The Review Benchest. 2024
Privacy & Security Editor's Pick

Proton VPN review (2026): the rare VPN that mostly does what it says

After six months of testing across nine countries, Proton VPN remains the only commercial VPN we'll comfortably recommend, with the caveat that no commercial VPN is the right answer to most threat models.

By Hugo Bellamy · Reviewer, Privacy & Crypto
Last updated · Tested over: 6 months across 4 OSes and 9 server locations
Product tested: Proton VPN Plus, Windows / macOS / iOS / Linux clients
Editorial independence: This review was researched, tested and written by our staff. The Review Bench accepts no affiliate compensation, no sponsorship, and no review-unit retention from manufacturers. Read our ethics policy.
At a glance
Pricing$9.99/mo for Plus (annual: $4.99/mo); free tier available
Best forPublic-Wi-Fi protection, geographic content access, journalists in restrictive networks (with caveats)
Our rating8.8 / 10

What works

  • Audited no-logs policy, with verifiable Swiss jurisdiction
  • Open-source clients with reproducible builds
  • WireGuard, OpenVPN, and Stealth (obfuscated) protocols
  • Free tier is genuinely usable, not a marketing trick
  • Net Shield blocks ads / trackers at DNS level

What doesn't

  • P2P performance varies wildly by exit country
  • Linux client GUI lags the Windows / macOS one
  • Streaming reliability against geo-fencing is unreliable
  • iOS app's split-tunneling is awkward by Apple's rules, not Proton's

Overview

Of the roughly two dozen consumer VPNs we have reviewed across the past several years, Proton VPN is the only one we have comfortably recommended without a litany of qualifications. This is not because Proton VPN is technically far ahead of the competition — Mullvad, IVPN, and a handful of others are also serious products — but because Proton has consistently demonstrated, through audits, public infrastructure documentation, and operational behaviour, that what they say about themselves is mostly true.

This review is a re-evaluation as of April 2026, after six months of daily use across four operating systems and nine server locations.

Disclosure: Proton VPN Plus subscription purchased at retail by our team. We do not have any commercial or personal relationship with Proton AG.

Key features tested

Proton VPN’s Plus tier ($9.99 monthly or $4.99 monthly billed annually) provides access to roughly 4,500 servers across 90+ countries, simultaneous connections on 10 devices, P2P-friendly servers, and the Secure Core multi-hop feature. Free tier users get three locations, one device, and capped throughput.

Protocol support: WireGuard (default), OpenVPN, and Stealth (Proton’s obfuscated protocol that makes the connection look like ordinary HTTPS, intended for hostile networks). All three protocols are available across Plus and free tiers.

Client coverage: Windows, macOS, iOS, Android, Linux (with both a GUI and CLI client), router firmware via WireGuard configurations, and a browser extension. We tested all clients except Android during the review window.

Net Shield is Proton’s DNS-based ad and tracker blocking, included with Plus. Three levels: off, ads/tracker only, ads/trackers/malware.

Secure Core routes traffic through a Proton-owned data center in a privacy-friendly jurisdiction (Switzerland, Iceland, Sweden) before reaching the user’s chosen exit country. We tested with Switzerland-Iceland and Sweden-Iceland routes.

Performance over six months

For throughput we used a 1 Gbps symmetric fiber connection and tested against speedtest.net, ookla, and direct iperf3 servers in target countries. Each test was run five times at different times of day; reported numbers are medians.

On WireGuard:

On OpenVPN, throughput dropped 30-45% across all routes, which is consistent with what we measured a year ago and consistent with the protocol’s overhead.

Connection establishment time on WireGuard averaged 1.4 seconds across all tested locations. On OpenVPN, 4-7 seconds.

Connection stability over six months: 99.5% uptime measured (we ran a daemon that pings a remote server through the VPN every 60 seconds and logs failures). Failures were typically less than 30 seconds and recovered automatically.

DNS leak testing (using ipleak.net, dnsleaktest.com, and our own DNS log on the WireGuard server) showed no leaks across any client or any tested server, on any OS, with kill-switch enabled.

Audit behaviour: Proton commissioned Securitum to audit their VPN no-logs claim in 2022 and again in 2024. Both audits confirmed the absence of session-level logs in production. We read both reports. They are credible — the methodology is described, the limitations are stated, and the conclusions are appropriately bounded. They are not proof of perpetual no-logs operation; nothing can be.

Strengths

The audit cadence and the audit credibility. Securitum is an established firm that has audited a number of privacy-critical products, and their reports are accessible and clear about what they did and did not test. Proton’s willingness to publish audit reports, including the parts that found minor issues, is the right pattern.

Open-source clients with reproducible builds. The Linux client and the iOS client are open-source; the Windows / macOS clients have published build configurations that allow reproducible builds. We did not personally rebuild and verify, but the build artifacts have been independently rebuilt by external researchers.

Swiss jurisdiction is a meaningful (not perfect) advantage. Switzerland’s data-retention regime does not require commercial VPNs to log session data. The 2019 case where Proton complied with a Swiss court order for IP information of a French climate activist is well-documented; users should understand that “Swiss jurisdiction” means “subject to Swiss law” and not “immune to lawful process.”

Free tier is usable. We can recommend the Proton VPN free tier without qualifications for occasional public-Wi-Fi protection. This is unique in the industry; almost every other “free” VPN is either advertising-funded (collecting more data than the ISP it’s protecting against) or rate-limited to uselessness.

WireGuard performance is excellent. 940 Mbps on a 1 Gbps connection is essentially line-rate. This matters for daily use; 30% throughput losses (typical of OpenVPN-only providers) make the VPN something you turn on for specific tasks rather than something you can leave on constantly.

Weaknesses

P2P performance is inconsistent by server. Some Plus servers (particularly in Switzerland and Sweden) deliver near-line-rate throughput for BitTorrent; others throttle to 30-40 Mbps. Proton’s documentation claims “all Plus servers support P2P” but does not specify performance characteristics by server.

Streaming-service unblocking is unreliable. We tested US Netflix, BBC iPlayer, and Hulu across the testing window. Detection rates fluctuated, with extended periods (multiple days) where US Netflix would refuse to play any content from any Proton server. If streaming is your primary use case, dedicated streaming VPNs are better suited (with the caveat that we don’t recommend them on privacy grounds).

The Linux GUI lags. The CLI client is excellent, but the GUI on Linux feels like a port of the Windows app and is slower to launch and less responsive to settings changes. Linux users who want a GUI will find the experience inferior to Windows or macOS.

iOS split-tunneling is awkward, but this is Apple’s fault, not Proton’s. Apple does not allow third-party VPNs to implement granular split-tunneling at the per-app level on iOS. Proton implements what they can within Apple’s API, which is “all-or-nothing.” Users who want per-app VPN routing on iOS need Apple’s own iCloud Private Relay, which solves a different problem.

What a VPN can and can’t do

This section exists because we get more “should I use a VPN” questions than any other category, and the marketing claims most VPN providers make are misleading.

A VPN moves the trust boundary. It does not eliminate it. With a VPN, your DNS queries and traffic destinations are visible to your VPN provider rather than to your ISP. If your VPN provider is more trustworthy than your ISP for your threat model, this is a win. If not, it isn’t.

A VPN protects against passive observation on a hostile network (public Wi-Fi, hotel Wi-Fi, certain national ISPs). It does not protect you from a website tracking you with cookies, fingerprinting, or behavioural analytics. It does not protect you from a malware infection on your device. It does not protect you from a friend tagging you in a photo on a social network.

A VPN can help with geographic content restrictions (with mixed reliability, see above). It cannot make you anonymous on websites where you are logged in. It cannot prevent law enforcement from compelling production of records via lawful process.

For most users, a quality DNS provider (Quad9, Cloudflare, NextDNS) and consistent HTTPS use achieves more privacy gain than a VPN. For specific use cases — public Wi-Fi, certain national contexts, geographic access — Proton VPN is the right tool.

Verdict

Proton VPN is the only consumer VPN we comfortably recommend, with the threat-model qualifications above. The audit posture, the technical execution, and the genuinely usable free tier put it in a category by itself. It is not a privacy shield by itself, and the marketing rhetoric in the broader VPN industry should be discounted heavily.

We’re scoring 8.8 with an Editor’s Pick.

FAQ

See frontmatter.

Hugo Bellamy reviews privacy tools and consumer cryptocurrency products for The Review Bench. The Proton VPN Plus subscription was purchased at retail by our team in October 2025. Hugo has no prior relationship with Proton AG.

The verdict

Across six months of daily use, Proton VPN delivered consistent throughput on its Plus tier, demonstrably independent server architecture, and a verifiable no-logs claim backed by an annual third-party audit. The free tier remains the strongest in the industry. Earns Editor's Pick at 8.8 — but read the threat-model section before you buy.

Frequently asked

Should I use a VPN at all?

Probably not, for most threat models. A VPN moves your traffic from being seen by your ISP to being seen by your VPN provider. Unless your ISP is materially worse than your VPN provider for your specific threat model — which is true for some users (public Wi-Fi, hostile ISPs in certain countries) and not for others — the VPN is moving the trust boundary, not eliminating it. Read the 'What a VPN can and can't do' section in this review before you spend money.

Is Proton VPN really no-logs?

As of the most recent audit (2024, by Securitum), the no-logs claim was found valid for what the audit could verify — the absence of session-level logs in the production infrastructure they sampled. No external audit can prove the absence of logs at all times, but Proton's audit cadence, jurisdictional position (Switzerland), and cooperative posture toward audits is the best in the industry. The 2019 case where they handed over IP information for a French climate activist (in compliance with Swiss law, after exhausting their challenges) is a useful data point for understanding what Swiss jurisdiction actually means.

Does it unblock Netflix?

Sometimes. Streaming-service unblocking is a perpetual cat-and-mouse game, and Proton's reliability fluctuates. We saw 60-70% reliability for US Netflix from non-US servers during our testing window. If Netflix unblocking is your primary use case, dedicated streaming VPNs (and we don't recommend any of them on privacy grounds) are more reliable.

WireGuard or OpenVPN?

WireGuard, almost always. Throughput is significantly higher (we measured 940 Mbps on WireGuard vs. 580 Mbps on OpenVPN for the same server), connection times are faster, and the protocol is simpler and easier to audit. Use OpenVPN only if your network actively blocks WireGuard.

What about the free tier?

The Proton VPN free tier is genuinely usable and is the strongest in the industry. Three locations (US, Netherlands, Japan), no data cap, but capped throughput. We tested the free tier for one month: it averaged 80-120 Mbps depending on time of day. For occasional public-Wi-Fi protection, the free tier is sufficient.

Should journalists or activists rely on this?

Cautiously, and with adversary-specific advice. Proton VPN is a reasonable layer in a broader threat model that includes Tor, threat-modeling-aware browser hygiene, and operational discipline. It is not a shield by itself. For users in adversarial-state contexts, our recommendation is to use Proton VPN's Stealth protocol with the Secure Core feature, behind Tor, and to read EFF and Access Now's threat-model guidance before relying on any single tool.

More from Privacy & Security

Privacy & Security

YubiKey Bio review: a fingerprint-bound security key that earns its premium

The YubiKey Bio adds an on-key fingerprint sensor to Yubico's flagship FIDO2 / WebAuthn / OTP platform. Three months of daily test…

By Hugo Bellamy
 Privacy & Security

Bitwarden vs. 1Password (2026): the comparison nobody finishes the same way twice

Bitwarden and 1Password are the two password managers we recommend without qualification. They differ on a small number of axes th…

By Hugo Bellamy