All you need to know about your VPN password

Passwords are like opinions. Everybody’s got one, yet some are stronger and structured better than others. But while you may get away with not having a strong opinion on something, a weak password can lead to some pretty serious consequences.

With a VPN (Virtual Private Network) being your gateway to privacy online, it is no surprise that having a secure VPN password is crucial. Let’s talk about how you can create a strong password and what might happen if you don’t.

Table of contents

    Why do you need a strong VPN password? 

    Let’s start with the obvious here. You need a secure password to prevent others from accessing your account. While this may seem painfully obvious, millions of people still use their birth date as a password on all their accounts and then have the audacity to act shocked when they inevitably get stolen. 

    Depending on your VPN service, a hacked VPN password may end up being relatively harmless. A premium VPN provider like Surfshark does not store personal data or keep information about your activity. So the only thing that bad actors can steal is the account itself.

    Sure, losing an account isn’t fun. You paid your hard-earned money for a VPN subscription, and some morally-challenged hacker took it away from you. Unfortunately, these things happen, and stolen VPN accounts are being sold on sketchy websites by even sketchier people every day.

    And no, you should not buy one to save a buck, as stolen accounts inevitably get compromised and returned to their rightful owners. 

    What happens if your VPN account is stolen?

    If your VPN account gets stolen, contact the customer support team. It might take some back and forth, but you should be able to get it back without too much harm caused. But there’s a huge caveat attached to that. Everything I said above only applies if the account has a unique password, one that you don’t use anywhere else.

    If you, like many others, use a couple of combinations of the same password everywhere, you might be in a world of trouble. After stealing one of your passwords, some hackers will try to use it on other accounts, such as your email, Facebook, LinkedIn, and pretty much anything else they can get their hands on.

    The result? Possible identity theft, which may lead to some significant losses. I won’t go into detail to avoid steering too far off-topic here, but let’s just say that you don’t want to use the same password everywhere

    How to create a strong VPN password?

    a password box with a secure password, which contains random letters, numbers, and symbols

    Now you know you need a unique and secure password for your VPN account. But this knowledge is no good unless you know how to create one. Here are the steps you need to take in order to make it happen:

    • Keep it random — a good password should not include any personal information. No dates or names. Better yet, don’t use any words at all. A random combination of letters, numbers, and symbols is the way to go;
    • Make it long — you don’t want to get the short end of the cybersecurity stick because of a short password. Anything under 10 characters is unacceptable;
    • Don’t recycle passwords — I said it before, and I’ll say it again — make each password unique. You open a hole in your online security every time you reuse a password, and you’ve got no one but yourself to blame for it;
    • Use a password generator — if you have a hard time coming up with unique and secure passwords, use a password generator. Or have your cat run over the keyboard a couple of times. Both options work just fine;
    • Don’t write down passwords — you should not be writing your passwords down; not on your phone, not on a physical notebook, not anywhere. You don’t want one of your passwords to be hacked. Imagine if someone steals the whole list;
    • Get a password manager — no one expects you to remember all your passwords without writing them down. Simply use a trusted password manager and access your passwords securely at any time.

    Examples of secure passwords

    • &ows6LoL9G*%6Hd28Ek3
    • Ji6bm*ZI86q4M7Y
    • utQ$PSMg9H1eZW4*6O

    Troubleshoot VPN login issues

    You may sometimes fail to log in to your VPN account, even if no one fiddled with your password. Here’s something you can try to fix the login issues on the Surfshark app or website.

    Turn off other VPNs

    You may not be able to log in to Surfshark if you’re connected to another VPN. Disconnect from the VPN and try to log in again. In some cases, you may even need to reinstall the Surfshark app and restart your device.

    The same might happen if you try to log in to Surfshark while connected to one of our VPN servers. Simply disconnect or connect to a different server and try again.

    Don’t hide your email

    This one only applies to iOS and macOS users. When you’re logging in to Surfshark for the first time, you need to show your email so that the app can identify the account.

    To do so, go to Settings -> Apple ID -> Password & Security -> Apps using Apple ID -> select Surfshark -> Stop using Apple ID. Then simply go back to the Surfshark app and choose the Show my mail option when logging in.

    Update your app

    Sometimes it’s as simple as your app being out of date. Update it through the app, or download it and reinstall the app, and you should be good to go.

    How to set up a new VPN password?

    If you suspect that your VPN password has been stolen or leaked, you need to change it. The process for doing so is different depending on whether or not you currently have access to your VPN account. 

    Change your VPN password

    If you can use your VPN account but fear that your password has been leaked, you can change it through the VPN settings:

    • Open the Surfshark app;
    • Go to Settings;
    • Choose My account;
    • Click Change password;
    • Enter your current password and the new password;
    • Click Save to change your password.

    Reset your VPN password

    If your password has been stolen, or if you simply can’t remember it, you will need to reset it. Here’s how you can do that:

    • Visit;
    • Enter the email address you used to register your account;
    • Click Get the reset link;
    • Open the password reset email and click Reset your password;
    • Enter a new safe password and click Confirm new password to complete the reset.

    Keep your passwords private and secure

    You know by now that your login credentials are more than just the key to your VPN account. Being careless with your passwords usually comes back to bite you in the long run. So make sure all of your passwords are unique and hard to guess. And if you have any suspicions about them being stolen, change your passwords immediately.

    Stay safe and private online

    Get Surfshark


    Can a VPN help protect my passwords?

    Yes, a VPN can help with password protection. Since VPN encrypts all of your traffic before it leaves your device, a VPN is a great tool to protect your data from hackers that try to intercept your connection.

    Is my password visible to the VPN provider?

    A reputable VPN should not be able to see your passwords. Surfshark does not keep any logs of your activity, so your online activity is kept private, which includes your passwords. But not all VPN providers are trustworthy, as some free VPNs have been known to collect your data and even sell it to third parties.

    How do I find my VPN password?

    For the sake of your online security and privacy, you should be keeping all your passwords in a password manager. If you don’t do that and can’t remember your VPN password, your best bet is to reset it to a new one.

    You can reset your Surfshark password by following this link:

    How often should I change my VPN password?

    Contrary to popular belief, you don’t need to change your passwords all that frequently. It’s a good idea to change your VPN password once a year under normal circumstances. You should also change your password immediately if you feel like it may have been stolen.