HideMyAss has earned millions of users thanks to its free subscription and a decent network with a presence in 190 countries. However, a good service is more than diverse geographic. Many people keep asking if HideMyAss is safe. I intend to answer this question as detailed as I can, and for this reason, I carefully examined every aspect of the service.
Before I tell you more about HideMyAss, let me highlight its main features. Here is what I like about the provider:
- Free subscription is available;
- OpenVPN protocol;
- No IP, DNS, and WebRTC leaks.
Unfortunately, the provider lacks many core security features. Here is what could be improved:
- Registered in the UK (the 5 Eyes country);
- Invasive logging policy;
- No kill switch;
- No Bitcoin payments.
HideMyAss Jurisdiction and Logging Policy
HideMyAss is a member of the Avast family. AVAST Software, the parent company, is based in the Czech Republic but the subsidiary is registered in the United Kingdom. While the Eastern-European country is relatively safe to conduct security business, the UK can’t boast privacy-friendly legislation. The authorities have the right to demand service providers to surrender data about their users if the latter are suspected of the law abuse. Not only that, the country is a founder of the powerful spy alliance known as the 5 Eyes. It means that people and businesses which domicile is Great Britain may be monitored by the government and its partners.
The only way VPN services can trick the system if it orders to yield user data is if they refuse to retain potentially harmful information whatsoever. HideMyAss assures it stores no logs but this is not true. There are no traffic logs in place but connection records are quite extensive. Not only does the service retain details about the amount of bandwidth, the times when users begin and terminate sessions, and data about specific locations they connected to but also it registers users’ IP addresses.
If you still think that such meta data is not a big deal, here is a food for thought. HideMyAss helped to arrest two of their formers clients who used the service with bad intentions. The company provided information about the users’ connections and it was enough to establish their involvement in crimes. One of the offenders is serving a sentence in prison and the other is arrested and is now awaiting judgment.
You don’t have to commit any serious crimes to suffer because of the HideMyAss’ invasive logging policy. The internet is full of complaints that the service mercilessly suspends accounts of clients who infringe the copyright law.
HideMyAss Security Features
HideMyAss supplies a bang up to date encryption and security protocols. The strongest OpenVPN protocol comes with AES-256 cipher, RSA-2048 handshake encryption and SHA-1 hash authentication. A perfect forward secrecy is also in place. If you are not familiar with these terms, I’ll put it simply – their encryption is really good. HideMyAss also offers additional security protocols (PPTP and L2TP/IPsec) but they are inferior to OpenVPN.
The service took care to prevent DNS, WebRTC, and IP leaks but it honestly warns that it can’t stop IPv6 leakage, so you should disable IPv6 manually.
Unfortunately, HideMyAss doesn’t offer anything else to enhance user security. If you experience an inconsistent VPN connection, your data may be exposed because there is no kill switch. The service doesn’t allow using Tor. A double encryption option or NAT firewall is not available either. Even anonymous cryptocurrency transactions are not possible with HideMyAss.
The service comes with some other features. You can read about them in this HideMyAss review.
The Best Secure Alternative to HideMyAss
A strong encryption is the only thing HideMyAss is worth the praise for. Unfortunately, today it is not enough. If you are looking for a feature-generous VPN service, NordVPN is the pick of the bunch. It offers the cutting-edge encryption that is probably the best you can find around. The staggering variety of extra features is able to meet any need, even if you are a picky client. Plus, the service stores no logs so that your internet activity is kept under the wraps at all times.
HideMyAss might have earned a huge client base but its service leaves much to be desired in terms of safety. Its UK jurisdiction and extensive logging should make you worry about your privacy. The provider is also poor regarding features. A good encryption is in place but it is the only thing HideMyAss can put on the table. It lacks even the basic functions, for instance, a kill switch. Therefore, my verdict is that HideMyAss is not a safe service.