Checking connection...

Connected through VPN tunnel Hides traffic origin

What is a VPN?

A VPN, or virtual private network, is a technology that establishes a secure tunnel between two or more devices.

An Internet VPN, such as Mullvad (that's us!), offers a tunnel between you and the Internet, allowing you to browse the web securely and privately, even when using a public WiFi network at a cafe or hotel.

Surfing the web is no private matter

Online privacy is hard to come by these days. Nearly everything we do on the Internet is logged, making it quite easy for others to trace specific online activities right back to you.

How is that even possible?

Well, your internet service provider (ISP) has the ability to track which websites you visit. Those websites, in turn, can see who your ISP is. Some even keep records of your activity. And that's just the beginning.

Based on your country's laws, your ISP may even be required by the government to log the websites you visit.

How a VPN protects your privacy

If you use a trustworthy VPN service – one that doesn't log any user information – the traceable chain between you and your online activity is broken.

All of your traffic first travels from your computer, through an encrypted tunnel, to the VPN's servers and then onward to the website you are visiting. In this way, websites will only see the VPN service's identity instead of yours. And any information that your ISP saves cannot be tied specifically to you.

Using a VPN is a great first step toward protecting your privacy, but it's not the ultimate solution (we wish it was!). However, it's easy to improve your privacy ninja skills.

Why Mullvad VPN?

At Mullvad, we believe that privacy is a universal right. Our VPN service helps keep your online activity, identity, and location private.

Maintain anonymity

A Mullvad account can be created without supplying any personal information – not even an email address. We keep no activity logs and encourage anonymous payments with cash or one of the cryptocurrencies we accept.

Fight censorship

Use Mullvad to get past restrictive firewalls and proxies. Connected to one of our servers, you are free to surf the entire web.

Mitigate blocking and throttling

Some internet providers will completely block or intentionally slow down (throttle) certain internet traffic. We try to mitigate this by wrapping the traffic in a layer of obfuscation (with the help of SSH tunneling, Shadowsocks, and Stunnel) that makes it harder for the provider to identify and block.

Bypass geographical restrictions

Since Mullvad operates VPN servers worldwide, you can easily bypass browsing restrictions based on location.

Secure all devices

Mullvad can be used on Windows, macOS, Linux, iOS, Android, and most other devices supporting OpenVPN or WireGuard®.

Install Mullvad on as many devices as you like. With your account, you can have up to 5 simultaneous connections.

Protect your privacy

Change your online habits

It only takes a few simple solutions to start improving your online privacy.

Choose a VPN that doesn't collect your data

VPN providers themselves are in an easy position to log your activity. Make sure yours maintains a minimal data retention policy.

Know which laws apply

An important criterion to consider when choosing a VPN provider is where the company is based.

We live and breathe security

We set extremely high security standards for ourselves. From the operating system on our computers (Qubes) to the tools we use daily, we strive to ensure that our entire workflow is very difficult to exploit. We do this in part by using open-source software in our infrastructure.

We control our servers

For maximum security, we use physical, bare metal servers (no virtual servers) that are administrated and either owned or rented by us in carefully selected data centers. Our rented servers are not shared with others. We put a lot of effort into hardening servers and following best practices.

We have our own app

We have developed an open-source VPN app that works for macOS, Windows, and Linux.

Our servers use OpenVPN and WireGuard®

We only offer secure, open-source protocols. WireGuard® is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. OpenVPN is the most widely used solution for creating secure, point-to-point connections, and it has been extensively tested for security purposes.

The technical stuff

Looking for the nitty gritty? Here you go!

We support

  • port forwarding
  • DNS leak protection
  • Teredo (IPv6 over IPv4) leak protection
  • IPv6 tunneling as well as IPv6 blocking and leak protection
  • OpenVPN on a range of custom ports, including but not limited to 53/udp (DNS), 80/tcp (HTTP), 443/tcp (HTTPS)
  • only the VPN protocols OpenVPN and Wireguard
  • SSH tunneling, Shadowsocks, and Stunnel through our bridge servers.

We do not block authenticated SMTP nor P2P. We do block SMTP port 25/tcp because of spam.

Our data encryption is AES-256 and we run our own public key infrastructure (PKI).

All of our OpenVPN servers use

  • 4096 bit RSA certificates (with SHA512) for server authentication
  • 4096 bit Diffie-Hellman parameters for key exchange
  • DHE for perfect forward secrecy.

In addition, our OpenVPN servers offer all available data channel ciphers on all ports, including

  • AES-256-GCM (default)
  • AES-256-CBC
  • BF-CBC.

OpenVPN re-keying is performed every 60 minutes.

Mullvad meets the criteria.