How to Change your VPN Password

Step 1:
Click here to open a new window and display a list of your subscriptions. If you are not logged in, please enter your username and password.

Step 2:
Click the View details button next to the service you wish to change the password for.

Step 3:
Click on the Change Password tab button

Step 4:
Enter your new password twice and click Save changes.

How to Change your Client Area Password

Step 1:
Click here to open a new window and display the change password form. If you are not logged in, please enter your username and password to login. If you cannot remember your password, click here to request a password reset.

Step 2:
Enter your existing password followed by a new password. Repeat the new password and click the Save Changes button.

PPTP VS L2TP VS OpenVPN

Background

A very basic VPN protocol based on PPP. PPTP was the first VPN protocol supported on the Microsoft Windows platform. The PPTP specification does not actually describe encryption or authentication features and relies on the PPP protocol being tunneled to implement security functionality.

An advanced protocol formally standardized in IETF RFC 3193 and now the recommended replacement for PPTP where secure data encryption is required.

OpenVPN is an advanced open source VPN solution backed by the company ‘OpenVPN technologies’ and which is now the de-facto standard in the open source networking space. It uses uses the mature SSL/TLS encryption protocols.

Data Encryption

The PPP payload is encrypted using Microsoft’s Point-to-Point Encryption protocol (MPPE). MPPE implements the RSA RC4 encryption algorithm with a maximum of 128 bit session keys.

The L2TP payload is encrypted using the standardized IPSec protocol. RFC 4835 specifies either the 3DES or AES encryption algorithm for confidentiality. Purchase-VPN uses the AES algorithm with 256 bit keys. (AES256 is the first publicly accessible and open cipher approved by the NSA for top secret information)

OpenVPN uses the OpenSSL library to provide encryption. OpenSSL supports a number of different cryptographic algorithms such as 3DES, AES, RC5, Blowfish. As with IPSec, Purchase-VPN implements the extremely secure AES algorithm with 256 bit keys.

Setup / Configuration

All versions of Windows and most other operating systems including mobile platforms have built in support for PPTP. PPTP only requires a username, password and server address making it incredibly simple to setup and configure.

All versions of Windows since 2000/XP and Mac OSX 10.3+ have built in support for L2TP/IPSec. Most modern mobile platforms such and iPhone and Android include built in clients.

OpenVPN is not included in any operating system release and requires the installation of client software. The software installers are very user friendly and installation typically takes less than 5 minutes.

Speed

With 128 bit keys, the encryption overhead is less compared to OpenVPN which may make the VPN feel slightly faster than with 256 bit keys although the difference is negligable.

L2TP/IPSEC encapsulates data twice making it less efficient and slightly slower than its rivals.

When used in its default UDP mode, OpenVPN provides the best performance.

Ports

PPTP uses TCP port 1723 and GRE (Protocol 47). PPTP can be easily blocked by restricting the GRE protocol.

L2TP/IPSEC uses UDP 500 for the the initial key exchange, protocol 50 for the IPSEC encrypted data (ESP), UDP 1701 for the initial L2TP configuration and UDP 4500 for NAT traversal. L2TP/IPSec is easier to block than OpenVPN due to its reliance on fixed protocols and ports.

OpenVPN can be easily configured to run on any port using either UDP or TCP. To easily bypass restrictive firewalls, OpenVPN can be configured to use TCP on port 443 which is indistinguihasble from standard HTTP over SSL making it extremely difficult to block.

Stability / Compatibility

PPTP is not as realiable, nor does it recover as quickly as OpenVPN over unstable network connections. Minor compatibility issues with the GRE protocol and some routers.

L2TP/IPSec is more complex than OpenVPN and can be more difficult to configure to work reliably between devices behind NAT routers. However as long as both the server and client support NAT traversal, there should be few issues. In practice L2TP/IPSec has shown itself it be as reliable and stable as OpenVPN for Purchase-VPN.Com customers.

Very stable and fast over wireless, cellular and other non reliable networks where packet loss and congestion is common. OpenVPN has a TCP mode for highly unreliable connections but this mode sacrifices some speed due to the ineffeciency of encapsulating TCP within TCP.

Security weaknesses

The Microsoft implementation of PPTP has serious security vulnerabilities. MSCHAP-v2 is vulnerable to dictionary attack and the RC4 algorithm is subject to a bit-flipping attack. Microsoft strongly recommends upgrading to IPSec where confidentiality is a concern.

IPSec has no major vulnerabilities and is considered extremely secure when used with a secure encryption algorithm such as AES.

OpenVPN has no major vulnerabilities and is considered extremely secure when used with a secure encryption algorithm such as AES.

Client compatibility

  • Windows
  • Mac OSX
  • Linux
  • Apple iOS
  • Android
  • DD-WRT
  • Windows
  • Mac OSX
  • Linux
  • iOS
  • Android
  • Windows
  • Mac
  • Linux
  • Android (via 3rd party app)

Conclusion

Due to the major security flaws, there is no good reason to choose PPTP other than device compatibility. If you have a device on which neither L2TP/IPsec or OpenVPN is supported then it may be a reasonable choice. If quick setup and easy configuration are a concern then L2TP/IPsec should be considered.

L2TP/IPSec is an excellent choice but falls slightly short of OpenVPN’s high performance and excellent stability. If you are using a mobile device running iOS (iPhone) or Android then it is the best choice as OpenVPN does not currently support these platforms. Additionally if a quick setup is required, L2TP/IPSec may be a better option although this should not be an important consideration.

OpenVPN is the best choice for all users of Windows, Mac OSX and Linux desktops. It is extremely fast, secure and reliable. Additionally, the
Purchase-VPN.com multihop network is only available when connecting via OpenVPN. The only downside is its current lack of support for mobile devices and the requirement to install a 3rd party client.

Why is Purchase-VPN the Fastest VPN Service?

Purchase-Vpn was built upon a number of core principles, but the two most important have always been security and speed. In fact, speed and security are related as we found out after much research. Users who got frustrated by the speed of their connection whilst connected to a VPN would often disconnect and jeopardize their security just to regain the speed they were used to before using the VPN. Sacrificing security for better performance is very dangerous in our book, so we knew that if Purchase-Vpn.Com was ever going to provide a truly secure environment for our users, we had to ensure we were fast, really fast.

    • – We have researched the international wholesale bandwidth markets to find not only trusted partners to host our VPN gateways, but also those with premium bandwidth. Premium bandwidth is expensive but this is the foundation for our fast service.
    • – Speed is not just about throughput, in fact latency is most often the cause of ‘speed’ problems. Part of the problem in the bandwidth industry is the use of the word ‘faster’. Is a Boeing 747 faster than a 737? No, but the 747 can carry 3 times as many passengers, so its 3 times as big, not 3 times as fast. If you had to fly 2000 people across the world, the 747 could do it in 4 trips whereas the 737 would take 12 trips, so you could say the 747 is faster at transporting large numbers of people but never that it is 3 times faster. This is the problem, companies say ‘speed’ when they actually should be using the term ‘capacity’. It is very possible to have a high capacity but slow connection.When someone tells you that your Internet connection has a capacity of 10 Mbit/sec we have to remember that 10 Mbit/sec is its capacity, not its speed. Speed is a measure of distance over time, and ‘bits’ are not a measure of distance. Just like a hard disk seek time, latency is the minimum time between requesting a piece of data and receiving it. In order to minimize the latency we placed VPN gateways servers as physically close to our customer base as possible and continually revise existing and new locations for opportunities to get gateways closer to customers thereby increasing the true ‘speed’ of our VPN service.
    • – We build VPN servers which can easily handle the heavy encryption overhead for hundreds of users simultaneously. We have a a minimum server specification which includes the latest multi-core processors and gigabit ethernet interfaces.
    • – We maintain an extremely low subscriber ratio per server to ensure that performance does not decline at peak periods. The majority of our servers operate at a fraction of their capacity to allow for bursts and high demand periods.
    • – Knowing how expensive bandwidth can be, we thought we had to place a limit on how much data a customer could download in a month. However, when we launched we realized that only a small number of people use a significant amount of bandwidth and overall our high capacity servers could easily handle the bandwidth demand. So we decided to enforce a ‘no hard’ limits policy. If we detect that a customer is downloading data at an extreme rate that is effecting our other customers then we may issue a warning, but so far we have never had to.
  • – Finally, high performance relies on constant monitoring to forward plan capacity and resolve communication problems as close to real time as possible. So we implemented a 24/7 enterprise class monitoring system to alert our network engineers of any issues and allow us to spot trends and ensure we can always meet our customers expectations.

What is a VPN?

A VPN or Virtual Private Network provides an encrypted tunnel between two computers on the Internet. Each computer uses a shared secret to encrypt all data between them. Unlike a proxy service, once a VPN is established, all incoming and outgoing traffic between the two hosts is encrypted. It therefore encrypts not only your web browsing, but also your email, skype, VoIP etc. Most importantly, your ISP or anyone for that matter, cannot log, view, or control your Internet activity whatsoever.

From the perspective of websites and other services on the Internet, when you are connected to the VPN your traffic will appear to originate from the VPN server.
Therefore, if you connect to a UK VPN server your IP address will appear to be a UK IP address. Your actual IP address and location will be completely hidden and impossible to determine unless you voluntarily give this information out e.g. when completing an online form etc.

what-is-a-vpn

In the diagram above, there are two users, Alice and Bob. Alice is not using a VPN service whilst Bob is connected to iVPN.net. Both users are browsing ‘news.com’ and ‘forum.com’.

In Alice‘s case, her traffic is flowing through the ISP without any encryption and so the logs record exactly where she is connected. The servers to which she is connected also log her real IP address affording her no privacy.

In Bob‘s case, he is connected to the Purchase-VPN.Com server and therefor all traffic through the ISP is encrypted. The ISP can only record that bob is connected to the Purchase-VPN.Com server, nothing else. The servers to which he is connected think that it is the Purchase-VPN.Com server which has connected to them and so they can only record the IP address of the Purchase-VPN.Com server in their logs.

What is a VPN Tunnel?

This page will attempt to describe very simply what a VPN tunnel is within the context of a VPN service designed to provide strong anonymity and privacy.

A VPN tunnel performs an operation known as data encapsulation. In order to understand what encapsulation is, let us attempt a simple analogy. If you were a political refugee living in another country and your location was confidential for your safety but you needed a way to communicate with some key people back in your country without them knowing where you were, how would you do it?

Well, one way would be to grab a blank postcard, write the message and the address of the person who the message is for on the postcard and then put the postcard into an envelope and post it to one of your trusted friends in your home country. When you friend receives the envelope, he opens it up and puts it in a local post box. The recipient of the postcard has no knowledge of where the postcard came from since the stamp is local.

what-is-vpntunnel

The act of putting the postcard into the envelope with its own address is equivalent to encapsulation and when you do this with data on the Internet, you create a virtual private network tunnel or VPN tunnel. Although this would technically be a VPN, it’s not actually very private until you encrypt the contents of the envelope. Without encryption, we could still achieve some level of anonymity but what if the final recipient was powerful enough and had friends in the post office? In this case the post office employee could see the stamp on the envelope before it reached your friend and leak your location.

To achieve a much higher level of anonymity and privacy, you need to encrypt the contents of the postcard inside the envelope so that only yourself and your friend can decode it. Now, if anyone intercepted the envelope en route to your friend and opened it they would have no idea who the postcard was addressed to nor would they understand the contents of the message. When your friend receives the envelope he would open it and decrypt the message and forward it to its final recipient. In the context of an anonymous VPN service, your friend would be the VPN service and the final recipient would be the website you are browsing. It is worth noting at this point that the message sent from your friend to the final recipient cannot be encrypted since the final recipient does not have the decryption key. Equally, when using a VPN service, the data sent from the VPN service to the destination website cannot be encrypted; however this does not affect your anonymity since your private IP address has been replaced with the address of the VPN service.

Whilst communicating with your friend, it’s as if there is a secure tunnel between the two of you protecting the contents. This is why it is called a virtual tunnel or more commonly, a VPN tunnel.

What is a Multihop VPN Service

When connecting to a Multihop server, instead of your traffic being routed through a single VPN server, it is routed through 2 or more VPN servers. This technology has been carefully incorporated into the Purchase-VPN.Com network using the same 256 bit OpenVPN encryption as the singlehop VPN servers. Multihop connections offer significantly higher levels of anonymity and privacy however they are slightly slower than single hop connections due to the additional hop that your traffic is routed through. We therefor offer our customers a choice of single and multihop connections.

In the diagram below Bob (in Brazil) is browsing the news.com.au website in Australia. The traffic is being routed first through the USA server and then through the Amsterdam server before reaching the destination server.

Windows 7 PPTP Setup Guide

Windows users don’t have to download any software to have PPTP working correctly.
PPTP software is built into Windows xp, vista & 7

Press the start button, then Control Panel
Open Network and Sharting Center (from control panel)
Select “Connect to a network”.

Select, Connect to a workplace (Set up a dial-up or VPN connection to your workplace)

Click Next Select, Use my internet connection (VPN)

Type in the name of the Purchase-Vpn server
Type in the server name example: Purchase-Vpn US1 (into the Destination name) Click Next

Type in your username and password(lower case).
Select Remember password (if you dont wish to type this in each time you connect)

Press Connect

Depending on your windows configuration you may get asked what network security profile to use on connection, we recommend you select “Public Network” for maximum security.

To disconnect or reconnect to saved PPTP server profiles click the network icon in your tray menu in the bottom right corner.

Extra Security Settings

In the Connect to a network screen, VPNSecure connection will appear (under network and Sharing Center)
Right click on the (example: Purchase-VPN PPTP) and select properties.
Click on the Networking TAB.
uncheck Internet Protocol Version 6
uncheck File and Printer Sharing for Microsoft Networks

Troubleshooting

If you have any issues getting connected, you should see our Troubleshooting Guides

Windows Vista PPTP Setup Guide

PPTP Configuration for Windows Vista

1.From the Start button, select Connect To.

vista_pptp_1

Select Set up a connection or network.

vista_pptp_2

3.Select Connect to a workplace and click Next.

vista_pptp_3

4.Select Use my Internet Connection (VPN).

NOTE: If prompted for “Do you want to use a connection that you already have?”, select No, create a new connection and click Next.

vista_pptp_4

5.In the Internet Address: field, type Your Server Address ( Example: Us.purchase-VPN.Com )

6.In the Destination Name: field, type Your Server Name ( Example: Purchase-VPN PPTP).

vista_pptp_5

7.In the User Name: field, type your Username .

8.In the Password: field, type your Password .

vista_pptp_6

9.Click the Create button and then click the Close button.

vista_pptp_7

10.To connect to the VPN server after creating the VPN Connection, click on Start, then Connect to.

11.Select the VPN connection in the window and click Connect.

vista_pptp_8

Troubleshooting

If you have any issues getting connected, you should see our Troubleshooting Guides