Strong VPN Review
Strong VPN operates out of the US since 2005. It might be popular among the expats living in China, but other than that, it keeps a low profile.
Perhaps, this helps them stay below the radar of streaming giants like Netflix. Strong VPN offers servers in 47 cities across 26 countries, support for multiple protocols including OpenVPN, zero logs, cross-platform support, and up to five simultaneous connections.
Glossy on the surface, it turned out to be a pain to use. Here is why.
Pricing and Plans
Without offering a short free or even paid trial, Strong VPN leaves you with no choice but to subscribe to a $10 monthly plan, if you just want to dip your toes into these waters.
A three-month subscription is priced at $24 while an annual plan is $70. You can pay with PayPal, Bitcoin, credit card, and AliPay. A seven-day money-back guarantee should cover all your first-time purchases.
Once my payment went through, I received a welcome email – attention – with my login and password in plain text. Not only was I unable to set my password when subscribing, but they also sent it to me in plain text. That’s odd approach from a privacy-focused provider.
Strong VPN offers native software for Windows, Mac, Android, and iOS. But setting up the service requires inhumane patience, live support assistance multiplied by trial and error. Strong VPN seriously needs to hire a UX specialist to fix the incredibly convoluted customer dashboard on their website and the whole setup and usage process as such. Because right now, it’s a steaming mess.
When I logged in to my customer dashboard, I discovered I had no access to OpenVPN – “you have no OpenVPN accounts,” it said. Launching the desktop app confirmed the same – I could not choose OpenVPN protocol from the app.
Thankfully, the live chat support was immediately available, and Dzmitry explained I needed to:
launch the app → go to Change Location → choose By Server (manually) → Next → pick a city from the drop-down list and select OpenVPN from the protocol drop-down → test the server speed (optional) → next → Switch → OK → Connect.
Phew! Except for it didn’t work three times in a row, after which Dzmitry suggested I let him fix the whole thing via TeamViewer. But I was poking at things in my customer dashboard and noticed the big blue button that read “Switch Server,” so I followed the invitation, which lead me to a list of servers I could sort by their support for OpenVPN. That’s where I was able to pick a server and switch it manually. This time, the change went through, and Dzmitry confirmed it was in effect almost immediately.
After that, I was able to use OpenVPN (protocol) and tweak the app’s many settings to my liking. Overall, I’m content with their support, except for one huge nag.
I inquired about the availability of the OVPN files for the OpenVPN open-source program. It turns out it’s unavailable until you switch your default PPTP server to an OpenVPN server from the dashboard or app, whichever works for you.
Next – and this is the most ridiculous thing I’ve ever encountered in a VPN setup – you need to manually go through the entire torture of switching the server from your dashboard to generate an OVPN config file for each server you wish to use. But wait for the other shoe to drop!
Once you switch to a new server from your customer’s dashboard, the old config file will no longer work! This means if you want to be able to connect to a couple of US servers, and one or two UK ones using OpenVPN software, you’re forced to go through the debacle every time you wish to switch a server.
Moreover, the dashboard now contained another set of login/pass combo for OpenVPN, which was mind-numbingly confusing. Was I to use it for the app? No, I was to use it for the OpenVPN GUI, if I chose to use it over their native app.
When I asked Dzmitry about all of this - just to clarify the absurdity - he knocked me down with “But why do you need OpenVPN GUI? You can connect from Strong VPN client.”
Many VPN users prefer open-source OpenVPN to proprietary VPN programs out of considerations of privacy and security. Since the OpenVPN app is constantly audited by the GitHub community, users rest assured the app does what it’s supposed to do. Proprietary, closed-source apps, on the other hand, sometimes come bundled with malware, adware, tracking features unknown to the user. I may not wish to install yet another third-party app when I have an option to use OpenVPN, after all.
The bottom line is – not only Strong VPN forces long-term subscriptions onto users, but they also effectively rule out the OpenVPN software out of the equation by making it extremely inconvenient to use.
The Strong VPN native program is hideous but usable once you get used to it.
The native Strong VPN program allows you to customize many aspects of the service – from connecting on launch to enabling a kill switch, setting values for log verbosity, compression, timeout, allow direct traffic when reconnecting and view your account information.
The availability of the granular controls is a welcome feature, if only it didn’t come at the price of such a strangely over-complicated user interface.
Strong VPN performed well in my speed tests, but it was a weak consolation after the several hours of a painfully counter-intuitive setup struggle.
Here is my speed in Ookla’s synthetic tests before the VPN:
Here’s the speed when I was connected to their US server (OpenVPN):
and their UK server:
The security tests revealed the VPN was not leaking my DNS or IPv6:
but was leaking WebRTC:
I was able to bypass Netflix’ VPN police with Strong VPN effortlessly:
Likewise, BBC iPlayer worked just fine:
Privacy and Security
I’m not happy with privacy or security at Strong VPN. First of all, because it’s just so difficult to set up the right way, everything is more clicks away than it should be, which makes it extremely difficult to configure for a novice or even an average user.
Defaulting new accounts to PPTP, sending login/pass combo in plain text and making the OpenVPN app more difficult to use than it normally is, amounts to a junk pile of red flags.
The provider puts “no logs” front and center, but do the legal documents go into much detail on the matter? No. There is no indication as to how the provider treats the connection logs in the entire opus magnum that’s their legal documentation. Do they keep connection logs and what is included? For how long are they kept, and how is packet inspection treated on their end? It’s a mystery.
The provider collects your account information, such as your name, billing address, and email. That’s more than most privacy-minded providers require.
When you visit their website, the provider collects your IP, pages viewed, as well as deploys cookies, clear GIFs, web beacons, and other tracking technologies topped by Google Analytics.
The data you submit to the provider is regulated by the US data retention laws. You won’t be torrenting using this service.
This clause sounds like censorship:
I do not recommend Strong VPN. Its decent speeds and live chat support can’t make up for the unfair and convoluted setup and service topped by the lack of clarification on connection logs and extensive user information collected at sign-up.