Beginner’s Guide To VPN Terms

By February 25, 2020 August 6th, 2021 No Comments
glossary of VPN terms

As a supplement to our Beginner’s Guide to VPNs, we thought it would be especially helpful to create an all-inclusive Beginner’s Guide to VPN Terms.

You can think of this as a glossary to help you navigate the world of VPNs and online privacy in general.

Beginner’s Glossary of VPN Terms

AES (Encryption)

AES is an acronym for “Advanced Encryption Standard.”

This isn’t unique to VPNs, but when it comes to VPN encryption, 256-bit AES (sometimes AES-256) is the golden standard. You might see it paired with a few other acronyms, especially CBC or GCM.

Please see our Beginner’s Guide to VPN Encryption to get a better understanding of how this works.


A “backdoor” is a security weakness deliberately added by the software developer, law enforcement, or even hackers. This allows them to gain access to protected information without needing to use your password (for example).

BitTorrent (also Torrent, File-Sharing, and P2P)

BitTorrent is a torrenting client that allows you to share files with others through a Peer-to-Peer (P2P) connection. Torrenting is, essentially, just another term for P2P file-sharing.

There are many legal ways to use torrenting. However, the most common is to share copyright material (like downloading movies). Torrenting makes it easy to trace IP addresses, so you should always use a P2P-friendly VPN for any torrenting activities.

Browser Extension (also VPN Add-on)

Browser extensions and add-ons are additional features you add to your browser to extend its capabilities.

Some VPN providers offer browser extensions. These only protect your browser activity, however, and are typically only a proxy. If you’re going to use a reputable VPN provider’s browser add-on, it’s always best to do so with the actual VPN app at the same time.

Cipher (also Protocol)

A cipher is a mathematical algorithm used to encrypt online data. VPN protocols – such as OpenVPN – are specific ciphers that dictate how your data is encrypted throughout the connection (also known as the connection tunnel).

Please see our Beginner’s Guide to VPN Protocols to get a better understanding of how this works.

Connection Logs (also Usage Logs and Metadata)

Connection logs are records of your online activity.

In some cases, this is restricted to metadata logs, which is basically data that provides information on other data. This includes things like timestamps (when you connect and disconnect from the VPN server). Other connection logs might include your IP address and even the websites you visit.

Always read the privacy policy very carefully to make sure a provider isn’t lying about being a no-logs VPN.

Copyright Trolls

Copyright trolls are individuals and/or organizations targeting users engaging in the P2P file-sharing of copyright material (“torrentors”).

To do this, they monitor torrent sites like The Pirate Bay, track user IP addresses, and then use that information to target the individual. In some cases, copyright trolls don’t differentiate between legal and illegal torrenting and target legal torrentors on the basis of “guilty by association.”

Data Authentication

Data authentication is a cryptographic hash that uses one-way encryption to verify data shared on an encrypted VPN connection remains unchanged. You’ll typically see this disclosed in the encryption features page or FAQ with acronyms like SHA256 or SHA512.

DNS and DNS Leaks

DNS stands for “Domain Name System” and is used to translate text-based website addresses into the numerical IP address that computers and servers use to identify each other. Each device has its own IP address, so your Internet Service Provider (ISP) will typically handle DNS translations.

A VPN should handle these translations while you’re connected to a VPN server.

This protects your online privacy. A DNS leak happens when your ISP is still handling your DNS translations, which means it can still track your online activities. VPN providers need to use DNS leak protection to prevent this from happening.

Data Retention

Data retention refers to a nation’s legislation requiring online service providers, such as your ISP, to keep records of user activity, typically for up to 12 months but sometimes for as long as 5 years. This is to aid government surveillance and is especially common in 5 Eyes, 9 Eyes, and 14 Eyes countries.

5 Eyes, 9 Eyes, 14 Eyes

This refers to the international agreements allowing participating nations to share data collected on users from around the world. The 5 Eyes nations are Australia, Canada, New Zealand, the UK, and the US.

9 Eyes includes the 5 Eyes nations plus Denmark, France, the Netherlands, and Norway. 14 Eyes adds Belgium, Germany, Italy, Spain, and Sweden to the mix.

It’s highly recommended to read our Beginner’s Guide To The 5/9/14 Eyes Alliance to understand how it ties in with government surveillance, as well as the other allies and groups involved.

Geo-Blocks/Geo-Restrictions (also Geo-Spoofing)

Geo-blocks and other forms of geo-restrictions are a draconian form of online censorship.

It might refer to governments preventing citizens from accessing certain online resources, as is the case in countries like China and the UAE. However, it’s also used as a monetization method online, particularly by streaming services like Netflix and BBC iPlayer, to restrict user access to content based on geographical location.

This is usually achieved through matching IP addresses to different locations. While a VPN can typically help overcome geo-blocks through geo-spoofing (achieved by changing your IP address), this isn’t always the case.

See our best VPNs for Netflix and iPlayer VPNs guides for a full list of VPNs that will bypass these pesky geo-restrictions.

IP Address (also IP Leaks, IPv4, and IPv6)

Also referred to simply as an IP, your IP address is the Internet Protocol address. This is a unique numerical code assigned to every device and server. By connecting to a VPN server, your IP address is changed to that of the server.

IP addresses are typically split between IPv4 (the default 32-bit IP) and IPv6 (less common 128-bit IP). An IP leak refers to the VPN’s failure to hide your original IP address.


ISP stands for “Internet Service Provider,” the company that provides your internet connection. ISPs often slow your connection speed if you’re using a lot of bandwidth and typically aid in government surveillance.

Kill Switch (also NAT Firewall)

This is a very important VPN security feature that kills your internet access if the connection between your device and the VPN server is interrupted. Doing so prevents DNS and IP leaks. If in doubt, ask your VPN provider whether it offers a kill switch and if it’s enabled by default.

Kill switches might be supplemented with a NAT firewall preventing unauthorized connections.

Network Latency (also Server Overload and Network Congestion)

Network latency refers to how long it takes for data to be sent over an online connection. Lower latency means a faster connection.

Server overload, or network congestion, happens when the network latency slows down because the server is handling too much data at once. This typically happens when too many users are connected to the same VPN server.

Perfect Forward Secrecy

Perfect Forward Secrecy (PFS) is an extra layer of encryption that generates a unique session key and works with HTTPS (HyperText Transfer Protocol Secure) and TLS/SSL.

It’s highly recommended you read our Beginner’s Guide to Perfect Forward Secrecy (PFS) to get a better understanding of how this works.


Proxies, such as The Onion Router (TOR), offer low-end encryption, with the main focus instead being on geo-spoofing through changing your IP address. This is not a suitable replacement for using a VPN, but can be useful when used together with a VPN.

Shared IP (also Dedicated IP)

VPNs make use of a shared IP to increase user privacy by allowing users to share a single IP address based on the server they’re connected to. This makes it more difficult to identify single users.

Some VPN providers might also offer a dedicated IP option at extra cost. This gives the user sole use of an individual IP address belonging to the VPN. While it has its benefits, it can also make identifying the user easier (especially if the VPN provider keeps user logs).

Simultaneous Connections

This refers to how many devices a user can connect to the VPN at the same time. VPN providers typically limit this to 5, though some offer more.


VPN stands for “Virtual Private Network,” an online service that offers enhanced online privacy through encryption and changing your IP address.

Please see our Beginner’s Guide to VPNs to get a better understanding of exactly what a VPN is and how it works.

Warrant Canary

Warrant canary pages are used by some VPN providers to warn users when the company received a user data request from law enforcement.


WebRTC stands for “Web Real-Time Communication,” a set of software tools allowing P2P connections beyond torrent file-sharing (a common example would be for video chats). While WebRTC does use encryption, it’s also the most common source for DNS and IP leaks.


VPN Glossary Conclusion

While by no means exhaustive, we do hope our beginner’s guide to VPN terms will help you make better sense of the industry’s language and compare VPNs with confidence.

Mandee Rose

Mandee Rose

Mandee Rose is the editor and lead writer & researcher at TheVPNShop. A technical writer and blogger with 6+ years of experience in the cybersecurity sector. During her college years, she chased the dual-major of Cyber Security and Journalism while simultaneously offering freelance services online. As a result, Mandee was able to combine both of her passions by writing for companies like LatestHackingNews, BestVPN, Tactical Engine, Hoxhunt, AI Jobs (Medium Blog), and more. Today, she continues sharing her technical knowledge via investigative writing on topics like VPNs, programming, data breaches, artificial intelligence, and other infosec concepts.