VPN Kill Switch: What Is It and When Do You Need One?
Imagine that you're surfing the Internet with a VPN in total security until you suddenly notice that your connection was disrupted more than an hour ago. Any anonymity you might have thought you had has instantly dissipated, and, in the worst case, someone might have been following your activity. To prevent this from occurring, many VPN providers come integrated with so-called kill switches.
Should you have experience with VPNs, you might be familiar with this feature already. But why is a kill switch so important? Which VPN providers offer them? And how does it work? In this guide, we'll answer all of these questions and more.
What Is a Kill Switch?
You can imagine a kill switch like a digital circuit breaker built into a number of VPN clients.
It automatically severs your Internet connection whenever an unexpected disruption to your VPN tunnel is noticed. This is important, since VPN tunnels conceal your IP address and protect your anonymity; as soon as they disappear, your data and privacy are compromised, particularly if on a public WiFi network.
HideMyAss's kill switch can be toggled on or off.
Kill switches also ensure that you're immediately notified about any disruption to your VPN connection, preventing you from unknowingly surfing without its protection. But how do VPN tunnels fail in the first place?
Possible reasons for loss of a VPN connection:
Antivirus/firewall settings
Antivirus programs and firewalls ensure that only certain apps and programs can access the Internet from your computer or device. On occasion, these are known to be rather strict, preventing services that you've authorized or want to use from establishing Internet connections, such as VPN clients. In the event that your firewall is making life difficult for your VPN, you can manually whitelist it.
Router settings
Another possibility is that your router's configuration is preventing your computer from establishing a connection to a VPN server. Similarly, your router might need software updates.
Issues with the VPN protocol
VPN protocols determine how data is transferred between your device and the VPN server you've selected. However, not all VPN protocols are created equal, and for that reason, the one you've selected might destabilize your connection. At present, WireGuard and OpenVPN, are the two state-of-the-art protocols, so far as security and stability are concerned.
Poor connection
An unreliable or weak Internet connection can also create problems for a VPN. This is especially the case if you're trying to connect to a server that is geographically located very far away. Should this kind of problem frequently arise, try connecting via another WiFi network, or to a geographically closer VPN server.
How It Works
All kill switches operate on the same principle: As soon as an issue with your VPN tunnel is identified, the kill switch automatically severs your Internet connection. According to AVG, this process is comprised of four steps:
- Scan the network: The kill switch analyses the VPN connection in real-time, in order to immediately identify any changes.
- Identify anomalies: The moment that the network status or IP address unexpectedly changes, the kill switch trips an alarm.
- Block the connection: Next, either the Internet connection or a specified app or program's access to the web will be blocked (more on this in the next section).
- Reconnect: Once the VPN tunnel is again deemed to be secure, the kill switch re-establishes the Internet connection.
Two Types of Kill Switch
There are a number of different types of kill switches, however, these can be roughly divided into two categories:
- System level kill switch: With these, the entire Internet connection is severed when a disruption to the VPN tunnel is identified. This guarantees that no data leaves your device and also that your IP address remains invisible.
- App level kill switch: This type of kill switch allows you to choose which apps are disconnected from the Internet when activated. For example, you can specify that certain actions take place, such as the cessation of torrent downloads, if your VPN connection disappears.
Not every VPN service with a kill switch offers both options. The system level kill switch is more important and prevalent since it offers the maximum amount of security.
Why You Should Use a Kill Switch
Now that you know how a kill switch works, you're probably wondering why it's important?
If you're already familiar with VPNs, you probably are aware of their advantages. First of all, they provide enhanced security and anonymity online, protecting you, especially on public WiFi networks, from cybercriminals. The instant a VPN tunnel ceases to operate, danger can again strike, since all of its benefits immediately disappear.
Supposing that you weren't aware that your VPN connection had disappeared, you'd likely continue to behave as though it remained active, doing things you would never do without its protection. As such, surfing with a broken or non-working VPN connection is even more dangerous than knowingly surfing without a VPN.
How important a kill switch is depends largely upon what you use a VPN for. Should it simply be to circumvent region restrictions or geoblocking, it will likely be more of an inconvenience than a threat. On the other hand, if you're surfing on a public WiFi network, or transferring sensitive data, doing so over a VPN without a kill switch can be risky.
The feature is particularly important for:
- Those using public WiFi networks, and who want to protect their data from third parties.
- Journalists and/or whistleblowers, whose jobs, livelihood, or even life can depend on the anonymity VPNs provide.
- Those handling sensitive documents, such as lawyers.
- Those who use torrents, and don't want what they download to be visible.
Even if none of the above apply to you, it's advisable to activate the kill switch so that you'll never unknowingly surf without your VPN's protection.
How To Activate the Kill Switch
By default, kill switches are automatically activated in most VPN clients, however, this isn't always the case. For that reason, when configuring your VPN, it's a good idea to have a look in the settings. Most of the time, you can activate the kill switch with a single click.
VyprVPN's kill switch in its smartphone app.
Depending on the provider, kill switches can have different names. ExpressVPN, for example, refers to it as "Network Lock".
The Best VPNs With a Kill Switch
Kill switches have become part of the figurative VPN furniture, however, they aren't offered by every provider. Below, we'll introduce you to our Top 3 VPNs which feature kill switches, based on our comprehensive EXPERTE.com comparison of 22 VPN providers:
NordVPN
NordVPN was the overall winner in EXPERTE.com's VPN comparison. The service also secured first place in our speed ranking, offering excellent performance, high security standards, intuitive apps, and a solid catalog of features to boot. Among the latter is a kill switch, which can be configured to intervene at both the system and app levels. During testing, both worked flawlessly.
ExpressVPN
ExpressVPN is a popular VPN service, even though it's somewhat more pricey than other comparable alternatives. Still, you'll get a great-performing and highly user-friendly service possessing an excellent network of servers. Even though its kill switch is only a system level one, it still works perfectly.
Surfshark
Surfshark is one of the most affordable premium VPNs on the market, and in our eyes, offers the best price-performance ratio. Even though it costs significantly less than most of its immediate competitors, you won't need to accept any compromises in terms of performance. During our speed ranking, Surfshark came in just behind NordVPN, securing second place. Like ExpressVPN, it comes with a reliable system level kill switch.
Conclusion
A kill switch is a security mechanism that every VPN should come with. It ensures that your Internet connection is automatically severed should problems arise with your VPN tunnel, preventing you from unknowingly surfing without its protection.
Most VPNs come with an integrated kill switch, such as the Top 3 providers from our EXPERTE.com comparison: NordVPN, ExpressVPN, and Surfshark. Often, the kill switch is automatically activated by default, however, to be on the safe side, we recommend double-checking the client's settings when configuring your VPN for the first time.
To find out if a VPN makes sense for you, kill switch, or none, be sure to consult our guide.
FAQs
What is a kill switch?
A kill switch is an integrated VPN feature that makes sure you don't unknowingly use the Internet if your VPN connection has been disrupted. Generally speaking, these can be divided into two types: system and app level kill switches. The former sever your Internet connection, while the latter only prevents specified apps or programs from using the Internet in the event of a disruption.
Do I need a kill switch?
Kill switches are important since they prevent you from unknowingly surfing the Internet without the protection of your VPN tunnel. Even with the best VPN providers, connectivity issues can arise. Without a kill switch, the danger emerges that your VPN connection might be severed, but that you would remain connected to the Internet. If on a public WiFi network, this can make you vulnerable to digital attacks or surveillance.
How reliable is a kill switch?
Generally speaking, kill switches are very reliable. We tested the feature among each provider from our sample, and report the findings in our VPN reviews. Our experiences with most services were positive.
- NordVPN
- ExpressVPN
- Surfshark
- ProtonVPN
- HideMyAss!
- hide.me
- Private Internet Access
- CyberGhost
- Windscribe
- PureVPN
- VyprVPN
- Hotspot Shield
- IPVanish VPN
- Mullvad VPN
- VPN Unlimited
- PrivateVPN
- TorGuard
- TunnelBear
- ZenMate
- Avast SecureLine
- Perfect Privacy
- Avira Phantom