When you opt for a VPN, you must understand that this service will virtually replace your ISP. You’ll still receive Internet access from your ISP, but the VPN will always be between you and your ISP, acting as a middleman. So, instead of your ISP getting to see everything you do online, now it’s your VPN that plays this part. Barely. Mostly because trustworthy VPNs are privacy-oriented, so they wouldn’t risk jeopardizing their customers’ trust for a sneak-peek. But before we get to the problem itself, we need to understand how a VPN works.

How does a VPN hide your private data?

Normally, your default, insecure connection goes through your ISP’s infrastructure. Since your ISP runs all the servers and routers within that infrastructure, they get to see everything you do online. Ranging from the websites you visit, to how much time you spend on each website and which files you’ve downloaded from where, your connection is pretty much transparent to them. Long story short, your ISP can see every bit of unencrypted information you send through their network. It goes without saying that they can’t see SSL-encrypted data such as usernames, passwords, and anything else you post on HTTPS websites. A VPN simply shields your regular traffic from your ISP by encrypting it. Therefore, your ISP won’t be able to see even regular, non-encrypted things such as visited websites or how much time you spend on them, much like they can’t see SSL-encrypted stuff. However, your VPN can now access to your data. That’s why it’s important to take your time while choosing a VPN since you’ll need to trust it more than you do your ISP.

Can VPN see your passwords?

As we’ve said before, your VPN plays the role of your ISP to a certain degree. Thus, your VPN can now see everything your ISP used to be able to see: visited websites, downloaded files, and such. However, remember how we told you that your ISP can’t see SSL-encrypted traffic such as usernames and passwords that you submit to HTTPS websites? Well, your VPN can’t see those, either. So you can rest assured that your VPN doesn’t magically break SSL encryption, even though they can see most of your online activity. Passwords fall under that category. Therefore, VPN can’t see your passwords. However, if you’re using a sketchy service (most free ones should be avoided), you might put yourself at risk.

Sketchy VPN services might put you at risk

We’ve already established that VPNs are already the middleman in our scenario. If you’re unfortunate enough to land a mischievous provider, your VPN might trick you into accepting a false SSL certificate. The good news is that such events rarely take place, and they can be easily avoided, too. Just steer away from unknown services, free ones, or generally ones that you don’t know much about. Simply put, you can’t trust free VPNs with your personal data. If you don’t know where to start, check out our best VPN recommendations. All of the services there are trustworthy and won’t pull any fake-certificate schemes on you.

We recommend Private Internet Access, a VPN with a no-log policy, open source code, ad blocking and much more; now 79% off. Name * Email * Commenting as . Not you? Save information for future comments
Comment

Δ