HideMyAss isn’t the most popular choice out there. However, it’s known for its humoristic approach, yet seriousness when it comes to offering a VPN service. Since many users want a safe and reliable provider, the question is if this one is as reliable as it claims to be. Today, we’ll check out how safe and secure HMA is and see if it can be trusted. We implore you to read the article carefully before subscribing to the provider if you’re even considering doing it.
Security: What are the security tools in the apps?
For a VPN to be safe and secure, it needs to have a fair amount of security features. Sure, a zero-log policy is always welcome, but we’re talking about functionalities that can be found in the app. They make this service much more reliable and safe to use. With that in mind, let’s see what HMA has to offer:
Smart Kill Switch
The smart kill switch is a fancy name for an automatic kill switch. If you know a thing or two about VPNs, you know how it functions. You connect to a server and browse the web. Should the connection drops, a kill switch acts immediately, blocking your access to the internet.
This prevents you from leaking your IP or DNS accidentally, always keeping you secure and anonymous online. Despite some bad comments about HideMyAss on Reddit, we think that this kill switch works flawlessly, as seen in our HideMyAss review.
Split tunneling isn’t a feature we see very often. ExpressVPN has it on all platforms, while NordVPN uses it only on the Android platform. Either way, it can be very useful if you don’t want every app or site to go through the VPN connection.
When you turn it on, you can choose which apps and sites will use the VPN-given IP address, and which will go through your native IP. For example, Netflix can use your fake IP, while your bank account connection will go through your native IP address.
As some of you know, accessing a bank account with a foreign IP isn’t a good idea. It will lock you out, so you’ll have another problem to work on.
IP shuffle works similarly to MultiHop we’ve seen in Surfshark. This is a great feature for overall security that we don’t see in many providers. Basically, it randomizes your IP addresses every 10 minutes, up to one day – depending on your choice.
In that case, your connection jumps from one IP to the other, according to the intervals you’ve chosen. Given that HideMyAss has 290+ locations, that will be pretty secure and reliable.
People on Reddit often complain about the lack of IPv6 leak protection in many providers. Well, this provider managed to fix that, including both IPv4 and IPv6 leak protection, as well as DNS leak protection.
We have a few screenshots from the policy that we’d like to discuss in the article.
First, we see what they DON’T log. Originating IPs, DNS queries, and browsing history. That’s fair, but we need to see what do they log.
From the image above, we already see that they store timestamps, the subnet of your IP address, and the amount of bandwidth you’ve used. While it’s not for malicious reasons, we have to take into account that the provider is from the United Kingdom, which is under the 5 Eyes jurisdiction.
Countries from the 5 Eyes are known for extensive government surveillance, so your data might not be safe with HMA. Moreover, they store the service data for 35 days, which is quite a lot.
As you can see, HideMyAss shares your information with plenty of third parties. There’s Avast Group, service providers, third-party companies, and state authorities. Also, HMA doesn’t allow for torrenting and they’ll know when you do it simply by looking at your bandwidth.
Since they cooperate with state authorities, you’ll be reported for violating copyright pretty surely.
External audit: Is HMA safe?
It’s always good when a provider has an external audit. ExpressVPN is proved to be safe to use thanks to PwC, for example. There’s VyprVPN that has a zero-log policy verified by Leviathan, and so forth. HideMyAss, unfortunately, doesn’t have any external audits.
This doesn’t necessarily mean that it’s not safe, but definitely decreases its value. Some of the best audited providers are ExpressVPN and NordVPN, and as we said, they’re a much better choice than this provider.
Issue(s) and scandals the company has faced in the past
There’s one issue that happened a few years ago with the company. Allegedly, HMA played a huge role in helping the FBI arrest a suspect. A hacker by the name of Kretsinger hacked the SonyPictures.com site and compromised personal info of million+ users.
Later on, it was revealed that Kresinger used HMA to commit these activities, as the FBI traced the IP address that belonged to the provider. They later said that the service isn’t meant to be used in committing illegal activities, but again, even if you do so, the authorities should not be able to trace your IP this easy.
Conclusion: HMA is Not the Safest Option out There
So, is HMA trustworthy? Well, it is, but we’ve seen much more trustworthy providers than this one. HideMyAss offers a plethora of quality security features and is overall, a good provider. Even Reddit users agree on that, but the provider, in general, doesn’t have quite a reputation on that website.
In the end, if you want a truly safe and reliable provider, our advice is to pass on HMA and buy ExpressVPN. It’s the fastest and the most secure service out there, offering a 49% discount and 3 months FREE for a 12-month plan.