How can we help you?

Which NordVPN protocol should I choose? | NordVPN support

This article is available in German, Italian, Japanese, Korean, Polish, Portuguese-Brazilian, Danish, Norwegian, Traditional Chinese, French, Dutch, Swedish, and Spanish.

NordVPN supports a number of security encryption protocols to provide a VPN service. The security levels and purposes of these VPN protocols are different, but so are our customers’ needs. We encourage you to take a closer look at the strengths and weaknesses of each VPN protocol. While we want you to be able to choose freely, we also feel it’s our duty to advise you on what might suit you best.

1. OpenVPN

OpenVPN is a mature and robust piece of open-source software that enables us to provide a reliable and secure VPN service. It is a versatile VPN protocol that can be used on both TCP and UDP ports. OpenVPN supports a great number of strong encryption algorithms and ciphers: to ensure the protection of your data, we use AES-256-GCM with a 4096-bit DH key. If you are conscious about your security and are wondering what the most stable NordVPN protocol is, we recommend OpenVPN.

2. IKEv2/IPsec

IKEv2/IPsec significantly increases the security and privacy of users by employing strong cryptographic algorithms and keys. NordVPN uses NGE (“next-generation encryption”) in IKEv2/IPsec. Phase1 keys are generated using AES-256-GCM, SHA2-384, and PFS (Perfect Forward Secrecy) using 3072-bit Diffie-Hellman keys. IPsec then secures the tunnel between the client and server, using strong AES-256 encryption. This VPN protocol provides the user with peace-of-mind security, stability, and speed.

3. WireGuard (NordLynx) (Recommended by NordVPN and used by default in most of our apps)

WireGuard is the newest and fastest tunneling protocol, and the entire VPN industry is talking about it. It uses state-of-the-art cryptography that outshines the current leaders, OpenVPN, and IPSec/IKEv2. However, it’s still considered experimental, so VPN providers need to look for new solutions (like NordLynx by NordVPN) to overcome WireGuard’s vulnerabilities.

Modern, extremely fast, and incredibly lean in its architecture, WireGuard is backed by thorough academic research. WireGuard consists of only 4,000 lines of code, making it easy to deploy, audit, and fix. To put it into perspective, OpenVPN runs on 400,000 lines of code, meaning that WireGuard makes up only 1% of OpenVPN’s massive architecture. 

NordLynx is currently used by default in NordVPN apps. If you’re wondering which VPN protocol is best for gaming or other online speed-dependent activities, the answer is always NordLynx.

Want to learn more?

Check out NordVPN on YouTube!


Tip: Your VPN connection safety depends not only on NordVPN encryption but on your account password too. Don't forget to use a strong password on your account, because it will help you avoid credential stuffing attacks and keep your connections safe and uninterrupted.

Because generating and remembering strong and secure passwords is not an easy task, we recommend downloading our free password manager — NordPass. It generates secure passwords for you and stores them safely, letting you avoid time-wasting password resets in the future.

Related Articles
© Copyright 2022 all rights reservedSelf-service by