Sometimes standard VPN encryption just isn’t enough to protect your sensitive data. Luckily, several top-tier VPN providers offer multi-hop encryption as an option to users who need the ultimate in cybersecurity. Today, we’ll cover just what benefits a “double VPN” service provides, plus how to use it to enhance your privacy online.
Virtual private networks, usually shortened simply to “VPNs”, are rapidly becoming an indispensable tool for protecting our online identities and preserving Internet privacy. Using a VPN is generally a straightforward process, but when it comes to the finer details of web security, even VPNs can get really complicated, really fast.
One of the common buzzwords surrounding new services is the concept of a multi-hop VPN, sometimes called a double VPN. This feature adds an extra layer of encryption and anonymity by “bouncing” your signal through multiple nodes, thereby making it even more difficult to trace or crack your encrypted Internet activity.
Do you really need a multi-hop VPN, though? What benefits does it offer over standard VPNs, and which services deliver the best multi-hop experience? We’ll explore all of this and more in our featured guide below.
Basics of VPNs and Internet connections
Understanding VPNs and multi-hop features doesn’t take an advanced degree in computer science. We’ll cover the basics of how Internet traffic and VPNs work below so you can get a firm grasp on the terminology.
How standard VPNs work
A normal VPN works like a private tunnel between your device and the world wide web. It encrypts traffic leaving your local hardware, sends it through anonymizing servers, then receives encrypted traffic coming from the Internet. The entire process takes only fractions of a second, but it can dramatically alter your relationship with the online world.
To understand how VPNs operate, think of your ordinary interaction with the web. Let’s say you open a browser and type in addictivetips.com. What happens on a standard connection, and how does that change with a VPN? Below is a simplified look at each of those scenarios.
Standard route with no VPN:
- Data is sent from your device in a raw format without any protections
- Information passes through your ISP’s network and is routed to the Internet
- Data comes back in the same manner and returns to your PC/smartphone
Encrypted route with a VPN:
- Data is encrypted on your device by VPN software
- Encrypted data packets are sent through your ISP’s network to the VPN’s servers
- Packets are decrypted by the VPN network and sent to their destination
- Information returns to the VPN, is re-encrypted, then sent through your ISP
- Data packets reach your device and are decrypted by the VPN software
Problems with normal VPNs
The encrypted setup describe above provides a ton of online security. It’s more than sufficient for the vast majority of web users, and it operates without slowing down traffic too much, or getting in the way of daily online routines, too.
There are some weaknesses to the VPN methodology, however. If the service is compromised, whether by insiders working for the VPN themselves or by government agencies demanding secret records to be kept, your privacy could be destroyed without your knowledge. It’s also possible for hackers to correlate traffic going into a VPN’s server with the traffic that comes out, making it theoretically possible to find your location/identity even without decrypting the content.
Another overlooked issue with standard VPNs is logging. While most trustworthy services promise a strict zero-logging policy on traffic, there’s very little in the way of third party verification for these practices. In other words, no one is making sure the VPN follows through with their logging policies, so you’re not guaranteed to be secure in this scenario.
Multi-hop VPN technology
Now that you’re familiar with how VPNs do their thing, let’s take a look at multi-hop technology to see why it’s so unique.
How multi-hop works
Multi-hop VPNs aim to eliminate the problems associated with traffic correlation and reliable logging by introducing a new way to route traffic. Instead of one layer of encryption and one anonymous server handling data, multi-hop VPNs encrypt everything twice and send it through two servers. The process looks something like this:
- Your data is encrypted on your device by the VPN’s software, as normal
- Data is encrypted a second time on your device, increasing its security exponentially
- Encrypted data is sent to the VPN network via your ISP
- The outer layer of encryption is decoded by the VPN service, leaving the second layer intact
- Data is sent to a separate VPN server unrelated to the first
- The final layer of encryption is unlocked and the data is sent to the world wide web
- Data returning to the VPN network is then encrypted twice and routed through two servers before being sent through your ISP and back to your device
Why is multi-hop more secure?
Multi-hop VPNs are often called double VPNs, as they create a sort of tunnel within a tunnel that bypasses traditional problems of traffic correlation.
In a standard VPN scenario, your ISP or a cyber criminal could monitor incoming and outgoing traffic and use that to sniff out your identity. In the case of multi-hop, though, these third parties can only see data going into the first server, not the second. This makes it impossible to come up with any kind of traffic correlation, as no one can match data from multiple anonymized and encrypted sources.
Faulty logging policies and spying websites are also thwarted by multi-hop technology, much in the same way as ISPs and cyber criminals are defeated. The addition of a second layer of encryption and a second VPN server makes it impossible for traffic feeds to be associated with any single account, allowing for greater privacy and increased security.
Defeating censorship with multi-hop
One of the side effects of double VPN technology is the ability to bypass censorship walls in a variety of situations, including office, university, or even government-level firewalls. In fact, many people use multi-hop VPNs to access the open Internet in places like China.
The way this works is pretty simple. Censorship firewalls look for traffic’s origin and destination to decide whether or not to allow the connection. If you’re in China, for example, local ISPs may block traffic going towards U.S.-based sites. Trying to connect directly to VPN servers in the U.S. won’t bypass this, even with encrypted data packets.
Instead of a direct connection, try using multi-hop. This allows you to connect to a safer, allowed location first, such as servers in Europe, Canada, or Asia, then route your traffic through a U.S. server as the second “hop”. The censorship firewall thinks you’re accessing from one server location, while the destination site thinks you’re accessing from another.
Disadvantages of multi-hop VPNs
The added security and privacy delivered by multi-hop VPNs doesn’t come without a few drawbacks. Overall, double VPN users can expect increased latency due to the added distance data travels, lower speeds, and higher demands on their hardware from all the encrypting and decrypting that goes on.
While multi-hop can provide some protection against dubious zero-logging policies, it can’t guarantee your privacy. For this reason, you should still avoid free VPN providers and any company that doesn’t have a stellar reputation among the online privacy communities.
Finding the best multi-hop double VPN
Convinced multi-hop VPNs are for you? We checked out loads of reliable, top of the market VPNs and evaluated them on a variety of factors, including the strength of their multi-hop features. Our criteria and recommended selections are below.
Evaluating multi-hop VPNs
Every VPN promises the best online privacy features, fastest speeds, and easiest to use software. When it comes to locking down your data with multi-hop technology (double VPN), however, only a few services deliver on those promises. We used the criteria below to evaluate the world’s top VPNs to find out which ones measured up to our expectations.
- Reliable multi-hop features – Does the VPN offer multi-hop? If not, it’s off the list!
- Extra security features – Better encryption and alternative port selections can be extremely useful for locking down your information.
- Fast speeds – Only the best VPNs maintain high server speeds. Make sure yours is one of them, or be prepared for laggy streams and slow downloads.
- Zero-logging policy – If a VPN doesn’t have a zero-logging policy, it’s potentially harmful to your privacy. The safest kind of logs are the ones that don’t exist to be potentially used against you.
NordVPN – Best multi-hop VPN
NordVPN is a popular VPN that runs a fast and impressively large network of servers. Joining gets you instant and unlimited access to over 5,500 servers in 58 countries, all available without a single limitation placed on bandwidth, speed, or server switching. This massive amount of variety delivers great speeds no matter where you connect from, ensuring you always have a fast connection ready to go.
NordVPN’s software comes with everything you need to stay safe online. This includes strong 256-bit AES encryption, DNS leak protection, an automatic kill switch, and a zero-logging policy that covers time stamps, DNS requests, IP addresses, and traffic. It’s extremely easy to set up and use on all of your devices, too, as the VPN supports PC, Mac, Linux, iOS, Android, and other platforms by default!
NordVPN’s multi-hop feature is called “double VPN” or “double encryption”. Anyone can use it by switching to one of these unique servers at any time. You can also take advantage of DDoS protection and onion over VPN routing for added security.
Read our full NordVPN review.
- Best Budget Choice
- Extensive server park of over 5,400 different servers
- Zero leaks: IP/DNS/WebRTC
- Strict zero logs policy on both traffic and metadata
- Money back guarantee policy.
- Some servers can have average d/l speeds
- Apps can be a bit cumbersome to use.
Multi-hop and Tor – What’s the difference?
If you’ve been around the online privacy scene for a while, you might notice that multi-hop VPNs and onion routing (Tor) sound pretty similar. While it’s true that the technologies share some features in common, each one has a decidedly different use-case scenario you should be aware of.
Onion routing vs multi-hop
Multi-hop VPNs are largely designed to bypass censorship walls and defeat traffic correlation attacks. The manner in which they do this adds extra anonymity and security, but that’s merely a side benefit, not a core goal.
Conversely, onion routing through programs like the Tor Browser was built for top shelf anonymity. Instead of twice the encryption and routing traffic through two servers, Tor does this a minimum of three times, often as many as five. This means a third layer of encryption to peel back and a third anonymous server to pass traffic around the world, making its anonymity practically unbeatable.
Tor carries the downside of being incredibly slow as compared to a standard Internet connection. It’s even slower than VPNs and multi-hop VPNs, largely due to the number of nodes traffic passes through along with the overall quality of those servers. Many websites and government agencies also specifically block Tor exit node traffic, rendering its censorship-breaking powers moot.
Want to learn more about Tor and onion routing? Check out our complete guide to using Tor.
Using Tor with a VPN
If using a VPN carries some drawbacks, and using the Tor Browser has drawbacks, too, what would happen if you combined the two? The results aren’t always favorable, and many security experts debate whether or not it adds any effectiveness. Still, it’s technically possible to use Tor with a VPN, but only if you value privacy over performance.
Running Tor alongside a VPN encrypts data and sends it to the VPN first, then through Tor’s anonymizing network. This could make it more difficult to monitor exit nodes for traffic correlation, though it comes at the cost of losing a ton of speed. This method is generally reserved for journalists traveling in censorship-heavy areas who need to transmit a small amount of information overseas without getting caught.
Is multi-hop really worth the effort?
Double VPN services, or multi-hop VPNs, add quite a bit of privacy and anonymity to your daily surfing activities. It’s a give and take relationship, however, as there are drawbacks paired with almost all of the advantages. Here’s a quick overview of what you can expect when using a double VPN service.
Pros of multi-hop:
- Increased anonymity and privacy.
- More difficult for hackers to carry out traffic correlation attacks.
- Bypasses most censorship firewalls around the world.
- Easy to set up and use.
Cons of multi-hop:
- Slower than a standard VPN connection.
- Increased latency can make gaming and streaming impossible.
- Doesn’t guarantee the VPN company is trustworthy.
- Not offered by most VPN services.
What’s the final verdict? If you need the extra privacy, or if bypassing censorship blocks is a high priority, multi-hop VPNs are absolutely worth your time. If you’re just looking for generalized protection from cyber threats and spying government agencies, however, using a regular single-route VPN will get the job done, and you’ll enjoy faster speeds for all of your downloading and streaming needs, as well.
When to use a multi-hop VPN
Even if you have a subscription with a VPN service that offers multi-hop functionality, that doesn’t mean you have to leave it turned on all the time. In fact, you can get the best of both worlds if you sign up with a double VPN company but only toggle it on when you absolutely have to.
Many privacy experts argue whether or not multi-hop VPNs are overkill, or if they’re the next natural evolution of online security. Either way, if an attacker were to brute force decrypt your data, a standard VPN offers strong enough protection to keep you safe. It would take 1 billion billion years (yes, billion billion) to crack 128-bit encryption. Most VPNs offer 256-bit encryption, which is exponentially more difficult to hack.
Still, there are times when multi-hop VPNs are useful. If you find yourself in any of the situations below, consider checking into a double VPN service and activating it on all of your Internet-enabled devices:
- When speed or Internet performance is not an issue
- When traveling through censorship-heavy countries
- When accessing the Internet on an unreliable or public connection
- When transmitting sensitive data, especially corporate or government files
- When keeping your location and identity hidden is absolutely vital to your safety
Multi-hop VPNs offer a number of advantages and disadvantages when compared to a standard VPN. If you need the added privacy and anonymity, however, they make great tools for protecting your identity at all costs. Best of all, using a multi-hop VPN isn’t any more difficult than running a standard VPN.
Got any tips or tricks related to using multi-hop VPNs? Share your thoughts in the comments below!
If you need a VPN for a short while when traveling for example, you can get our top ranked VPN free of charge. ExpressVPN includes a 30-day money-back guarantee. You will need to pay for the subscription, that’s a fact, but it allows full access for 30 days and then you cancel for a full refund. Their no-questions-asked cancellation policy lives up to its name.