Before reviewing NordVPN, I knew I would be reviewing one of the best VPNs in the market. I had already used NordVPN for quite some time back in 2013. The hardest part of this review is doing NordVPN justice. Calling it “bang for the buck” or “value for money” VPN provider would not be fair as readers tend to associate the terms with products that make cuts in terms of quality. I could not find any such cut with NordVPN, so at the end of the day, we have a premium VPN that is arguably second to none and the best you can get to make the most out of the price you pay.
In my CyberGhost review, I explained that I found it missing key elements, especially trustworthiness. This review was quite refreshing, and the experience was similar to the one I had when reviewing ExpressVPN.Today's Deals on Amazon
Speaking of ExpressVPN, we will also try to answer the omnipresent VPN question; Is ExpressVPN or NordVPN the better VPN provider? While this is a tricky question, NordVPNs impressive feature set puts ExpressVPN's price tag into perspective.
There is another important aspect I would like to address in the prologue of my NordVPN review. Our readers are aware of my obsession with VPN trustworthiness and transparency. There is no point in discussing privacy and security if you cannot even trust the VPN service you pay.
In October 2019, a report emerged online that a hacker accessed one of the rented NordVPN servers without authorization in 2018. First, the report appeared 11 months after the security breach, so we know that NordVPN never disclosed it. This, of course, is a very alarming approach, so I had to learn more about the actual breach.
As it turns out, the breach did not involve user-identifying information, as no passwords, usernames, and other credentials were leaked. The attacker got access to three private encryption keys that expired within an hour and could potentially set up a fake NordVPN node.
Due to the layers of encryption involved in the data transfer and processing, the attacker could not access any information other than what an ISP would see for 50 to 200 users using the server during that period.
NordVPN decided against informing its customers, but it's hard to tell if that was a marketing move or an effort to avoid causing panic for an essentially minor breach. The kickback back then was hard, and NordVPN would have to regain the lost trust. As it turns out, in 2018, before the breach was revealed, NordVPN became the first significant VPN provider to have its no-logging policy independently audited.
NordVPN also moved to RAM-only technology on its servers at the time, so no information is stored on the disks. Instead, everything is handled in the volatile RAM. After the discovery, Nord also went through multiple security audits; it started a bug bounty program and invested heavily in VPN server security.
Judging the non-disclosure on NordVPN's side is a tough ask, so I will at least call it a questionable decision. However, the aftereffects of the breach are definitely in the customers' favor, as NordVPN did a lot to regain our trust at no additional cost.
After addressing the elephant in the room, I would like to explain how I evaluated NordVPN during the review period. Speed tests alone are not enough to demonstrate the VPN's performance. So, I watched ten seasons of Shameless (U.S.) on Netflix U.S. and Netflix Denmark (interchangeably) during that time, on Full HD.
I stayed connected to the U.S. while writing blog posts to evaluate the latency, and my editor was highly responsive. This is pretty much the highest praise I can give to a VPN, and I also did a lot of browsing and kept the VPN on because I did not realize it was active.
Once again, that was a very ExpressVPN-like performance. I also used NordVPN on my mobile to watch Shameless and go to Paris and Tampa to catch Pokemon by spoofing my location on Android. I ended up recommending NordVPN for location spoofing in Pokemon Go.
I'm afraid this introduction renders the rest of the review useless, but regardless, let's see everything NordVPN has to offer.
NordVPN offers many features, all of which scream “premium.” Even the Obfuscated Servers are available at no extra cost, and you only need to pay extra for a dedicated I.P., a feature that most customers do not need. NordVPN hits all the right boxes and is best-in-class in almost every category, or at least right up there.
|Number of countries (includes virtual servers)||62|
|Number of servers||5,280+|
|Log Policy||No logs (Approved by Independent Auditors – PricewaterhouseCoopers AG, Zurich, Switzerland)|
|Ad and Malware Blocker||Yes (CyberSec)|
|Dedicated I.P.||Yes (extra)|
|Number of devices per license||6|
|Money-back guarantee||30 days|
|Tor/Onion over VPN||Yes (no extra features)|
|Headquarters Location||Panama (Outside of 5/9/14 Eyes Jurisdiction)|
|Average Download Speed Dropoff||9.93%|
|Average Upload Speed Dropoff||28.62%|
VPN Protocol Support
NordVPN supports all the popular and the most secure VPN protocols while dropping unsafe or deprecated ones. It also supports a unique one (NordLynx) and can automatically select the best VPN protocol for your network.
|Operating System||OpenVPN (TCP/UDP)||IKEv2||NordLynx (WireGuard Variant)|
A Note on NordVPN's NordLynx
Like any other VPN reviewer, I consider WireGuard the next best thing for VPN protocols. It is indeed swift and lightweight, but at the same time, it's still incomplete and experimental. Don't get me wrong; I always use WireGuard when available, and only a bunch of VPN providers offer it.
Despite my affection towards WireGuard, I would not recommend it over OpenVPN. That is, unless it is patched to fix its shortcomings. That's precisely what NordVPN and ExpressVPN offer with NordLynx and Lightway, respectively. NordLynx patches several WireGuard bugs, including the static I.P. pool, and it keeps being updated, so it is a protocol I can recommend.
You can watch the video below to learn more about NordLynx, and this review is based on the use of NordLynx:
A common indictment against NordVPN is its location support; it doesn't offer as many locations (either with real or virtual servers). The best way to showcase this shortcoming is to compare NordVPN to other VPN providers. Let's see then:
One thing is clear from this table. ExpressVPN outclasses everyone in terms of worldwide coverage. Keep in mind that the best way to reduce costs for VPN providers that offer RAM-only data processing is by servicing a smaller portion of countries and locations. This is exactly what NordVPN and VyprVPN do to maintain a premium service while keeping costs low.
If you require the maximum number of available locations and top-quality services, ExpressVPN is the way to go.
However, if you don't need all these server locations, NordVPN's price tag on long-term plans is far more ludicrous, as we will see below.
You can find the full list of NordVPN server locations on its website.
NordVPN HQs Location and Privacy
NordVPN's H.Q.s are located in Panama, a privacy-friendly country. Panama has extensive legislation regulating offshore jurisdiction. Its constitution, judicial code, and criminal code have several articles that guarantee privacy and protection of personal data for its citizens and foreigners. Panama has also signed international covenants to protect the right to privacy.
NordVPN can preserve your private data and information even if it receives a legal request from any government agency. Meanwhile, the no-log policy and in-memory server mean that NordVPN does not have any data other than your NordVPN account information. This is great for any user that aims toward privacy.
I think it's fair to say that Panama is a great country to hide things (e.g., The notorious Panama Papers) and one of the most privacy-friendly countries around the globe.
As I have explained in several posts and reviews, I believe the whole 5/9/14 Eyes jurisdiction storyline is more the product of marketing than a real issue. But I'd take a VPN provider whose base is in Panama or the British Virgin Islands any day over one located in the U.S. or a country that may apply any sort of pressure to the providers.
We have explained that there is not much room for pressure when the provider has a zero-log policy, and any intelligence agency would have to perform an actual attack while the data are still live in memory. This type of attack is possible but not probable.
Security Breaches and Independent Audits
So, we are back to the elephant in the room –the 2018 security breach. The affected server was part of a third-party data center in Finland. Evidence indicates the attack most likely happened between January 31st, 2018, when the server came online, and March 5th, 2018.
The adversary attacked a compromised data center account, not an account managed by NordVPN.
The data center deleted this account on March 20th, 2018, blocking any further access to the server.
NordVPN claims not to have been notified about the breach until April 13th, 2019, more than a year after it happened. It took down the server the same day and began an immediate audit of all its servers at the time.
From a customer's perspective, I would expect my VPN provider to inform me about the breach, its minor impact, and all the provider's action to ensure no further issues are present. NordVPN did a lot after they became aware of the breach, so I believe they had a chance to enhance trustworthiness and show proactive action. I believe the better move from a privacy standpoint is full transparency.
I hope the provider will handle similar situations better in the future. But now, let's see what kind of guarantees NordVPN offers to its customers:
- On November 6th, 2019, NordVPN passed an independent application security audit conducted by AV-TEST Gmbh, an independent research institute from Germany.
- In June 2020, NordVPN passed a no-logs policy test for the second time in a row after its first test in 2018, once again conducted by PwC Switzerland.
- In June 2021, NordVPN passed a penetration test by VerSprite, and no significant issues were revealed, while the minor ones have already been patched.
NordVPN's insistence on independent security audits makes me extremely happy as a reviewer. For the sake of consistency with my past positions, I will have to state that this is what I expect to see from a premium VPN provider.
I tested NordVPN on Windows, macOS, and Linux using the browser extensions and Android. I had no issues with NordVPN on any device. We will focus on the Windows client in this NordVPN review for conciseness.
- Launch at Windows startup.
- Launch the app minimized.
- Show VPN status notifications.
- CyberSec: block ads and malicious websites.
- Client language.
CyberSec requires a special mention here, as it is a built-in ad blocker that works exceptionally well and indicates solid filtering of the incoming traffic to our browsers.
Users can tweak the auto-connect settings to allow the app:
- Always auto-connect when it launches.
- To auto-connect on trusted Wi-Fi networks.
The user can select the VPN protocol manually among OpenVPN (TCP or UDP) and NordLynx, select the server or allow the app to perform these processes automatically.
NordVPN offers my favorite type of automatic kill switch, which comes down to its versatility. An Internet kill switch is a great feature, but killing apps instead of connecting is valuable for users. For instance, I just want to see the Netflix app killed instead of my whole internet connection when steaming.
NordVPN offers split tunneling, but only on its Windows, Android, and AndroidTV apps. Split tunneling lets you decide which apps go through the VPN and which you access with your regular I.P. and Internet connection. This is useful for online banking and watching domestic streaming sites because you can lose access to them when you connect to a VPN due to geo-blocking.
Remember, when you use split tunneling, anything you leave outside the VPN is not encrypted. Don't leave out any apps that require privacy (like a BitTorrent client) or need to bypass geoblocks.
The question to answer here is simple:
Is NordVPN fast?
The honest and straightforward answer is, “Yes, it is fast enough.” I used Ookla's speed test to evaluate my baseline speed without a VPN in Athens, Greece, and the result was the following:
The following table contains key European locations and long-distance ones, like the US, Canada, and Australia. I want to pinpoint another critical feature here.
Unlike other VPNs I have used, NordVPN changes the smart connect location depending on current conditions. For instance, it switched between Romania – Bucharest and Spain – Barcelona.
|Location||Ping [ms]||Download Speed [Mbps]||Download Speed Dropoff||Upload Speed [Mbps]||Upload Speed Dropoff|
|Baseline – Athens, Greece, no VPN||7||53.92||N/A||10.24||N/A|
|Greece – Athens||102||48.79||9.51%||7.05||31.15%|
|Romania – Bucharest||26||53.37||1.02%||8.89||13.18%|
|Spain – Madrid||77||52.7||2.26%||8.04||21.48%|
|France – Marseille||65||52.44||2.74%||9.21||10.06%|
|U.K. – London||49||48.6||9.87%||8.86||13.48%|
|The Netherlands – Amsterdam||50||52.52||2.60%||8.96||12.50%|
|Germany – Frankfurt||53||52.55||2.54%||9.38||8.40%|
|USA – New York||121||49.11||8.92%||5.91||42.29%|
|USA – Los Angeles||178||48.08||10.83%||3.8||62.89%|
|Canada – Toronto||158||47.6||11.72%||6.67||34.86%|
|Australia – Melbourne||284||38.54||28.52%||6.63||35.25%|
|Average Download Dropoff||9.93%||Average Upload Dropoff||28.62%|
NordVPN Encryption and Leak Protection
NordVPN is outstanding in terms of encryption standards, privacy, and security.
NordVPN uses the highest encryption standard to keep your data private and secure. Its apps use the AES-256-GCM encryption algorithm with a 4096-bit D.H. key, which the NSA recommends securing classified information, including the TOP SECRET level.
No known practical attack can break the AES-256-GCM encryption. If you used a brute-force attack – checking all possible vital combinations – you would need more resources than humanity currently has at its disposal to crack the encryption. There is not enough time in the Universe to crack the AES 256-bit encryption.
The number 256 refers to the encryption key size, so 256-bit has 2^256 possible combinations. While theoretically, no encryption cipher is genuinely impregnable, AES with 256-bit keys is absolute overkill for security. Breaking it would theoretically require billions of years.
As I always mentioned, this level of encryption is expected from a VPN service in 2021.
Leak Tests and Leak Protection
A VPN does not necessarily guarantee that there won't be any DNS, IP, WebRTC, or IPv6 leaks. If your I.P. leaks, location, and privacy have been compromised, a DNS leak means that your online activity is visible to your ISP and third parties.
A reliable VPN protects you against DNS leaks and guarantees your privacy and anonymity. I tested several countries, including the US, Canada, UK, Romania, Spain, external I.P., DNS, WebRTC tools, and ExpessVPN's tools, and I did not observe leaks of any kind.
It is worth noting that checking your VPN for leaks is not a one-time thing, it should be a constant check, but I have not found a better way to do this.
Tor Compatibility (Onion Over VPN)
Generally speaking, Tor is better used in standalone mode with complex bridge setups to avoid tracking. However, with NordVPN, we have an interesting case of Onion Over VPN worth examining. Onion Over VPN dedicated servers allow you to connect to the Onion network without using the Tor browser. Let's call this an ease-of-use feature.
Whether you pick these two options highly depends on your security model. Using Onion over VPN does not necessarily provide a better layer of protection. However, I am thrilled with Onion Over VPN during my VPN evaluations. Keep in mind that purists will advise against it, though.
Other Specialty Servers
Double VPN Servers: Combines two NordVPN servers to make a VPN-VPN connection. So, to reach your intended destination, your data makes two hops for maximum security. You can use a double VPN setup with the OpenVPN protocol (TCP or UDP).
Obfuscated Servers: These servers are helpful only in extreme censorship cases; these servers scramble your VPN traffic and data to look like regular HTTPS traffic. Governments that place restrictions on VPN usage, such as the Chinese government, sometimes rely on traffic analysis to block VPNs. Obfuscated servers help you overcome this problem and allow NordVPN to work in China.
P2P Servers: Optimized for P2P traffic and best used when downloading files using torrents. However, they are great for any type of P2P traffic.
Dedicated I.P. Servers: these will be reserved for those who have purchased a static I.P. When connected, your I.P. will always remain the same. This may be useful if you're not concerned about staying anonymous and having other use cases. They're only available with OpenVPN either in UDP or TCP mode.
Does NordVPN Keep Activity Logs?
NordVPN's policy states that it keeps no logs of any activity or connection logs, including all of your online traffic, websites visited, data content, and DNS queries.
As I already mentioned, the independent audits provide a substantial level of trust regarding NordVPN's zero-log policy, arguably the strongest across all VPN service providers.
NordVPN Streaming and Geo-unblocking
I could not find a streaming service that I could not unblock with NordVPN. Admittedly, most major VPN providers can unblock almost every streaming service at this point. Still, NordVPN was excellent in stream quality, too, even when I was connected to Disney+ US or Netflix U.S.
However, as I will explain below, I find that more and more streaming services associate your payment details with the content you can watch
|Netflix||Amazon Prime Video||MSNBC||ITV Hub|
|Hulu||Disney+ and Disney+ Hotstar||Fox Sports||Kodi|
|BBC iPlayer||Sky Sport & Sky Sports Go||CBS Sports||AT & T|
|YouTube TV||HBO Max and HBO Go||Pandora||CW|
|Sling TV||ESPN and ESPN+||ZDF||Salto|
|Funimation||Rai Play||Peacock TV||TF1|
|DAZN||Globo and Globo Sportv||RTL||9Now|
|TG4||Amazon Prime Video||TVING||Yle|
I did not experience any issues while trying to unblock Netflix regional libraries. As I already mentioned, I spent a lot of time on Netflix U.S. and Denmark. However, I have realized that Netflix detects location/I.P. changes and eventually limits the content it shows you, even though it doesn't detect the use of a VPN. Notice that my avatar is a masked woman in the image below instead of a standard avatar (the Baby Boss).
In the past, I have called this a “no man's land,” but another way to describe it is Netflix showing only content that it owns and can distribute without geographic limitations.
In the past, Netflix would allow you to perform multiple location switches within a small time frame, but I have found that not to be the case in 2021. According to NordVPN's support, this is particularly true for users in the European Economic Area as there seems to be a timer set that limits you to your home country (in my case, Greece).
So overall, Netflix tries to restrict access to content even though it doesn't detect VPN use.
Another exciting aspect is that if NordVPN does not support a regional library, it falls back to the U.S. library.
As you can see in NordVPN's VPN for Netflix support article, these are the countries it officially supports (and I quote here):
You should connect to VPN servers in countries other than Canada, Germany, the United Kingdom, France, Italy, Japan, Australia, the Netherlands, India, Brazil, Spain, South Korea, and Finland.
Note: This particular point implies that NordVPN supports 14 regional libraries (including the U.S.) as all defer to the U.S. regional library. However, below you will find support for Poland and Turkey, which I found valid. I also unblocked Mexico, Denmark, and Israel, although they are not mentioned in the article.
You should connect to any of our VPN servers in Canada.
You should connect to any of our VPN servers in Germany.
You should connect to any of our VPN servers in the United Kingdom.
You should connect to any of our VPN servers in France.
You should connect to any of our VPN servers in Italy.
You should connect to any of our VPN servers in Japan.
You should connect to any of our VPN servers in Australia.
You should connect to any of our VPN servers in the Netherlands.
You should connect to any of our VPN servers in Spain.
You should connect to any of our VPN servers in India.
You should connect to any of our VPN servers in Brazil.
You should connect to any of our VPN servers in South Korea.
You should connect to any of our VPN servers in Turkey.
Here are some regional libraries I successfully unblocked (the list is not exhaustive):
Streaming services generally associate your payment details with the regional libraries they allow you to access more and more, thus limiting a VPN's unblocking power. This is, of course, not the VPN's fault, nor does it demonstrate limitations in the VPN's unblocking performance.
Overall, NordVPN's Netflix unblocking performance is impressive and will give you access to the most popular Netflix libraries (including those that feature Marvel movies).
I had no issue unblocking Disney+ with NordVPN on multiple locations. The service detects that you are traveling, limiting your content based on your original location. In my case, I have a Disney+ US subscription, which is not limiting at all, to begin with, as all new content gets aired in the U.S. first.
Amazon Prime Video
NordVPN Android App
The NordVPN Android app offers a plethora of features. To begin with, you can use Quick Connect or select a server to connect to. Here are some of the features you can access in the Settings:
- Auto-Connect: You can decide to auto-connect on Wi-Fi, cellular, or permanently, and you can pick the fastest server, the fastest specialty server (Obfuscated, P2P, Onion Over VPN), the fast server in a specific country or just your personal choice.
- Protocol: You can choose NordLynx, OpenVPN (TCP), or OpenVPN (UDP).
- Split Tunneling: You can disable the VPN for selected apps.
- DNS: You can use NordVPN's default SmartDNS or set a custom one.
- Local Network Discovery: Enabling this option allows you to access printers, T.V.s, and other devices on your local network.
- Metered Connection: Enabling this option gives you control over how much data your phone uses while connected to the VPN.
- CyberSec: Blocks access to malicious websites; CyberSec does not block ads on mobile.
- Kill Switch: Enabling the kill switch through your phone's settings allows you to have an internet connection only while connected to NordVPN. If the VPN connection drops, your Internet connection will drop too.
- Dark Web Monitor: Check whether your email address appears in Dark Web databases.
- Tapjacking Protection: Enabling this feature warns you when a malicious app adds a screen overlay to highjack your tapping sessions (i.e., record and still all your taps and key presses).
This is quite an impressive feature set that you won't find on many mobile VPN apps, including the premium ones.
Ad Blocking Performance and Trustworthiness
NordVPN's ad blocker, CyberSec, performs incredibly well, and it will allow you to browse websites and even watch YouTube videos ad-free.
Past User Complaints
Users reported that some NordVPN features were not available if you disabled auto-renewal in the past. Based on the screenshots, I found that was true, but it is not anymore, as I could access everything with a disabled auto-renewal.
Please note that some features are available only under specific protocols.
Does NordVPN Work in China?
NordVPN works in China, and its website is accessible in China, but you will have to use the specialty obfuscated servers to avoid VPN traffic detection as its use is restricted by default.
I found NordVPN's support extremely fast and insightful for high-level questions, while I could also get answers to advanced technical questions within 1-2 business days.
NordVPN offers three standard subscription plans. Subscriptions cost $11.95 per month for a one-month plan, $4.92 per month for a 1-year plan, and $3.67 per month for a 24-month plan.
To compare, ExpressVPN offers three standard subscription plans. Subscriptions cost $12.95 per month for a one-month plan, $9.99 per month for a six-month plan, and $8.32 per month for a 12-month plan, so NordVPN costs 40% less than ExpressVPN on the 1-year plan, which is a very tempting price tag.
That's a massive difference in the long run, and you can see why NordVPN is a ludicrous choice in terms of pricing.
|Rates||One Month||One Year||Two Years|
|Total Amount Billed||$11.95||$59.00||$99.00|
NordVPN also supports many payment options, including cryptocurrencies:
|Payment options||Major credit cards, Google Pay, Amazon Pay, UnionPay, ACH Transfer, and cryptocurrencies|
Each subscription comes with a 30-day money-back guarantee to try the service risk-free.
My experience with NordVPN was outstanding during my evaluation period. I'm glad to say that I both recommend it as an exceptional VPN service that sets high standards of trustworthiness, and I will use it in my future online endeavors.