I guess the more accurate way of asking is that if I log into my bank account online while using a VPN server, is it LESS SAFE than doing the same thing without using a VPN server? (basically just using my regular home wifi and no VPN). I’m asking because I’m curious if there’s any risk of my bank account’s username/password getting exposed.
If the connection between your computer and the bank is fully HTTPS starting from the initial web page, then you don’t need a VPN, and your connection is fully encrypted.
Using a VPN may trigger the bank security, as it looks like you are somewhere you have not been before. When I have done this, I have been asked to use 2FA to verify it is me. Since I travel internationally, I use my own VPN server so I look like I am always in the US, but I made sure that I used this VPN multiple times before I left the country, so my bank had already seen and authorized my VPN IP address.
Unless you are on an open WIFI, like at a Cafe, I would not bother using a VPN for financial transactions. HTTPS traffic is already encrypted.
I’m not really sure why some banks object to it but I’ve been locked out of bank accounts for using a VPN and it was a long painful telephone call to get my account unlocked.
i guess to ask the same question, is your credentials passwords etc and private information safe to input while connected to a VPN? or should you enter it first and then connect to the VPN?
Wouldn’t it also be encrypted on open Wi-Fi because of https?
They are safe either way, as they are already encrypted by https. I would not turn off or turn on a VPN once I conneted as the site you are connected to may not want to see a change of location once you are logged in.
gotcha, ive been commenting and reading on other subreddits haha so I think I get the gist of it, at least in terms of security?
this may not be related but in terms of anonomity, i would like to use a vpn or proxy connection for multiple accounts. privacy browsers like ads or morelogin allow you to connect to a proxy IP. in order to look “normal”, i would expect to use a dedicated ip so that my account from the view or logs of the website appears to be in one area or city/region instead of many different ones over many different days/weeks/etc. problem is, like with VPNs apparently, that rotating IP’s are more likely to be secure from how they’re pooled? yet at the same time, isnt it the case that millions of people are likely using the same IP address and thus why they get commonly flagged and detected as a VPN or proxy in the first place?
sorry if that didnt make sense
I would say most people who are buying things or are using government services are using a mobile or residential IP address. So, one IP address per family for residential, and a single IP address per phone for mobile. These IP addresses may change but the provider tracks these changes so they can track you down at a later date.
Lots of people coming from a single IP address does help with anonymity, but online companies, financial institutions and governments want to know who they are dealing with, so many of them block non-residential/non-mobile IP addresses. Even Reddit blocks me when I try to use some commercial IP addresses.
There are companies that sell tools that will list many parameters for incoming IP connections. It lists things about the IP address like: Is it a datacenter, is it mobile, is it a known VPN provider. Some of these tools even give an abuse score. To see the type of info these tools provide, look at https://ipapi.is/ which I use to have an idea on what sites see from my personal physical and cloud-based VPN servers.