Encrypt.me is a popular VPN provider owned by StackPath, the company behind IPVanish, StrongVPN and other VPN brands.
The website has minimal details on the features you will get with this VPN, partly because it doesn't have many. There's no P2P support, no ability to manually install the service on routers or other devices, no secure DNS, malware blocking or anything even faintly surprising.
Even basic details like the number of countries or locations available aren't easy to find. Are you curious about protocol support, or unblocking abilities? Encrypt.me is tight-lipped about most things - annoying, when we're used to much more transparency from the likes of ExpressVPN.
- Want to try Encrypt.me? Check out the website here
Although the company claims this is all about keeping things simple and focusing on 'the needs of average Internet users', the website regularly uses technical language.
A list of plus points on the front page of the website includes items like 'Deploy private endpoints in one-click', 'Using a Docker image means fast deployment everywhere', and points out that if you 'want to run your own private endpoint', 'we publish our endpoint software on GitHub.' Are these items really simpler and more relevant to 'the needs of average Internet users' looking for a VPN, than something like 'we support this many cities in that many countries'?
It's a pity that Encrypt.me isn't more forthcoming, because the company does have several features worth boasting about.
70 locations in more than 40 countries gives you plenty of options, for instance. Some companies have even more choice – HideMyAss claims 280 locations in 190 countries, for example – but Encrypt.me more than covers the basics, and its locations are spread more widely than you'll usually see elsewhere.
There's a full set of apps for iOS, Android, Windows and Mac, and even Amazon Fire OS 5.0.
Tired of annoying limits on devices or simultaneous connections? Encrypt.me is, too, so it doesn't have any.
A smart auto-connection mode monitors the networks you're using, and automatically connects to Encrypt.me whenever you access anything insecure. No need to remember to launch the app to do this manually, Encrypt.me handles everything for you.
Still unconvinced? Encrypt.me offers a 14-day free trial, no credit card details required, which is as good a deal as you'll find anywhere.
Plans and prices
Encrypt.me plans are only average value, but the company makes up for this with some real billing flexibility.
Only need a VPN for a quick trip, maybe? A one-week pass can be yours for only $3.99, a major improvement on the $10-$13 you'll often spend on minimum one-month accounts elsewhere.
Monthly billing is a reasonable $9.99, but the annual plan looks expensive at $8.33 a month, or $99.99 upfront. Surfshark offers twice the subscription length for less than half the cash (2 years for $1.99 a month, or $47.76 in total).
Encrypt.me makes up for this a little, though, with its 'Families' plans. These can protect up to five members of the family and all their devices for a total of $12.99 billed monthly ($2.60 per user). There's an annual plan, too, although the savings are minimal at $12.50 a month, or a minimum $2.50 per user.
If you're looking to secure your business, Encrypt.me's Teams plan enables protecting as many team members as you need for $7.99 each per month (minimum of two, or $15.98), and includes central management and billing.
While that's fair value (NordVPN's Team plans start from $9 per user per month), some providers charge much less. Windscribe’s ScribeForce offers all its regular features, plus web management and centralized billing, for only $3 per month (minimum of five users, so a monthly $15 in that case).
Best of all, and as we mentioned above, if any of this sounds interesting, you can try out the full service for 14 days, no payment details required. Given that many providers no longer have any kind of trial, this is very impressive.
All sections have clear and straightforward summaries, with no complicated legalese. Read on and inevitably there's a lot more detail, but the text is precise, well-formatted, and it tells you exactly what you need to know.
Take logging, for example. The company explains that although it doesn't monitor where you're going online, a record is maintained of your last 16 days of session data: the incoming IP address, the virtual IP, the bytes sent and received, the time you're connected, and the source port of each outgoing connection, with start and end times. (The last one records the existence of a connection, but not where it's going.)
Why? The company says it allows them to respond to complaints. If someone's used Encrypt.me to send spam or hack a system, having session records enables the company to find the offender, pass along the complaint to them, or maybe take some further action (not 'call the police', more like 'terminate the account') if the offense is serious.
This won't make a lot of difference to most people, and if you're only using the service to unblock Netflix or send emails, you might not care very much. But if you need a true zero-log VPN, Encrypt.me isn't it.
The company delivered better news in September 2019, when it announced the results of a public audit. Encrypt.me had contracted consultancy Security Innovation to thoroughly test its apps 'and, to a limited extent, the Encrypt.me website', and issued a full report. Only two vulnerabilities were found, one low severity, one medium, and both were fixed before the report appeared.
This isn't the most thorough audit we've seen, though. It only covered the apps in any detail, for instance, and even then, Security Innovation wasn't given the source.
There's also no clear commitment to ongoing audits. Contrast that with TunnelBear, which now has annual audits of its 'entire codebase, server infrastructure, website and apps.'
However, Encrypt.me is still showing far more transparency than the vast majority of the competition, and so it gets a major thumbs-up from us.
Signing up for Encrypt.me's trial was as easy as providing and verifying our email. A click took us to an account area on the website, where we could download apps for Windows, Mac, Android, iOS and Amazon Fire.
The web console doesn't have the low-level geekiness you'll get with some providers (no guidance on sideloading Android apps or setting up custom OVPN files here). Many will see that kind of simplicity as a plus point, though, and Encrypt.me does have other advantages. You can have the website text you a download link, for instance. Or if you need to manage your account, there's none of the usual browsing around nested menus or tabbed panels – just scroll to the bottom of the console and everything you need is presented in a few lines.
We downloaded and tried to install the Windows client. Tried, and failed, as the installer warned that 'installing Encrypt.me requires changing a setting that conflicts with a security policy set on your computer. Encrypt.me cannot be installed.' We tried rebooting, clearing our temporary folders, uninstalling any apps we thought might be conflicting, checking Windows and the Registry for related settings – but had no luck.
This seemed like a good chance to try Encrypt.me's support. The support site is poor, featuring few articles, with most of those being dated and short on detail, so we opened a live chat session. Despite being at position #1 in the queue, it took more than 10 minutes before an agent arrived. It's a problem with security policies, he said (well, yes, the error message told us that). He then asked if we had any third-party antivirus on the system? No, we didn’t. We were then advised to create a new user on our system, log in and install from that account, instead.
Although installing from a new user account is sensible troubleshooting advice as a general rule, we're not sure how well it would go down with Encrypt.me's target audience of 'average internet users' whose priority is simplicity. We tried it, anyway, and Encrypt.me still refused to install.
Switching to full-on geek mode, we set up and analyzed logs, checked key system settings, inspected the Encryt.me MSI file, checked the Event log and more, and sent an email to Encrypt.me with every important detail.
Some support teams ignore this kind of in-depth, low-level report, but to its credit, Encrypt.me replied immediately saying it had passed our data onto one of its Windows developers. The next day, a message arrived with a simple suggestion: find <obscure registry value> and if it's zero, set it to one, and try again. It was zero, we changed it to one and that solved the problem.
Encrypt.me got off to a poor start, then, with the installer's misleading error message (it wasn't a security policy issue) and first-line support's initial inability to help. The developer almost rescued the situation all on his own, by immediately diagnosing the (very unusual) issue and giving us the fix. But we're still left wondering if users who weren't able to collect together and send so much diagnostic information, would have seen the same result.
Encrypt.me finally installed, we clicked the system tray icon and a simple pop-up appeared with an Encrypt Me button, along with tiny Location and Settings icons.
The pop-up displayed a green background with a white tick, which we suspect many users would assume means they're protected. This isn't actually true, though, and you must read a lengthy status description to find out: 'Your connection to Identifying... is a trusted network, but not encrypted with Fastest Available set as your Transporter.'
That 'Identifying...' doesn't fill us with confidence, as presumably it means the client has failed to figure out our network name, and the code isn't smart enough to handle that and displaying something better ('Unknown').
The reference to a 'Transporter' is Encrypt.me-speak for 'location.' Your Transporter can be a city, a country, or 'Fastest Available' to locate the best server for your current location. That's easy enough to understand, but we're struggling to see why Encrypt.me thinks inventing new jargon is helpful to users.
The status line isn't immediately updated with your latest chosen location, either (uh, sorry: your chosen Transporter). Suppose you connect to London, close the connection, change the Transporter to New York. The status line will still say you are 'not encrypted with London set as your Transporter', confusingly, until you've reconnected.
Clicking the Encrypt Me button launched an IKEv2 connection (there's no support for OpenVPN or other protocols), getting us online in a very few seconds.
There's little feedback on connection state. The client doesn't use desktop notifications to tell users when it connects or disconnects, so you won't know for sure unless you're looking at the client console. Even there, Encrypt.me is less than intuitive; with green meaning 'VPN off', the client turns blue to indicate 'VPN on.'
The client doesn't seem to monitor your connection state, either. We forcibly closed our connection, and although the underlying Encrypt.me engine reconnected within seconds, the client didn't display a single alert to tell us what was happening.
On top of that, there's no kill switch to protect you if the VPN fails. When we closed the Encrypt.me connection, our real IP address became visible to the outside world. It was hidden within a few seconds, but if the client hadn't been able to reconnect, perhaps because of a server failure, we could have been vulnerable until we happened to check the client interface.
A basic Settings dialog includes a Transporter area where you're able to choose your default location. Most apps have their 'Automatic' setting at the top of the list as you'll use it so often, but if it's not currently selected, the Windows client displays its 'Fastest Available' option in the middle of the location list (the sequence runs Estonia, Fastest Available, Finland). You'll quickly figure that out, but it's another odd touch which detracts from overall usability.
There's better news in the client's ability to automatically connect whenever you access untrusted networks. Setting this up is more awkward than it should be, because the client doesn't allow you to choose from a list of local networks, and instead forces you to enter a network name. It works, though, and the client can make life a little easier by automatically trusting Ethernet and cellular networks.
Encrypt.me's Android app has some major interface improvements over its Windows cousin. Out goes the horribly basic scrolling list of locations, for instance; in comes a neat panel organizing servers by continent, with a separate Favorites tab for your most commonly used locations.
The app remains easy to use, though, and while it's very much aimed at novices, there are a handful of advanced options.
You can have Encrypt.me automatically secure connections to untrusted networks, for instance. Split tunneling support enables choosing apps you don't want to go through the VPN. And an Auto-Secure scheme works as a kill switch, blocking internet access if the VPN drops.
Encrypt.me's iOS app is a close visual match for the Android app, and is equally straightforward and easy to use. There are very few options or settings – 'change protocol, what's a protocol?' – but that's much less of an issue with iOS VPN apps, which generally have very few features compared to Android or desktop editions. An excellent App Store rating of 4.5 suggests most users are very happy with this approach, too.
If there's a small issue here, it's that the apps don't appear to be updated very often (at the time of writing, it's 98 days since the last iOS update, 124 days for Android.) Looking back at the iOS history, that's fairly typical: the app has seen 10 updates over the past two years, and very few of those added any significant features.
Still, if the app works and does everything you need, that's not a big deal, and overall Encrypt.me's mobile offerings performed very well.
Encrypt.me doesn't make any claims about its website unblocking abilities, saying that attempts 'may or may not work at any given time' and 'this is not a market that we serve.'
We tried the service with a few platforms, anyway, and it did much better than the company's official line might suggest, getting us into US YouTube, BBC iPlayer, UK and US Netflix (Disney+ and Amazon Prime Video were the only fails). Encrypt.me clearly isn't the best unblocking choice because the company isn't committed to supporting these services in the future, but right now, at least, it's a reasonable performer.
There was even better news in our leak tests. Encrypt.me's apps did an excellent privacy preserving job, with no DNS or WebRTC leaks to compromise our identity, and our browsing was protected at all times.
Moving on to the final speed tests, we found our local UK servers managed an average 67Mbps on a 75Mbps test line, very close to the maximum we'd expect from any VPN.
The real highlight came in our US tests, though, where Encrypt.me delivered an exceptionally consistent 225-240Mbps on our 600Mbps connection. We've seen a handful of VPNs deliver better results, recently – NordVPN managed 260-290Mbps, Speedify a variable but fast 275-400Mbps – but Encrypt.me's performance trampled all over most of the competition.
Encrypt.me is very fast along with being user-friendly, and it can work well for mobile users. But its session logging, price, poor Windows client and all-round lack of features make it hard to fully recommend when providers like ExpressVPN exist in the world.
- We've also highlighted the best VPN services