All Private Internet Access settings explained
Customers may download one of the available clients for their operating system. The Windows client ships with a list of features that you may enable to improve your privacy and security while being connected to one of the company servers.
The following guide lists and explains all settings that the Windows client version of Private Internet Access provides currently.
We have used the latest version of the client, version 0.65, for that. We will update the guide when features change. If you notice that before us, let us know in the comments so that we can update the article.
Private Internet Access VPN Settings
You can open the settings by right-clicking on the Private Internet Access icon in the Windows system tray area.
Please note that you can only access the settings if you are not connected to the VPN at that time. If you are, you need to disconnect first before you can do so.
The client uses three configuration pages of which one, simple, is not of much use.
The advanced settings page, which you see on the screenshot above, lists several options that you want to check out and configure.
- Username: your PIA username
- Password: the associated password of the account.
- Start application at login: whether the VPN software is started on Windows boot.
- Auto-connect on launch: whether the software connects to the VPN server when it is started.
- Show desktop notifications: whether notifications are shown on the desktop (e.g. on connection or disconnect).
- Region: The region you want to connect to. Tip: You can run speed tests for any server region to find out how well it performs.
- Connection type: Select UDP or TCP as the connection type. Default is UDP.
- Remote port: Set to auto by default, but you may specify a port there.
- Local port: Set a local port.
- Request port forwarding: The port that is being used is shown when you hover over the PIA icon in the system tray area. This can be useful to set it up in applications.
- PIA MACE: This is a new feature of Private Internet Access. It acts as a blocker for advertisement, malware, trackers and other undesirable elements. You have no control currently apart from enabling or disabling the blocker.
- VPN Kill Switch: This terminates the Internet connection if the connection to the VPN drops. Useful if you don't want your "real" IP address to be logged by services you connect to while using a VPN.
- IPv6 leak protection: This disables the use of IPv6 while connected to the VPN.
- Use small packets: If you notice connection issues, e.g. connections that drop frequently, you may want to enable this option to see if it resolves that issue.
- Debug mode: You may be asked to enable debug mode by PIA support. The log is written to C:\Program Files\pia_manager\log.
While it is up to you and your requirements what to enable on the settings page, it is usually a good idea to enable all features but PIA MACE and Debug mode.
A click on encryption displays options to set various encryption related parameters.
- Data Encryption: Select one of the available encryption standards. Available are AES-128, AES-256 and None.
- Data Authentication: Select one of the available cryptographic hash functions. Available are SHA-1, Sha-256 and None.
- Handshake: Encryption used to establish a secure connection with Private Internet Access servers. Pia uses TLS 1.2. The default is RSA-2048.
The selection depends largely on your requirements. Want maximum protection? Select AES-256, SHA-256 and RSA-4096. Want all speed and no safety at all? Pick None, None and ECC-256k1.
The default recommendation is AES-128, SHA-1 and RSA-2048.
The client displays warning if you choose none for data encryption or data authentication, or when you chose ECC for Handshake.