VPNs are powerful tools that can help you change or mask your IP address, hide your traffic from your ISP using an encrypted tunnel, and protect your sensitive data.
But does a VPN protect your passwords?
It’s a question worth asking because many websites and services nowadays require us to input a bit of information about ourselves like usernames and passwords.
Considering all of this, how well does a VPN protect our passwords and keep them safe from prying eyes? Read on to learn the answer to this important question.
How are your passwords stored?
→ Some devices store passwords as plain text. This mode of storage offers little protection in cases of hacks or cyber-attacks.
In this instance, it is easy to hack the user’s accounts – especially if multiple accounts use the same passwords.
→ Other devices store passwords using a cryptographically protected form.
This is more secure because, in cases of data breaches, the hackers will need a lot of time and resources to figure out the passwords.
→ Devices that are highly secure don’t store passwords at all. They use an advanced hash function or a modulus that sends typed passwords through a cryptographic hash algorithm.
Once the generated hash value from the user’s entry matches the one stored in the password database, the user successfully gains access.
How passwords are transmitted between devices and servers
Passwords are usually transmitted between devices and servers in plain text.
In this case, it is easy to intercept them as they travel over a network.
To stop interception, it is important to encrypt the communication between the device and the server.
It could either be the most common form – Transport Layer Security (TLS) or the older Secure Socket Layer standard (SSL).
These encryptions are noticeable when you visit a website. If the URL begins with “https” and there’s a padlock symbol in the browser. It means the transmission is encrypted and secure.
Risks associated with transmitting passwords
There are numerous risks that come with transmitting passwords over the internet, including:
1. Man-in-the-middle attacks
These types of attacks occur when hackers intercept an unsuspecting user’s internet connection.
When this happens, they can see all the information being exchanged between the user and any website they are interacting with. This includes passwords and other sensitive details.
The best way to prevent these attacks is to avoid connecting to unsecured networks like public WiFi. If you must do it, consider using a VPN every time you do.
Hackers and malicious users tend to trick unsuspecting people to type their passwords into insecure websites belonging to them.
Also, they can install a keylogger on a computer and have users use it.
With this, they have unrestricted access to confidential user information by tricking them to input their passwords or visiting insecure websites.
3. Password reset and recovery
In the same way, the actual account owner can request a password reset, a hacker can do exactly that.
Cybercriminals can act like actual owners in order to have access to the account by resetting the password.
That’s why it’s important to set up actually undisclosed security questions and set-up multi-factor authentication.
4. Credential stuffing
When data breaches happen, hackers will often try your leaked password on your other accounts to see if you reused the same login credentials.
Does a VPN protect your passwords?
Yes, a VPN protects your password to an extent.
You’re less vulnerable to leaking the data, including passwords, you send over the internet.
Once you connect to a VPN, it encrypts your traffic and online activities and passes them through a secure server tunnel where your ISPs, trackers, and hackers cannot have access to them.
VPN providers use different tunneling protocols to safeguard user data and they may include:
- Point-to-Point Tunneling Protocol (PPTP) – This is the oldest form and is easy to set up.
- Layer 2 Tunnel Protocol (L2TP) – Was developed to improve the PPTP using the upgraded version of Layer 2 Forwarding Protocol.
- OpenVPN – An open-source application that uses point-to-point or site-to-site connections that uses TLS and SSL for key exchange. It is one of the most secure encryption protocols used by VPN providers in recent times.
- IPSec – IP Security authenticates and encrypts data communications between the server and the client.
- IKEv2 – Internet Key Exchange version 2 is based on IPSec and is used majorly for VPNs on mobile phones.
- WireGuard – Lightweight but security-focused open-source protocol better optimized for speed and streaming.
However, using free VPNs with no adequate encryption protocols puts you at risk of data theft, leaks, and even brokerage.
This defeats the sole purpose of using a VPN which is to protect your passwords.
Also, using outdated encryption algorithms puts user data and passwords at risk as they are insecure and easily crackable compared to modern ones.
At this moment, the AES-256 bit is the most secure encryption algorithm. ChaCha 20 is also widely considered to be very safe and reliable. Consider getting a VPN that uses one of them.
How to protect your passwords better?
As you can already tell, VPNs are great for security, but they don’t do everything that’s necessary for 100% password protection.
There are a few sure ways to protect your passwords and further increase your security level online. These include:
1. Use a password manager
Password managers function like a bank that stores all your passwords in one place.
They’re more convenient because you only need to memorize your master password instead of a hundred different passwords.
Furthermore, most password managers help to generate strong and unique passwords, different from one another.
This increases your security level and makes it hard to guess or brute-force your passwords.
In addition, password managers allow users to store more than just passwords as they can also store credit card information and also enforce 2FA on certain accounts.
2. Enable 2-factor authentication everywhere
Using 2-factor authentication is another way to safely protect your data and passwords.
2FA is an electronic authentication method that verifies a user’s identity before granting them access to a website, an account, or an application.
It provides accounts with an extra layer of security, making it almost impossible to gain unauthorized access to accounts.
This verification mode uses either a passcode, a key, a phrase, or your fingerprint to grant access.
Using 2FA reduces the risk of unauthorized access to accounts, credit card theft, and fraud. It’s also secure and easy as requesting a new password via the support team can take long hours.
Even in a case of hacking, a user can have access to his/her account back through the use of 2-factor authentication.
Does a VPN protect your passwords? Yes, a VPN surely protects user passwords and other sensitive data with its encryption protocols.
This renders your information and data useless in the hands of hackers if they ever hack your VPN service.
However, it’s important to use premium VPNs, enable 2FA everywhere, and use password managers for complete protection.