What Encryption Protocol Does ExpressVPN Use?
With the prevalence of mobile devices and the growing demand for remote access, VPNs are no longer a luxury item available only to technologically advanced users. According to Statista, by 2025 over 500 million American consumers will use a VPN to protect their privacy and security while surfing the web.
While there are numerous benefits to using a VPN, one of the primary concerns for users is privacy and data encryption. In order to provide users with the security and privacy they need without exposing too much personal information, VPN providers have developed different types of encryption protocols that use different algorithms and modes of operation to encrypt and decrypt traffic. Knowing which encryption protocol your VPN uses can help you determine the level of privacy and security you’re getting.
In this blog post, we’ll review the various encryption protocols that ExpressVPN uses and how they work so you can choose which one is best for your needs.
OpenVPN
OpenVPN is one of the most popular and most used VPN protocols out there. Designed as a simpler and more user-friendly alternative to other VPN protocols, OpenVPN was first released in 2007 and has since become a standard part of any privacy-conscious internet user’s technology arsenal. The good thing is that OpenVPN is open source and free, which makes it entirely possible for users to protect their privacy and security without concern of cost or complexity. In fact, OpenVPN is so user-friendly that their apps are available for practically every major mobile and desktop operating system.
When connecting to an OpenVPN server, you’ll see the following message:
- Are you sure you want to connect to <your VPN> (“<your VPN>”) with this new connection?
- Are you sure you want to connect to <your VPN> (“<your VPN>”) with this new connection?
- Are you sure you want to connect to <your VPN> (“<your VPN>”) with this new connection?
This is a pretty standard message you’ll see when connecting to an OpenVPN server. After you enter your credentials, you’ll be presented with the following menu:
- OpenVPN
- Settings
- Locations
- Status
Here, you can adjust the settings for your VPN account including changing your name, email address, and other information that appears on your public profile. You can also select the physical location where you want your data to be stored when making a VPN connection. This is especially useful for those who use the service frequently in different countries as it allows them to select the location that has the best data rates for their needs. Once you’ve made all of these adjustments, click the Save button to lock in your settings.
L2TP/IPSec
Although not as popular as OpenVPN, the Layer 2 Tunneling Protocol (L2TP) and the Internet Protocol Security (IPSec) are also widely used protocols for VPNs. Like OpenVPN, L2TP uses a combination of algorithms to encrypt and decrypt traffic so it can be securely transmitted over a computer network. L2TP was created by the IETF (Internet Engineering Task Force) in 1995 and is now considered a standard protocol for VPNs. Like OpenVPN, L2TP is also based on the premise of mutual trust between two or more parties for security purposes. L2TP also uses port number translation – when a router receives a packet from a computer, it will automatically look up the corresponding port number for that computer and ensure the packet is forwarded to the correct destination.
IPSec is an improvement over L2TP in that it can be used to secure internet connections between two or more devices, such as a laptop and a smartphone. IPSec was originally developed by Microsoft as part of their VPN client and has since become a standard security protocol for VPNs. Like OpenVPN and L2TP, IPSec can also be used for encrypting and decrypting traffic between two or more devices. However, while L2TP and OpenVPN are designed to be as user-friendly as possible, IPSec was designed with security in mind and includes additional features for encrypting and decrypting traffic such as the usage of keys instead of passwords and Perfect Forward Secrecy – once a key is generated, it will never be used again, ensuring that no information can be retrieved by an attacker.
Keys are something you might need to generate manually in order to use IPSec but, like the other two protocols mentioned, generation isn’t difficult and can be done through a simple security code that must be entered every time a connection is made. You can find detailed instructions on how to generate an IPSec key on the website of the IETF (Internet Engineering Task Force).
TLS/SSL
The Transmission Control Protocol (TCP) and the Secure Sockets Layer (SSL) are part of the TCP/IP (Internet Protocol) protocol suite and are used for establishing a secure connection between a server and a client. Establishing a secure connection through TLS or SSL is similar to establishing a VPN connection but with one key difference. When you establish a secure connection through TLS or SSL, all of the traffic including personal identifiable information (PII) is encrypted before being transmitted over the internet. This means that not only can others not see what you’re doing or transmitting, but even the service itself cannot read your data. This level of security and privacy makes TLS/SSL a preferred choice for sensitive information such as credit card numbers, social security numbers, and other personally identifiable information (PII).
Before we began using VPNs, we would always worry about being hacked or having our data stolen. With the prevalence of WiFi hotspots and the growing number of people using their mobile devices on public networks, it’s important to protect our data wherever we go. As convenient as it is, most WiFi hotspots are unencrypted which means anyone sitting next to you or walking past you could potentially steal your personal information. Even if you use a password, it’s not a 100% solution. Luckily, there are ways to protect your data when using public WiFi including using a VPN.
When you connect to a WiFi hotspot that’s protected by VPN, you’ll see the following message:
- Welcome to <your VPN> (“<your VPN>”)!
- To protect your privacy and security, <your VPN> encrypts all traffic before sending it over the internet.
- To see why you should use <your VPN>, consider what would happen if one of your devices was hijacked.
- To see why you should use <your VPN>, consider what would happen if one of your devices was hijacked.
- To see why you should use <your VPN>, consider what would happen if one of your devices was hijacked.
In addition to encrypting all data sent over the internet, most VPNs will also allow you to make your own VPN connection through their app so you can use their service even when you’re not connected to WiFi. This is a great option for those who don’t want to be restricted to using only WiFi when they need to access the internet. Even when not connected to WiFi, you can access resources on the internet through your VPN app. This adds an additional layer of security to your internet connection since not only does your VPN encrypt all of your data but it also protects you from attacks by eavesdropping attackers or hackers even when you’re not connected to a secured network.
PPTP
PPTP (Point-to-Point Tunneling Protocol) is another tunneling protocol developed by Microsoft as an improvement over both OpenVPN and L2TP. One of the main reasons why Microsoft developed PPTP was to provide users with additional options for connecting to a VPN. Where L2TP and OpenVPN both use a point-to-point architecture to establish a tunnel for data encryption and decryption, PPTP uses a peer-to-peer architecture. This means that instead of using a single server for all of the PPTP tunnels, you’ll have a direct connection between two or more devices that are participating in the process of establishing a tunnel. The main advantage of a point-to-point architecture is that it makes it much easier for users to establish a VPN connection since all they have to do is follow the instructions given to them by the server.