IPVanish Review: This VPN's Security Issues and a Flawed Quick-Connect Feature Hold It Back
IPVanish will get the job done for your casual VPN needs, but a hostname issue found during DNS leak testing means you should look elsewhere if protecting your privacy is critical.
Attila Tomaschek
Attila Tomaschek
Attila is a Staff Writer for CNET, covering software, apps and services with a focus on virtual private networks. He is an advocate for digital privacy and has been quoted in online publications like Computer Weekly, The Guardian, BBC News, HuffPost, Wired and TechRepublic. When not tapping away on his laptop, Attila enjoys spending time with his family, reading and collecting guitars.
IPVanish is a good option for beginners and secure enough for casual VPN users.
IPVanish
IPVanish is a popular virtual private network that's fast and secure enough for casual VPN use. I was impressed with the user interface and how easy the VPN is to configure. I also like that IPVanish offers phone support and lets you connect an unlimited number of devices at once with a single account.
24/7 customer support with live chat and phone support
Don't Like
IPVanish identified during DNS leak tests
US jurisdiction
Supports PPTP
Buggy features with platform limitations
IPVanish is a great option for beginners and casual VPN users, but I do not recommend it for critical VPN use because of several issues I found. If you're a whistleblower or dissident, or if you want to use a VPN to evade censorship in a country where VPNs are banned or illegal, you should look elsewhere.
Otherwise, IPVanish offers an impressive service, especially for newer users looking for general online privacy. If you're interested in VPNs but aren't sure where to begin, IPVanish is a good starting point.
Speed
Average speed loss: 58%
Number of servers: 2,000-plus
Number of server locations: 75-plus locations across 52 countries
Number of IP addresses: 40,000-plus
I completed the latest round of IPVanish speed tests in March from my location in Ohio using the OpenVPN protocol.
Overall, IPVanish's average speed performance improved somewhat compared with the previous round of tests conducted by CNET's Rae Hodge in her 2021 IPVanish review. This time around, the average speed loss was 58%, compared with the previous 65%. My overall speed without the VPN averaged 363.64 megabits per second. With the VPN, my speeds dropped to an average of 152.34Mbps through IPVanish servers located in New York, the UK, France, Germany, Australia and Singapore.
Average speeds through New York came out to 258.17Mbps, while speeds through the UK averaged 119.55Mbps. Slower speeds to VPN servers located across the ocean are to be expected, but this steep of a drop in speeds while connected to the UK was disappointing; customers expect better performance from servers in high-demand locations like the UK. Speeds to the UK servers were erratic and inconsistent, fluctuating between 215.43Mbps and 57.3Mbps.
My average speeds to IPVanish's Australian servers came out to an impressive 183.72Mbps -- handily surpassing speeds to the UK, despite being about 6,000 miles farther from my location.
Average speeds to France and Germany came in at 165.49Mbps, which were also disappointing. The considerable loss here was due mostly to the French servers performing poorly.
Singapore registered the slowest at 35.61Mbps, which was a disappointment considering the speeds to Australia were so impressive.
IPVanish isn't the fastest VPN, but it's still fast and in the same ballpark as other big names like ExpressVPN -- which saw 51.8% speed loss in most recent tests -- and NordVPN at 53%.
Bottom line: IPVanish can give you more than enough speed for regular internet browsing, HD streaming and video calls.
During testing, I used IPVanish's Quick Connect feature, which claims to connect you to the best servers in IPVanish's network, based on current performance. But I probably would have gotten better speeds had I connected manually.
IPVanish puts its Quick Connect option front and center as you launch its desktop app. Three successive drop-down menus default to the option labeled Best Available for country, city and server. You can also change each menu independently. The feature is there so you can easily and automatically connect to the most optimally performing server available to you at the time you connect. However, I found the results to be disappointing.
Speeds to the UK and France were inconsistent and the speed drop was drastic, even though I was supposedly connecting to the best available servers in those countries. So I manually connected to a different server in France showing light user traffic and lower ping rates. My speeds increased fivefold: While connected to the designated Best Available server in France, I got speeds around 55Mbps; when I connected manually to a French server with a lighter traffic load, I got around 270 Mbps. Similarly, the Best Available feature connected me to the 45th best UK server in terms of traffic load.
When asked how the Quick Connect feature works, IPVanish said that the Best Available option relies on algorithms to connect you to a server.
"We use algorithms to determine the location closest to the user, we also have other algorithms to filter out servers with heavy load or even unusual large pings to make sure the best possible server is chosen," IPVanish said in an email. "There are also randomization selection algorithms of those best possible servers to avoid saturation."
That sounds good in theory, but it's not what IPVanish's customer service representative told me when I took my concerns to the live chat support while testing. The representative said the popularity of the function creates a high load on a single server, "So it is better to select the nearest server with [the lowest] ping for better performance and speed."
Translation: The feature often does the exact opposite of what it's supposed to be doing.
To be fair, I achieved excellent speeds to other locations using the Best Available connection option, which suggests the algorithm may work as intended at times. But it failed on too many occasions to be considered reliable -- a shame. The Quick Connect feature should enhance your experience with the product. Instead, it can mislead you into thinking you're getting the best performance out of your VPN when you're not.
Security and privacy
Jurisdiction: United States
Encryption: AES-256, Perfect Forward Secrecy
Leaks: DNS leaks detected
2022 independent audit found no logging
Obfuscation, killswitch limited on MacOS
In terms of security and privacy, IPVanish is a mixed bag: It'll do just fine to keep you safe from hackers and people after your browsing data, but don't count on it to keep you safe from entities that will bust you for using a VPN.
IPVanish's military-grade AES 256-bit encryption is consistent with the industry standard.
During my testing, the killswitch worked as expected on Windows. But if you're using a Mac, you'll only be able to enable the killswitch if you're connecting via OpenVPN. IPVanish's obfuscation feature, called Scramble, is also limited to OpenVPN connections.
IPVanish only offers the option to enable DNS leak protection on its Windows client. On its website, IPVanish mentions that its software provides built-in DNS leak protection by using private DNS servers to resolve web addresses.
I did not detect any IP leaks in any of my recent tests but, like reviewers at CNET's sister site ZDNet found, I also noticed that DNS leak-testing sites identified an IPVanish host when testing through servers in New York, Toronto and Singapore. This is concerning because even if your actual online activity may not be exposed, it can reveal your VPN usage to websites, schools or business network administrators, and any government authorities. It can also make it harder to overcome geoblocking on streaming sites. This also happened when I enabled the OpenVPN Scramble feature.
Following this review's publication, IPVanish VP of Strategy and Products Subbu Sthanu argued consumers can't hide VPN use because IP address ownership by a VPN is often publicly verifiable.
"Regardless of what the host name is, governments and businesses are very easily able to identify VPN usage by tracing the IP addresses. By using a simple, free lookup service provided by ipinfo.io, any consumer or organization can trace an IP address back to its owner and determine whether it is used by a VPN," Sthanu said in an email.
"In short, there is no way for a consumer to hide VPN usage."
On the contrary, the VPN providers we most strongly recommend all deploy a service that is sufficiently able to disguise VPN-based user traffic as non-VPN traffic. This process, known as obfuscation, effectively hides consumer VPN usage.
An IPVanish host was identified during my leak tests when connected to IPVanish servers in New York and other locations.
Screenshot by Attila Tomaschek/CNET
IPVanish says it keeps zero traffic logs or records of your online activities. To this end, IPVanish released in April an independent audit and certification by Leviathan Security Group, a Seattle-based security consulting and risk management firm.
"Leviathan found no evidence of logging of IPVanish user traffic, content, or destination addresses that would contradict or violate their published privacy policy," Leviathan wrote in the audit. "None of the distinctive port numbers, IP addresses, hostnames or other test data were found to have been logged anywhere on the system."
However, IPVanish's continued support for the severely outdated and unsecure PPTP VPN protocol gives me pause. The protocol is only available on Windows, and IPVanish recommends it only as a last resort for low-risk activities. But considering PPTP's many security flaws, it's curious to see a privacy-focused company even offer it as an option in the first place.
In his email to CNET, Sthanu said that would soon be changing.
"We have a negligible number of customers who actually use it today, and support for PPTP on Windows is scheduled to cease within the next few weeks with our upcoming version Windows app with the new (user experience)," Sthanu said.
Ultimately, IPVanish offers adequate security for casual VPN use... but we don't recommend relying on the service in situations where privacy is critical.
Support
24/7 live chat
Phone support in seven different countries
Ticket-based email support
Extensive knowledge base with setup guides
IPVanish offers more support options than most VPN providers. In addition to the standard 24/7 live chat, IPVanish offers telephone support in seven countries. Phone support is a great option to have, even if the majority of us prefer texting over talking to another human being.
IPVanish also offers ticket-based email support and an extensive knowledge base with FAQs and troubleshooting guides.
Overall, my experience with IPVanish support was largely positive, thanks to the agents' professional, friendly attitude. With IPVanish, you'll reliably have another human on hand to answer your questions.
Cost
Monthly subscription: $11 per month
Annual subscription: $48 for the first year, $90 after
30-day money-back guarantee on the annual plan
Payment methods: major credit cards and PayPal
IPVanish is neither the cheapest VPN nor the most expensive. You can get a nice introductory price for your first year of service of $48, billed in a single sum. After the first year, your subscription price will double to a much less competitive $90 per year.
If a yearly subscription isn't what you're after, IPVanish's monthly plan will set you back $11, which is on par with other VPN providers' monthly pricing.
IPVanish offers a 30-day money-back guarantee, but only on its annual plan. The guarantee is caveat-free -- with no sneaky hidden conditions or limitations based on usage that can void your refund. And as of now, you can pay via any major credit card or with a PayPal account. However, IPVanish says that new payment options are coming down the pike, including Amazon Pay, Google Pay and Apple Pay.
Update, April 25: This article has been updated to include a comment from IPVanish andnews about the rollback of the VPN's use of the PPTP protocol. It also clarifies wording about a hostname issue.