The best VPN for journalists and activists privacy is Proton VPN — it's the only major provider built by the same team behind ProtonMail, headquartered in Switzerland under some of the world's strongest privacy laws, independently audited, and offering a verified no-logs policy backed by real-world legal tests. This guide walks you through selecting, installing, and hardening a VPN specifically for high-risk privacy work — not casual streaming.
What You'll Accomplish — and Why the Stakes Are High
Journalists protecting sources and activists evading surveillance face a fundamentally different threat model than someone hiding Netflix history. You need a VPN that won't hand over connection logs under a government subpoena, won't leak your real IP during a connection drop, and won't be trivially fingerprinted by deep-packet inspection. This guide covers setup on Windows 11, macOS 14+, Android 14+, and iOS 17+, plus hardening steps that make a meaningful difference in high-risk environments.
If you also handle sensitive documents or source communications, our Best VPN for Journalists & Source Protection in 2026 covers operational security layers beyond VPN alone.
Prerequisites / What You'll Need
- A device running Windows 11 (22H2 or later), macOS 14 Sonoma or later, Android 14+, or iOS 17+
- A Proton VPN account (free tier works; paid required for Secure Core and Tor-over-VPN)
- Two-factor authentication app: any TOTP app (Aegis on Android, Raivo on iOS, or Bitwarden Authenticator) or a FIDO2 hardware key (YubiKey 5 series)
- 15–30 minutes for initial setup and kill-switch verification
- For mobile: the official Proton VPN app from Google Play or Apple App Store — not a third-party IKEv2 config
Step 1: Create and Harden Your Proton VPN Account
Go to protonvpn.com and register with a ProtonMail address (preferred) or any email. During signup, Proton collects only your email — no name, no phone number required.
Enable MFA immediately. In account settings under Security → Two-factor authentication, enroll a TOTP app or a FIDO2 hardware key. Proton supports TOTP and WebAuthn/FIDO2 hardware keys (YubiKey, Google Titan). SMS is not offered, which is correct — SMS is interceptable via SS7 attacks and should be avoided for high-risk accounts.
Gotcha: If you use a personal Gmail to register, Google can see that you created a Proton account. Use a previously anonymous email or create a new ProtonMail address first.
Choose your plan:
- Free: $0/month, 1 device, servers in 3 countries, no Secure Core, no Tor-over-VPN
- VPN Plus: $4.99/month billed annually ($59.88/year), 10 devices, 8,800+ servers in 112 countries, Secure Core, Tor-over-VPN, NetShield ad/malware blocker
- Proton Unlimited: $7.99/month billed annually ($95.88/year), includes VPN Plus + ProtonMail Unlimited + ProtonDrive + ProtonCalendar
For active fieldwork, VPN Plus at $4.99/month is the minimum — you need Secure Core.
Step 2: Download the Official Client and Verify the Signature
Go to protonvpn.com/download. Download the installer for your OS. Do not use an app store for the desktop version if you want the most current release with the latest kill-switch fixes.
On Windows/macOS, Proton provides a SHA-256 checksum alongside the download. Verify it:
# macOS / Linux
shasum -a 256 ProtonVPN_installer.dmg
# Windows (PowerShell)
Get-FileHash ProtonVPN_win_installer.exe -Algorithm SHA256
Compare the output against the checksum on the download page. If they don't match, do not install — download again from a different network.
Expected output: An exact 64-character hex string matching the site's published checksum.
Gotcha: Proton rotates checksums with each release. Bookmark the official download page rather than saving the checksum from a cached copy.
Step 3: Install and Configure the Kill Switch
Launch the installer and follow the prompts. After login:
Windows/macOS:
- Open Settings → Connection
- Enable Kill Switch → Permanent (not "Standard" — Permanent blocks all traffic even when you manually disconnect, preventing accidental IP exposure)
- Enable DNS leak prevention — Proton forces DNS through its own encrypted resolvers when connected
Android:
- Go to Settings → Always-on VPN
- Select Proton VPN and toggle Block connections without VPN
- This is Android's native kill switch and is more reliable than the in-app version on some ROMs
iOS:
iOS does not support a true persistent kill switch at the OS level. The Proton app includes an in-app kill switch but there is a known edge case: on network transitions (Wi-Fi → cellular), there is a brief window before the VPN reconnects. This is a platform limitation, not a Proton bug. If your threat model requires zero-gap protection on iOS, disable Wi-Fi and use only one network type, or use a secondary device.
Step 4: Enable Secure Core Routing
Secure Core is Proton's multi-hop architecture. Traffic routes through a hardened server in Switzerland, Iceland, or Sweden before exiting through a regular VPN server. Even if the exit node is compromised, an attacker can only see encrypted traffic from the Secure Core node — not your real IP.
In the app: Profiles → Secure Core → Choose exit country
For journalists working on stories involving US government or EU institutions, route through Switzerland → US or Iceland → Netherlands. Switzerland is outside the 5/9/14 Eyes intelligence-sharing agreements and has rejected foreign surveillance requests in court.
Expected behavior: Your visible IP will be that of the exit country. DNS leak tests at dnsleaktest.com should show only Proton's Swiss DNS servers.
Gotcha: Secure Core adds 30–80ms latency. Video calls and large uploads will be slower. For interviews that must be anonymous, accept the tradeoff.
Step 5: Enable Tor-over-VPN for Maximum Source Anonymity (VPN Plus Required)
For communicating with sources using SecureDrop or .onion addresses, Proton's Tor-over-VPN routes traffic through the Tor network after the VPN tunnel — no separate Tor Browser configuration needed for this path.
In the app: Select any server labeled Tor in the server list.
Important limitation: Tor-over-VPN is slower (typically 5–20 Mbps) and unsuitable for video. Use it for text-based source communication, not general browsing during fieldwork.
Step 6: Verify No IP or DNS Leaks
Before any sensitive work, run this verification sequence:
- Connect to Proton VPN (Secure Core if available)
- Visit ipleak.net — your IP should show the VPN exit country, not your real location
- Visit dnsleaktest.com → Extended Test — all DNS servers should belong to Proton, in the expected country
- Visit browserleaks.com/webrtc — WebRTC should show no local IP (Proton's client disables WebRTC leak by default on desktop; on mobile, verify manually)
You should see: Zero results referencing your ISP, real city, or home country.
Recommended Tools for High-Risk Privacy Work
Proton VPN — Primary Recommendation
Proton VPN is headquartered in Geneva, Switzerland, governed by Swiss Federal Data Protection Act (FADP) — one of the few jurisdictions that has successfully resisted foreign surveillance requests. The encryption stack uses AES-256 for data, RSA-4096 for handshakes, and HMAC-SHA384 for authentication across OpenVPN and WireGuard protocols. The no-logs architecture was audited by Securitum in 2023. Proton has published transparency reports and has, on record, produced nothing useful to authorities because the logs don't exist.
Proton VPN supports: Windows 11, macOS 14, Linux (Debian/Ubuntu/Fedora), Android 14, iOS 17, Chromebook. Browser extension available for Chrome and Firefox (limited to browser traffic only — use the full app for device-wide protection).
MFA: TOTP and WebAuthn/FIDO2 hardware keys. No SMS option.
Pricing recap: Free ($0, 1 device), VPN Plus ($4.99/month billed annually), Proton Unlimited ($7.99/month billed annually).
Honest negatives: The desktop app UI is slower to load than NordVPN or ExpressVPN. The free tier's 3-country limitation makes it impractical for field use. Customer support response times for free accounts average 48–72 hours.
Try Proton VPN — Swiss jurisdiction, audited no-logs, Secure Core multi-hop included at VPN Plus tier.
NordVPN — Strong Alternative for Activists Needing Speed
NordVPN is a viable alternative when connection speed matters more than Swiss jurisdiction. Based in Panama (outside 14 Eyes), NordVPN uses AES-256-GCM via NordLynx (WireGuard-based) and OpenVPN. Its no-logs policy was audited by Deloitte in 2023 and PricewaterhouseCoopers in 2022. The Meshnet feature allows encrypted peer-to-peer connections useful for document transfers between trusted contacts.
NordVPN pricing: Complete plan at $5.99/month billed for 2 years (includes 1Password and NordPass), Plus plan at $4.99/month billed for 2 years (VPN + threat protection), Basic plan at $3.99/month billed for 2 years (VPN only). All plans support up to 10 simultaneous devices.
Platforms: Windows 11, macOS 14, Linux, Android 14, iOS 17, Android TV, Fire TV. MFA: TOTP and WebAuthn/FIDO2.
Honest negative: Panama jurisdiction is strong, but NordVPN had a server breach in 2018 (no user data was exposed, but the incident revealed a management interface had been left unsecured by a datacenter). Nord has since moved to diskless RAM servers.
Try NordVPN — faster speeds than Proton for activists who move frequently across countries.
For teams with multiple journalists or activists requiring shared account management, see our Best VPN for Small Business Employees in 2026 for multi-seat options.
Troubleshooting
Issue 1: "Kill switch blocking all traffic even after disconnecting VPN"
Fix: This is expected behavior when Permanent Kill Switch is enabled. Go to Settings → Connection → Kill Switch → Standard if you need internet access without the VPN. For fieldwork, leave it Permanent and reconnect to VPN instead of disabling the kill switch.
Issue 2: "DNS leak test shows my ISP's DNS servers"
Fix: DNS leak prevention may not have activated correctly. On Windows, go to Settings → Connection → DNS leak prevention → Toggle off and on. If the problem persists, check that no third-party DNS software (e.g., NextDNS local agent) is overriding Proton's resolvers.
Issue 3: "Secure Core servers show 'unreachable' or timeout"
Fix: Secure Core servers can be overloaded during peak hours. Switch between Secure Core exit countries (e.g., from Switzerland → US to Iceland → Netherlands). If all Secure Core servers fail, check protonvpn.com/status for reported outages.
Issue 4: "VPN disconnects when screen locks on Android"
Fix: Android's battery optimization is killing the Proton VPN background process. Go to Android Settings → Apps → Proton VPN → Battery → Unrestricted. Also re-verify that Always-on VPN is enabled in Android network settings, not just the in-app setting.
Issue 5: "Can't access .onion sites via Tor-over-VPN"
Fix: Tor-over-VPN requires the VPN Plus plan. Verify your subscription tier in Account → Plan. If you have Plus but Tor servers don't appear, force a server list refresh: Settings → Clear cache → Reconnect. Note that .onion routing requires Proton's Tor servers specifically — standard servers do not route to the Tor network.
FAQ
Does a VPN fully protect journalist sources from identification?
A VPN significantly reduces IP-based identification but is not a complete solution for source protection. A VPN hides your IP from websites and network observers, but it doesn't protect against endpoint malware, metadata in documents, or account login patterns. Proton VPN's no-logs policy means the provider cannot hand over connection records even under legal pressure — confirmed in practice. For full source protection, combine a VPN with Signal for communications, Tails OS for sensitive document work, and SecureDrop for anonymous file transfers. VPN is one layer, not the whole stack.
What makes Proton VPN specifically safer than other VPNs for activists?
Proton VPN is headquartered in Switzerland, which sits outside EU and US data-sharing frameworks and has rejected foreign surveillance requests in documented court cases. Its no-logs architecture was independently audited by Securitum in 2023. The Secure Core feature routes traffic through Switzerland or Iceland before exiting, meaning a compromised exit node reveals only encrypted traffic from the Secure Core server — not the user's real IP. Proton is also owned by Proton AG, a nonprofit-backed entity, not a private equity-owned holding company, which reduces commercial pressure to monetize user data.
Can governments detect that I'm using a VPN?
Yes, VPN traffic is detectable through deep-packet inspection (DPI) even when the content is encrypted — the traffic pattern and port usage are recognizable. Proton VPN's Stealth protocol (available on all paid plans) uses obfuscation to disguise VPN traffic as regular HTTPS, making it harder to detect and block in countries with active censorship (China, Iran, Russia). No obfuscation method is perfectly undetectable, but Stealth meaningfully raises the effort required for DPI-based blocking. If operating in a country with aggressive VPN blocking, enable Stealth under Settings → Protocol → Stealth before connecting.
Is the free tier of Proton VPN adequate for activist or journalist use?
The free tier of Proton VPN provides unlimited bandwidth and no data cap, which is better than most free VPNs. However, it lacks Secure Core multi-hop routing, Tor-over-VPN, the Stealth obfuscation protocol, and is limited to servers in 3 countries