes to mind with its Great Firewall, but there are others. Using a VPN may allow you to bypass these blockades because, once connected to a VPN server located in another, less-restricted jurisdiction, your traffic will be coming from the VPN server’s IP address, which is tied to its location rather than yours.

I phrased this section carefully – stating that a VPN may allow you to bypass the restrictions. I used the word “may” because the challenge will be actually connecting to the VPN server from the restrictive location. The countries that filter or restrict the internet have recently started blocking VPNs as well – or at least, non-State-sanctioned VPNs (which defeat the purpose of using a VPN). Some VPN providers will supply obfuscation tools for just that reason, which may help establish the connection.

My colleague, Paul Bischoff, wrote a comprehensive article in which he tests multiple VPN providers to see if they work in China – recommended reading.

Bypass filtering firewalls

Many organizations, from schools to businesses to government agencies, set up filtering firewalls on their networks for security reasons. So unless you manage to bypass the firewall, your internet access will be restricted. But a VPN could do just that. Once you’ve connected to a VPN server, your traffic is no longer bound by the firewall rules – your requests come from the VPN server now.

However, bear in mind that it may be challenging to connect to a VPN server. The network administrator may have blocked specific ports used by VPNs or certain VPN server IP addresses. If it’s blocking VPN server IP addresses and your VPN provider is included, you might be out of luck. If the firewall is blocking common VPN ports (such as 1194 for OpenVPN), you could try initiating the VPN connection over a different port. Many VPN providers allow their users to connect over a set of predefined ports rather than just one.

A common trick used to bypass restrictive firewalls is to use the OpenVPN protocol in TCP mode over port 443. OpenVPN can run in UDP or TCP mode. UDP is the default and is typically much faster than TCP because it lacks the verification and error correction that TCP uses. UDP sends the packets through the tunnel and hopes for the best without checking anything. When you use OpenVPN in TCP mode over port 443, your traffic looks just like regular HTTPS traffic, making it much harder to filter and bypassing the firewall.

Access content not available in your region

Some websites restrict content by geographic region. The most common example of this would be streaming sites, which have different content libraries per region. However, streaming sites have become a bit of an outlier in this category recently, and accessing these sites over VPN has become quite the challenge. I’ll be discussing accessing streaming sites over VPN lower down. For now, I’d like to omit streaming sites from this category.

Because using a VPN swaps out your device’s IP address for that of the VPN server and that your location on the internet is derived from your IP address, using a VPN makes you appear to be in a different geographic region and will typically enable you to access the geo-restricted resources (barring streaming sites) despite you not actually being in the location in question. So, things like certain web stores that only display their content to users with a local public IP address will be available to you.

Avoid bandwidth throttling

Some ISPs privilege certain types of traffic on their network. They achieve this by throttling (artificially slowing down) other types of traffic, typically P2P traffic and video streams. When you connect to a VPN, your ISP will see that connection. But afterward, it’s cut out of the loop. Once the VPN connection is initiated, your ISP will only see gibberish being sent between you and the VPN server due to the encryption. Because of that, your ISP cannot know what you’re doing online – the VPN hides your traffic from your ISP. If your ISP doesn’t know what type of traffic you’re generating, it can’t throttle it either.

Hence you can get a performance boost by using a VPN and enhanced privacy and independence from your ISP.

Note that a VPN won’t help if your bandwidth is being throttled due to hitting your internet plan’s data cap.

Stay secure even when using HTTP

While this may not be as relevant today as it was just a few years ago, I still felt it was worth mentioning. Typically, when you access the internet, you access it over one of two ports: port 80 or port 443. The main difference is that port 443 is encrypted using SSL (HTTPS), while port 80 is not (HTTP).

Most of the internet, in recent years, has moved to HTTPS, but there are still some websites (usually smaller ones) that use HTTP. And even on sites that do use HTTPS, some resources can be loaded over HTTP, and some sections of those websites may not be using HTTPS. A VPN’s encryption will keep your traffic secure regardless of whether a site uses HTTP or HTTPS. Again, while this may not be critical today, it affords you some peace of mind and is another good reason to keep your VPN on.

Stay safe by blocking ads, trackers, and malware *

Did you notice the little asterisk next to the word ‘malware’? It’s not a typo – it’s there for a reason. And it’s that not all VPNs provide nuisance and malware blockers.

Ads, trackers, and of course, malware funnel as much of your personal information as they can, can slow down your device, increase your consumed bandwidth, and, in the case of malware, can download and install viruses, trojans, and all that good stuff. Using a VPN that provides a blocker can significantly enhance your privacy and keep your device safe from malware – another compelling reason to use a VPN (that offers a blocker).

Pitfalls of an always-on VPN

So those are some of the top reasons I keep my VPN on all the time. But there are some pitfalls too. And I want to address streaming sites and VPNs here as well.

Speed hit

The biggest drawback to using a VPN is going to be speed. A VPN – any VPN – adds overhead to your connection, which translates into slowdowns. It takes time to encrypt outgoing data, decrypt incoming data, and route it all through the VPN server. If you’re using a high-quality VPN provider, chances are the speed hit won’t be critical, but it’ll be there – count on it.

So if you’re doing something online where speed is more critical than privacy, you may want to turn your VPN off until you’re done with that task.

CAPTCHAs and additional verification

Using a VPN might also cause you to see more CAPTCHAs than you’d like. As their name (Completely Automated Public Turing test to tell Computers and Humans Apart) implies, a CAPTCHA is a challenge-response test used to determine whether or not the user is human – you’ve seen them before, right?

Using a VPN may increase the frequency of CAPTCHAs and other verification mechanisms as you browse the web. This can happen for a few reasons, but it’s typically tied to suspicious behavior from the web server’s perspective. So it could be because the web server recognizes your public IP address as belonging to a VPN provider and wants to make sure it’s dealing with an actual human being. Or it could be because the service in question is trying to prevent unauthorized access to your account as it sees you logging in from various locations. Whatever the case, this can be a pitfall to using an always-on VPN.

Streaming

Finally, we get to streaming. Just a few years ago, accessing geo-restricted streaming libraries was pretty trivial. All you needed to do was connect to a VPN server located in that region and voilà, instant access to streaming content not available in your location.

However, streaming sites have begun cracking down on that practice in recent years, and streaming over VPN isn’t so easy anymore. While some providers claim to provide access, there may be a lot of trial and error involved – you may need to switch servers repeatedly until you find one that works. Larger and more established VPN providers are typically better equipped to provide access, but access cannot be guaranteed. Because of this, you may want to turn off your VPN when streaming as it won’t provide any benefits.

Some providers, like NordVPN, ExpressVPN, and Surfshark, manage to grant fairly consistent access, so it’s still possible, but only with a handful of VPN providers.

Conclusion

So there you have it. We looked at the pros and cons of having an always-on VPN. And I believe the pros outweigh the cons, as long as you’re into privacy and security, of course. But the internet is an increasingly hostile place, with no shortage of bad guys wanting a piece of your personal information. In that context, using a VPN feels like nothing more than common sense (I actually feel naked going on the internet without a VPN).

Still, each one of us has our own set of priorities and should make our own decisions. I just hope that this post can help others decide whether they want to keep their VPN on all the time or even if they want to use a VPN at all (I think they should).

Stay safe (and secure).

VPN access FAQs

Should VPN be on or off?

When you subscribe to a VPN you are not automatically protected. You need to install the VPN client, open it, and turn the VPN connection on. Many VPNs can be set up so that the client opens up when the operating system starts up. Most VPN clients also have a kill switch. This prevents the computer from connecting to the internet if there is no active VPN session. These two measures make sure that you always have your VPN on before accessing the internet. Just owning a VPN won’t protect you if it is turned off.

What happens if I turn off VPN?

If you turn off your VPN, you won’t have any protection when surfing the internet. It is a waste of money to pay for a VPN and not use it. Most VPNs are charged for at a fixed rate per month and are not metered. That means you pay the same amount of money whether you have the VPN on all the time processing a lot of data or if you have it off for the entire month. So, you might as well keep the VPN on all the time and get the best value out of your VPN spend.

Why you shouldn’t use VPN all the time?

There are some circumstances where the VPN can block your activity on the internet. This is usually the case when a website or Web service can detect the presence of the VPN and blocks access. The ideal solution to this situation isn’t to run without a VPN but to choose a VPN that can’t be detected. Not all VPN services are the same, so it pays to research which are able to get into the sites that you want to visit. This is why it is a good idea to read sites like Comparitech.com before signing up for a VPN.