What is a VPN Kill Switch and Why It’s a Must-Have

what is a vpn kill switch

Just because you’re connected to a VPN doesn’t mean you’re completely secure. Say you’re browsing the internet and, suddenly, you lose connection to the VPN itself. What happens then? Are you still protected? Will your IP and information be exposed?

This all depends on whether the VPN you are using has a kill switch.

A VPN kill switch is an essential element that forms a core part of any VPN product. It is so important, in fact, that you absolutely and categorically should not use a VPN that doesn’t include one.

It doesn’t matter how fancy their site is, how slick their VPN is to use, or how good their encryption and logging policies are. If a VPN does not have a kill switch you should walk away.


VPNs themselves are not 100% reliable, so it’s the kill switch that backs you up and keeps you secure should a VPN service fail. This happens even to the best VPNs.

Best VPNs That Have a Kill Switch

How A VPN Protects You

When you are connected to a VPN service, your traffic is encrypted and then routed through a secure tunnel. It is then decrypted when it reaches its final destination. Because your data is encrypted, it cannot be intercepted or seen by any third parties such as your ISP, hackers, or the security services.

A VPN is something that everybody who regularly accesses the internet should use, especially if you ever use public networks.

Image courtesy of iplocation.net

After all, the internet is a jungle full of hackers, surveillance, and chancers who want to get hold of your data. And just because you are using a private network does not mean you are 100% safe.

With a variety of encryption and tunneling protocols along with the ability to spoof your connection and physical location, VPNs provide a level of defense from anything and everything. That is if you use a good one.

There are plenty of terrible VPNs out there. You can learn more about this by reading our general VPN reviews and guides.

What Happens If or When a VPN Fails?

VPNs can and do fail, even the best ones. Aside from inherent security vulnerabilities that can be avoided by using the best VPNs available, there is the risk of a dropped connection that you need to account for.

This can happen at any time and with any VPN; there is no way for dropped connections to be avoided or prevented, they just happen.

When your connection to a VPN service drops, your traffic and IP address are in danger of being exposed. This means that whatever you’re doing, from simply watching films or downloading files through a torrent, can be found out. In this example, the danger is that your ISP can see you are torrenting and issue you a copyright notice or terminate your connection.

Now enter the kill switch. When you use a reputable VPN that has a working kill switch, it’s impossible for your IP, information, or traffic to be exposed even when your connection drops.

Why Do VPNs Fail?

Infrequent connection drops do happen and cannot be avoided. This is why any VPN worth its name will include a kill switch, to safeguard your data against this scenario.

Both your device and your VPN software send data packets to one another every so often–usually every 5-10 seconds–to see whether the connection is still active. When these data packets are not being received by your device for a specific period of time–usually 1 to 2 minutes–the VPN assumes you are no longer using the service and disconnects you.

Every now and then, it will simply be the case that your device hasn’t been receiving packets for this time period, making your connection drop.

There are many reasons why your device may not be receiving packets. However, when it comes to infrequent VPN connection failure, it is simply the case that they’re lost or temporarily blocked–there’s nothing you can do about this.

Frequent VPN connection drops, however, can indicate an underlying problem such as–

  • An issue with the VPN server you are connected to,
  • The port or protocol you are using is blocking packets,
  • Your device rejecting the packets, or
  • An unreliable internet connection.

If you use a VPN and notice frequent drops in your connection, we recommend reaching out to your VPN service’s support team.

What a Kill Switch is and How it Works

A VPN kill switch blocks all incoming and outgoing traffic should your connection to the VPN and the internet drop.

As a system, it continuously monitors your VPN connection status and immediately steps in if your connection fails. If this happens, all current internet sessions such as streaming, downloading, and browsing will be killed, hence the name “kill switch.”

This means that your real IP address and any data being sent back and forth will never be compromised or exposed to prying eyes because whatever you’re doing will be “killed” before anyone can see it.

The primary purpose of a kill switch is to protect your IP address, traffic, and online activity from being suddenly and unknowingly exposed in the case of a dropped connection. Without one there, your internet traffic would continue flowing and you may not notice your unprotected status for minutes or even hours after.

This would leave a digital trail of everything you intended to keep private! 😱

As a result, it is an extremely vital feature that needs to be included in any VPN product. The problem is that not all VPNs do include a kill switch, even some of those that claim to have one.

This is why due diligence and research is also very important when it comes to choosing a VPN. But we’ll show you how to do that in a second.

How Can I Tell if a VPN Has a Kill Switch?

This can be quite tricky.

Not all VPN providers state on their website whether they have a kill switch or not. Some do, some don’t.

While leading providers such as ExpressVPN and NordVPN openly discuss their kill switch, there are others that don’t. Additionally, not every VPN service calls their kill switch a kill switch–some refer to them as VPN firewalls for instance.

To add to the confusion, not all kill switches will work automatically–some require manual configuration. When using a VPN, always check that:

  1. There is a kill switch.
  2. Check that it’s enabled or find out how to enable it using their help guides.
NordVPN has a kill switch

Often, you can find out whether a particular VPN service has a kill switch by reading their FAQs or knowledgebase.

Alternatively, take a look at our comprehensive VPN reviews—we have reviewed over 100 different VPN services and each review details whether or not a kill switch is available.

You can even test it out yourself!

3 Great VPNs that Have a Kill Switch

If you don’t want to go searching through our reviews, we can suggest 3 VPN services right here that include a kill switch.

We have comprehensively tested all these VPNs and covered everything from speed and performance to safety and security, so you can rest easy knowing that your information will never be compromised.

1. ExpressVPN

ExpressVPN is by far the best VPN service available right now. It is fast, safe, and works with everything you could ever need it for. Netflix? Check. Torrenting? Check. Bypassing censorship? Check.

ExpressVPN includes a kill switch as standard with the service known as Network Lock. When Network Lock is enabled—note: it needs to be manually enabled from within the app—you will only be able to access the internet when you are connected to the ExpressVPN service.

Network Lock works by blocking your internet access when you are not connected to ExpressVPN so that your IP, data, and traffic can never be exposed. It is available on Windows, Mac, and Linux.

It’s worth noting that, at the moment, ExpressVPN does not include a kill switch on their non-desktop services such as Android, iOS, or FireTV.

You can try out ExpressVPN risk-free thanks to their 30-day money-back guarantee. Pricing starts at $12.95 monthly or $8.32 when purchased for a year.

Try ExpressVPN

2. NordVPN

NordVPN usually comes second in our VPN review lists. It is slightly cheaper than ExpressVPN if you’re on the 3-year plan. For those who are under a budget, this might be the better option in the long run.

In terms of safety, security, and performance, both services are comparable. Unlike ExpressVPN, you do not need to manually enable the NordVPN kill switch for the desktop version. However, you can configure it and choose which applications you want it to work for (e.g. your internet browser.)

This means that if your connection drops, only the services you specify will be killed. This prevents you from losing connection to everything when you only need protection in one or two places. In contrast, their Linux, iOS, and Android app kill switches will disable system-wide internet access.

Try NordVPN with their 30-day money-back guarantee. Pricing starts at $11.95 per month and can drop to $2.99 per month when purchased for 3 years.

Try NordVPN

3. Private Internet Access (PIA)

PIA is one of our favorite VPN services. First of all, they’re based in the U.S.–which usually sounds off alarms in our head–but despite this fact, their anti-logging policy has stood up in court. Secondly, their servers are fast, plentiful, and secure. Thirdly, it has a kill switch.

You’ll need to enable it manually, though. You can do this by starting up PIA Manager and simply toggling it from ‘off’ to ‘on’ and restarting the VPN. After this, it will step in if your connection drops.

PIA’s pricing starts at $6.95 monthly and drops to $2.91 when paid upfront for 2 years–amazing value for such a great product!

Try Private Internet Access

What if My VPN Doesn’t Have a Kill Switch?

Stop using it. That’s the short answer.

However, if you want to continue using a service that doesn’t have a kill switch natively, you can use a third-party solution.

Third-party kill switches like these monitor your internet connection and step in should your connection drop but…

These do require configuring, though, and are more suited to advanced users. If you want a simple solution, use one of the 3 VPNs listed above or any from our top 10 list.

Published by

Jamie Cambell

Ethical Hacker. Ph.D., M.S. in Computer Science at University of California, Berkeley. Technology enthusiast and also a part-time gamer. My goal is liberating the Internet.

Leave a Reply

Your email address will not be published. Required fields are marked *

Exit mobile version