You’ll often see Virtual Private Networks (VPNs) bragging about their “military-grade encryption” or advanced features. While this might sound impressive, these are vague terms that mean different things to different people. More importantly, by themselves, they won’t provide a suitable level of digital anonymity. We’ve taken a close look at one of the most-popular providers, NordVPN, to answer the questions that matter most: is NordVPN safe to use and is it actually as secure as it says?
Is NordVPN safe? The short version
NordVPN is actually one of the more secure services on the market. It uses uncrackable encryption, doesn’t support outdated protocols, and includes a wide range of tools designed to stop your data from being intercepted without your knowledge. Further, this VPN includes obfuscated servers that work in countries with extreme online censorship. It has undergone several independent audits to prove that it doesn’t keep any logs and that its apps don’t contain vulnerabilities that could expose your information to attackers.
WANT TO TRY THE TOP VPN RISK FREE?
NordVPN is offering a fully-featured risk-free 30-day trial if you sign up at this page. You can use our top-rated VPN with no restrictions for a month. This is perfect for anyone looking to see what all the fuss is about before committing to a longer subscription.
There are no hidden terms—just contact support within 30 days if you decide NordVPN isn't right for you and you'll get a full refund. Start your NordVPN trial here.
NordVPN security overview
It takes quite a lot of work to keep your online activities hidden from snoopers. Below, we’ll cover the basics of VPN security, explaining what each feature does, why it’s needed, and what NordVPN has to offer in each category
Encryption
Normally, whoever owns a network can monitor all of the traffic running through it. This means that employers, Internet Service Providers, and public hotspot owners can see exactly which sites you visit. Encryption prevents this by essentially scrambling your data. The problem is that there are many different ways to do this, and some encryption methods are easier to crack than others.
NordVPN uses 256-bit AES encryption on OpenVPN connections and ChaCha20 encryption on its own custom protocol, NordLynx (more on this shortly). These both use 4096-bit DHE-RSA keys and the SHA384 hashing algorithm, and support perfect forward secrecy. In simple terms, NordVPN’s encryption is uncrackable, so there’s no need to worry about anyone finding out what you get up to online.
Protocols
In simple terms, a protocol is a set of rules for ensuring your data is securely sent to and from the VPN server. Unfortunately, over the years, attackers have found weaknesses in some protocols (such as PPTP), meaning they don’t really offer any security benefits anymore.
For a long time, OpenVPN was the industry standard thanks to its high level of security, widespread adoption, and decent performance. Recently, more VPN providers are adopting WireGuard, which is both faster and easier to audit.
NordVPN supports OpenVPN connections, but wasn’t comfortable letting users connect via WireGuard as this protocol is still in development. Instead, it created its own protocol named NordLynx.
NordLynx is based on WireGuard but uses an advanced “double NAT” networking system to address some of the Wireguard’s underlying privacy flaws. Chiefly, NordLynx doesn’t store users’ IP addresses on the VPN server, even temporarily.
NordLynx isn’t open-source like WireGuard, but it does have a team of professional engineers ready to respond to any new vulnerabilities that are discovered.
Safeguards
So, your VPN is encrypting your traffic and it’s getting to the server safely. Next, we have to make sure that your activities remain hidden at all times. If the VPN doesn’t block IPv6 traffic, if it leaks DNS requests, or if your browser allows WebRTC requests, your real IP address and/or browsing history could be visible to anyone monitoring the network.
Most major VPNs include DNS and IPv6 leak protection, and they’ll suggest you manually disable WebRTC in your browser settings. NordVPN, on the other hand, protects against IPv6, DNS, and WebRTC leaks automatically.
Let’s say your connection to the VPN drops suddenly. Most devices will automatically default back to your unencrypted internet connection. However, it isn’t always obvious that you’re browsing the web unprotected. That’s why VPNs almost always include a kill switch that disables internet access entirely until you’re able to re-establish your VPN connection. NordVPN goes even further, allowing you to completely disable all browsing when the VPN isn’t active or to close specific apps in the event of an outage.
NordVPN can activate automatically if you’d like. For instance, you can connect to a specific server depending on if you’re on mobile data, ethernet, or wifi (and even designate trusted networks where this won’t occur). In other words, with the right setup, NordVPN can make sure that you’re protected wherever you go.
Additional tools
NordVPN has a few extra ways to give you control over your connection. First off, it supports split tunneling, which is when certain apps bypass the VPN entirely. This is helpful if you’d like to keep some activities private (e.g. torrenting) while engaging in others without the VPN. Alternatively, this allows you to stream your local Netflix library while ensuring none of the other sites you visit can see your real location.
Nord bundles in an easy-to-use Threat Protection feature that blocks ads, removes tracking information from links, directs users away from shady websites, and prevents sites from storing tracking cookies automatically.
Finally, there’s a tool called Meshet. This lets you route traffic from multiple devices through a single tunnel, even if they’re on completely different networks. Essentially, one of your devices can act as a home VPN server that other devices can safely access the internet through. Not everyone will need this feature, but it’s definitely good to have. For example, you could use it to host virtual LAN parties, securely transfer files between different PCs, or sign into a site with the same IP address, regardless of which device you’re actually using.
NordVPN privacy and auditing
Some VPNs keep detailed records of when you connect, how long your sessions last, and which sites you visit (even if they claim not to). NordVPN has a no-logging policy, but you don’t have to accept it blindly. It’s been audited multiple times by respected organizations like Deloitte and PwC and passed with flying colors on every occasion.
It is important to note, however, that NordVPN stores advertising IDs on mobile devices. This isn’t inherently a problem, but over time, this data could be used to identify you personally. Luckily, you can reset your advertising ID periodically in your device’s settings menu to sidestep this issue.
There are two other interesting features to discuss. The first is a dark web monitor that will let you know if your email address is leaked on a .onion site. The second are specially-configured obfuscated servers. These were expressly designed to hide the fact that you’re using a VPN while browsing in countries with online censorship, such as China.
NordVPN safety FAQs
Can I get into trouble for using NordVPN?
VPNs are legal just about everywhere in the world, so there’s no need to worry about getting into trouble unless you’re using NordVPN to commit crimes online. That said, some countries, including China, Russia, and the UAE, have restrictions on which providers you can use, and others (like Iraq and Myanmar) have banned VPN usage outright.
Disclaimer: Although we’ve spent hours researching this topic, we are not legal experts. As such, nothing we’ve said above should be taken as legal advice. We encourage you to consult local laws or perhaps even seek a professional’s opinion before attempting to use a VPN if you’re unsure whether doing so is legal.
Has NordVPN ever been hacked?
In 2018, NordVPN announced that one of its Finnish servers had been breached. This happened because one of the data centers that the company worked with hadn’t been properly configured. Once it learned of the problem, NordVPN immediately scrapped the effective server, cut ties with the third party, and began auditing its service.
An investigation gave no indication that anyone had monitored user activity, stolen credentials, or tried to decrypt anyone’s traffic. There was actually very little an attacker could do, as they didn’t have access to the correct decryption keys and the breached server didn’t contain any activity logs. On the plus side, NordVPN launched a bug bounty program as a result, so anyone who finds a vulnerability in the service moving forward can get paid.
Does NordVPN have a free trial?
NordVPN doesn’t offer a free trial but it does come with a 30-day money-back guarantee. In other words, you can sign up, use the service for a month, and simply cancel for a full refund if it fails to meet your expectations. Our experts tested this for themselves (using accounts not linked to Comparitech in any way) and were able to get a refund processed in a matter of minutes. There’s no fuss, no hidden terms, and no pestering you to stay.
Where is NordVPN based?
NordVPN operates out of Panama, a location with no mandatory data-retention laws. Accordingly, this service refuses to log any identifiable data and can’t provide details of your activities to anyone. Assuming someone sent a legitimate legal request and NordVPN’s appeal was denied, the most it could give investigators is your email address and payment information.
Of course, there’s nothing forcing you to sign up with your real email address. NordVPN accepts plenty of anonymous payment methods, from Bitcoin to gift cards. It’s possible to register anonymously and reduce the risk of anyone finding out what you do online.