Don't put your privacy at risk. Make sure the VPN you're using includes a kill switch.
If your virtual private network doesn't have a kill switch, you need to find a different VPN provider. A kill switch is an essential VPN security feature that cuts your internet if your encrypted VPN connection drops out for any reason. This prevents your online activity from being exposed outside the VPN tunnel, which is important as that exposure can be dangerous in a lot of situations.
A VPN routes your internet traffic through an encrypted tunnel to a secure server in a location of your choosing. During this process, your visible IP address is changed to the IP address of the server you're connecting through. In addition to allowing you to access geographically restricted content, the VPN connection conceals your true IP address and your internet traffic from your ISP, government entities, cybercriminals and others who may want to snoop on you online. So if your VPN connection suddenly drops and there's no kill switch to act as a safety net to protect your data, you may as well not have a VPN at all.
Here's what to know about how a VPN kill switch works, why you need one and how to make sure your VPN's kill switch is working properly.
Read more: The Best VPN Services
No piece of technology is perfect, and even the best VPNs can have their connections drop from time to time. A VPN disconnection can happen for a number of reasons, including:
If your VPN disconnects, and you don't have a kill switch enabled, your internet connection will stay active, your true IP address will be exposed and your web traffic from the moment of disconnection will continue unencrypted. This could expose your online activity and compromise any sensitive personal data you may have been accessing while connected to the VPN, in addition to revealing your true location (based on your IP address).
This can be a headache if you're using a VPN to access geographically restricted content, but it can be downright dangerous if you're a dissident, activist, journalist, attorney, physician or anyone else using a VPN for critical privacy needs. Using a VPN without a kill switch is also risky for anyone in a region with strict government control over and censorship of the internet.
Read more: How We Test VPNs
When enabled, your VPN kill switch constantly monitors your VPN connection and scans for changes in your IP address or the status of your network. The kill switch will immediately engage and block access to the internet whenever it detects a change in the status of either. When you reconnect to a VPN server or the VPN tunnel automatically reestablishes itself, the kill switch will allow your internet to reconnect and will continue to monitor your VPN connection.
There are two different types of VPN kill switches: ones that work on an application level and others that work on a system level.
An application-level VPN kill switch allows you to choose specific applications on your device to kill in the event of a VPN disconnection. While certain applications will be blocked, any others connected that you didn't designate to be killed will remain connected and could potentially put you at risk. An application-level kill switch gives you a certain amount of flexibility, but you'll need to be mindful of what apps you do or do not choose to include. A system-level kill switch is a more secure option overall because it kills all network traffic on your device system-wide whenever it detects that the VPN tunnel has failed.
Some VPNs like NordVPN offer both an application-level and a system-level kill switch, while others like ExpressVPN only offer a system-level kill switch. ExpressVPN's Network Lock kill switch is enabled automatically, but not all VPNs with a kill switch have them enabled by default. If your VPN's kill switch isn't enabled by default, you can go to the settings section of your VPN client and activate it there.
To test your VPN kill switch, you'll first need to ensure your regular internet connection is working properly. Once you've confirmed your internet is working, connect to your VPN and enable the kill switch if not already enabled. Then, you can either disconnect from the VPN server or simulate a VPN failure by doing something like manually killing then reestablishing your network connection, closing then reopening your laptop, or activating and then deactivating airplane mode on your mobile device. If you notice that you've lost access to the internet or the apps you've flagged with your application-level kill switch have been closed, then your kill switch is working properly.
Alternatively, you can use an automatic page refreshing website like PageRefresher and add the following into the appropriate field: http://ip-api.com/csv
Then, set the page refresh time to one second. With your VPN disconnected, click Start and make note of your regular IP address that's displayed in the new window that pops up. Then, connect to your VPN (preferably to a server in another country) and click Start again. You should then see the IP address and location of the VPN server you're connecting through. Now, simulate a VPN disconnection and pay attention to what's happening in the page refresher window. If you see a "no internet" error message or something similar, your VPN kill switch is working as it should.
For more VPN advice, check out CNET's coverage on how to speed up your VPN connection, VPN red flags to look out for and what to know about VPN trackers.