NordVPN

NordVPN

Internet - Shareware

Description

A group of childhood friends established NordVPN in 2012, led by Eimantas Sabaliauskas and Tomas Okmanas. The parent company, Nord Security, emerged from support by Tesonet, a Lithuanian startup accelerator, and currently has offices in Lithuania, the United Kingdom, Panama, and the Netherlands. The company registers its operations in Panama, a jurisdiction that lies outside the Five Eyes, Nine Eyes and Fourteen Eyes intelligence alliances and has no mandatory data retention laws.

NordVPN became one of the most widely known VPN brands worldwide and as of latest reports has tens of millions of users. Nord Security also develops NordPass (password manager), NordLocker (encrypted cloud storage) and Saily (eSIM data plans) which all integrate with NordVPN subscriptions depending on the tier the user chooses.

HOW IT WORKS

NordVPN encrypts outgoing traffic and sends it through one of its servers before the connection reaches its destination. The IP address of the remote server is used in place of the user’s actual IP address, hiding the geographic location and preventing ISPs, network operators, and other third parties on the same network from reading the content of the traffic.

The app automatically chooses a server using its Quick Connect function, which selects the fastest available server based on load and proximity. Users who prefer to select manually can browse a map interface, filter by country, or search for specific server types such as P2P, Double VPN, obfuscated, and Onion over VPN variants.

NORDLYNX AND PROTOCOL SUPPORT

NordVPN launched NordLynx in 2019, as their own version of WireGuard protocol. Standard WireGuard gives users a static IP address on the server, which raises a privacy issue because the server needs to remember that assignment in order to route return traffic correctly. NordLynx solves this by adding a double NAT system around the WireGuard tunnel: the outer layer assigns a temporary local IP for the session without logging any persistent identifier, while the inner tunnel carries the encrypted traffic. The result is a combination of WireGuard’s speed advantage – which testers at Wired UK measured at speed boosts of hundreds of MB/s under favorable conditions – and a privacy model closer to traditional VPN behavior.

The app also supports OpenVPN with AES-256-GCM encryption and HMAC SHA-256 authentication, and IKEv2/IPsec with AES-256-GCM for users who need compatibility with specific platforms or corporate networks. In September 2024, NordVPN introduced support for post-quantum encryption beginning with the Linux app, followed by support for Windows, macOS, iOS, Android, tvOS, and Android TV in May 2025. Post-quantum encryption provides a second layer of key encapsulation using algorithms designed to resist attacks by quantum computers to protect recorded traffic against decryption in the future if quantum computing advances far enough to break current standards.

NordWhisper, launched in January 2025, encapsulates the encrypted VPN tunnel within a regular HTTPS connection using technology based on the Tor Project’s WebTunnel. Networks that use deep packet inspection to identify and block VPN traffic recognize NordWhisper traffic as regular web browsing and not a VPN handshake.

SPECIALTY SERVERS

Double VPN passes traffic through two different VPN servers in series instead of one. The first server encrypts the connection and passes it on to the second, which applies a second layer of encryption before it leaves to the internet. The destination site sees only the IP address of the second server and the first server never knows the destination and the second never knows the origin.

Obfuscated servers mask VPN traffic as ordinary traffic using the secure sockets layer (HTTPS) to target networks in countries that restrict or block VPN connections. P2P-optimized servers explicitly permit BitTorrent and other peer-to-peer file sharing traffic, and are configured to optimize sustained upload and download throughput. Onion over VPN servers are used to route traffic into the Tor network after it leaves the NordVPN server, which combines the encryption provided by the VPN with the multi-hop anonymization provided by Tor, without the need to use the Tor Browser.

Users who require a static exit IP can add a dedicated IP address to any plan for a monthly fee. NordVPN currently provides dedicated IPs in several countries. A dedicated IP helps to minimize the frequency of CAPTCHA and is suitable for services that flag logins from frequently changing addresses.

THREAT PROTECTION

Threat Protection runs as a separate feature that operates whether the VPN tunnel connects or not. It works on the DNS and file level instead of network packet inspection. The feature blocks DNS requests to domains on its database of known malicious, phishing and tracking URLs before the browser even initiates a connection. It also scans files when they are downloaded and blocks files that match known malware signatures. TechRadar tested Threat Protection Pro against 50 freshly identified malware hosting and phishing pages and reported a 91% block rate on phishing sites and 86% on malware sites, beating similar features from competing VPN providers in that test, although dedicated antivirus software still beats it overall.

MESHNET

Meshnet, launched in June 2022, allows users to connect up to 60 devices into a private encrypted network no matter where they are. Each device that is enrolled is assigned a hostname issued by NordVPN, and can communicate directly with other enrolled devices using an encrypted peer-to-peer tunnel. Use cases include secure file transfers between personal devices, remote desktop access to a home or office machine, and LAN-style multiplayer gaming with friends in different locations. Meshnet does not require an active VPN server connection and does not pass traffic through NordVPN’s infrastructure.

SMARTPLAY

SmartPlay is a combination of VPN tunnel routing and Smart DNS layer that deals with geo-restricted streaming platforms. When a user connects to a NordVPN server and tries to access a streaming service, SmartPlay automatically knows whether to send the DNS request through VPN-aware DNS or through a DNS server that shows the correct regional identity for that streaming service. This solves the issue that streaming services often block known VPN server IP ranges: SmartPlay uses DNS level routing instead of just the server IP, which makes it more reliable for Netflix, BBC iPlayer, Disney+, etc.

NO-LOGS POLICY AND AUDITS

NordVPN’s privacy policy states the service does not log IP addresses, browsing history, DNS queries, traffic content, session timestamps or bandwidth usage. The only session data the service stores is a username and timestamp to enforce the 10 simultaneous devices limit, and the system automatically deletes this within 15 minutes of a session ending.

PricewaterhouseCoopers performed the first no-logs audit in November 2018 and a follow-up in 2020 of Standard VPN, Double VPN, obfuscated servers, P2P servers, and central infrastructure. Deloitte then carried out audits in 2022, 2023, and 2024, with the fifth audit completed at the end of 2024 on IT systems, supporting infrastructure, privacy-relevant configuration settings, deployment processes, obfuscated servers, and P2P servers. Deloitte confirmed in all audits that NordVPN does not collect, store or track personal data or browsing history. A public bug bounty program launched in December 2019 offers monetary rewards to security researchers who find and report critical vulnerabilities.

SECURity Incident And Disclosure

In 2018, an attacker used a remote management tool that was left exposed by a third-party data center that NordVPN rented servers from in Finland. The data center notified NordVPN about the breach on April 13, 2019. NordVPN ended its relationship with that data center after that. Independent security researchers did not find evidence of user credentials, billing data, or exposure of traffic content during the incident. NordVPN was criticized for the delay between being informed of the breach and making it public, with the company explaining that it waited to finish an audit of its remaining 5,000 servers before making the announcement. In a separate incident in November 2019, around 2,000 account credentials were exposed in a credential stuffing leak from outside of NordVPN’s own systems.

SIMULTANEOUS CONnections and Pricing

One NordVPN subscription is enough for 10 devices at the same time. The Basic plan includes the basic VPN service with all specialty servers, Threat Protection Lite, and Meshnet. Higher tiers include Threat Protection Pro, NordPass, NordLocker storage, and other Nord Security tools. The two-year plan begins at around $2.99/month billed upfront, and there is a 30-day money-back guarantee for all plans. NordVPN accepts credit cards, PayPal and cryptocurrency. The service does not have a free trial on desktop but offers the money-back window as a risk-free evaluation period.

Explore apps in Internet

TurboFTP

TurboFTP

6,099 Downloads Shareware 9.98 MB
TurboFTP is an easy and fast to operate FTP for Windows operating systems. It contains...
Google Photos app

Google Photos app

0 Downloads Freeware 217.3 MB
Google Photos offers AI-powered organization, cloud backup, and creative tools, with seamless cross-platform access and...
Slimjet

Slimjet

12,610 Downloads Freeware 48.5 MB
Slimjet is based on open source Chromium web browser and is free to download. It...
TeraBox

TeraBox

8,029 Downloads Freeware 85.5 MB
TeraBox offers 1TB free cloud storage, secure encryption, multi-device access, file sharing, automatic backups, and...
Google Drive

Google Drive

15,761 Downloads Freeware 51.2 MB
Google Drive offers cloud collaboration, enterprise productivity, secure storage, advanced integration, and AI-powered search tools.
View more
Free Download
User Rating:

4 / 5. 46

Shareware
22.7 MB
Windows PC
nordvpn

Latest Software

VirtualBox

VirtualBox

ESET Internet Security

ESET Internet Security

,
Yahoo Mail App

Yahoo Mail App

,
WinZip

WinZip

,
WinRAR

WinRAR

,