Private Internet Access for Windows

Private Internet Access for Mac Private Internet Access for Windows Private Internet Access for iOS Private Internet Access for Android Private Internet Access for Linux

Last week I covered setting up Private Internet Access for Mac. This week’s post on the topic will cover the Windows operating system. Even though the Private Internet Access interface is very similar from Mac to Windows, there are a couple subtle differences. The next couple of posts will cover iOS and Android. If sufficient interest exists, I will also do one for Linux (if you’d like to see Linux, message or comment). Without further ado, Private Internet Access for Windows:

Private Internet Access for Windows- Basics

Like last week’s post, setting up Private Internet Access for Windows is a fairly painless process. First, purchase a PIA subscription. Next, download and install the PIA application. Once the PIA application is installed and running, you will see a PIA logo in your task bar. The logo is your indicator that you are connected to the VPN. If it is green with a small check-mark beside it, you are connected. If it is greyed out, you are unconnected. Clicking this logo will allow you to select a VPN server, connect, disconnect, and exit the application. It will also allow you to access the settings.

Private Internet Access For WindowsClicking “Settings” will open a new window. This contains only basic settings including username, password, and auto-start/auto-connect.  For maximum protection, I recommend checking both the “Start application at login”, “Auto-connect on launch”, and “Show desktop notifications” boxes. The “Region” drop down allows you to select the server set to which your VPN automatically connects. To access additional settings, click the “Advanced” button.

Private Internet Access for Windows – Connection Settings

The settings menu will expand to include connection settings. I will only address the settings that are pertinent to security and privacy.

Connection type: The first setting is Connection type and the options are UDP and TCP. The UDP connection is generally preferred for VPNs for performance reasons. Some public networks attempt to limit VPN traffic by blocking UPD packets. If you run into this, switching to TCP may help resolve the situation.

PIA MACE™: This setting purports to be a built-in ad blocker. I am still unsure of how this technology works, and have not played with it enough to be comfortable recommending it.

VPN Kill Switch: The next setting you should look at is the “VPN Kill Switch”. This “kills” your internet connection should the VPN connection drop unexpectedly (hey, it happens).  This setting can be a bit tricky, however.The problems people are likely to run into are situations like logging into hotel or coffee shop internet. Packets from the computer are blocked until you sign in on the host’s website. Because the VPN can’t connect, it won’t let you onto the internet to sign in – your standard Catch-22. In situations like this you can either a. open PIA’s settings, disable the kill switch, or b. exit the VPN program (my preferred technique). You can then sign into the hotel’s Wi-Fi, re-open PIA/re-enable the kill switch and you should be good to go.

DNS Leak Protection: This setting should be checked! This setting ensures that DNS requests are routed through the VPN. By default this option is left unchecked because it may cause connectivity issues on some networks. I recommend checking it, and unchecking only if you experience problems.

IPV6 leak protection: Even though your VPN will always protect your IPV4 IP address, your IPV6 address can still leak. I’ll spare you the technical details, but you should leave this box checked.

Private Internet Access for Windows
Even though “DNS Leak Protection” is not checked in this screenshot, it should be!

Private Internet Access for Windows – Crypto Settings

Clicking the “Encryption” button displays more options. You can manipulate the data encryption, data authentication algorithm, and handshake protocol strength. These options are defaulted to a compromise between performance and security (AES-128, SHA-256, RSA-2048). I prefer to go as secure as possible, and accept the possible loss in performance. My recommended settings are, as shown below, AES-256, SHA-256, and RSA-4096.

Private Internet Access for WindowsOf course these are just recommendations. Even in its default state Private Internet Access provides excellent protection, especially when compared with browsing unprotected. As always, I will point out that there are plenty of other good VPN services out there. Do your homework and choose what your are comfortable with.

If you enjoyed this article and would like exclusive content, sign up for the Operational-Security Newsletter.

4 thoughts on “Private Internet Access for Windows”

  1. Thanks. I subscribed to PIA on your recommendation. The only issue that I ran into on Windows is with running as a limited user (non-admin). I run under a limited account for security reasons – to limit the attack surface (for, say, malware exposure). As a limited user, I have to manually start the PIA executable – pia_manager.exe – with “Run as Administrator” after logging into the account. Works fine after I do that.

    1. Thanks for commenting. Also, thank you for point that out. Running a standard user account is definitely best-practice and is something I strongly recommend. It can cause slight issues, though, as you discovered. Right-clicking and using “Run as Administrator” can help clear up a lot of those types of issues.

      Thanks again for commenting and for the good advice,
      Justin

Leave a Reply

Your email address will not be published.