Point-to-Point Tunneling (PPTP) is an ancient security tool, by internet standards. Created in 1999, it was the first-ever VPN Protocol to be widely available to the public, being automatically built into most computers at the time. In fact, the practice has continued to this day. Every modern computer will still have PPTP capabilities built into it. How has this old tech managed to persist in the continually evolving world of cybersecurity?
Charles Whitmore
Feb 04, 2021 · 3 min read
Let’s first dissect PPTP and find out how it works. As with all tunneling protocols, PPTP specifically builds a tunnel between two points. Once the PPTP connection is established, all data packets passed through are wrapped in an IP envelope and then sent on to another router or machine, which will treat the data like an IP packet. It’s then decrypted and made accessible to the receiving party.
PPTP can handle two types of data flow: data packets and control messages. The control messages are made for managing the start and end of the encrypted connection. It’s a simple process that has been expanded upon and improved by every VPN protocol created since.
The simplicity and age of PPTP make it a good choice for anyone who prioritizes speed and efficiency. PPTP is over 20 years old, meaning even the slowest modern computer will have no performance issues.
Due to PPTP being the industry standard for a bare-minimum encryption protocol, most modern systems will support it. To anyone who is even slightly tech-literate, PPTP is easy and quick to set up.
Unfortunately, this is where the pros end. And here’s the first con — PPTP security isn’t strong. Since its inception, this protocol has been fundamentally insecure. Security experts have repeatedly been able to break through the MS-CHAP-v1/v2 authentication protocol, making it clear that hackers will also be able to pierce through. MS-CHAP-v1/v2 uses TCP Port 1723, essentially making this PPTP port undesirable for anyone who prioritizes their security.
Once again showing its age, firewalls easily block PPTP’s outdated tech. So, if you’re looking to access blocked content at school or work, PPTP isn’t the right one to use. It might be a good idea to disable the PPTP passthrough on your router, or else you’ll be leaving an open door for a cybercriminal to stroll in. If you want to cover all your security bases, use a regular VPN but disable the PPTP passthrough.
With this plethora of age-related issues, who would still want to use a PPTP VPN? Speed is the main benefit of PPTP, so someone looking for a quick connection might consider using PPTP servers. It’s faster than most other protocols, albeit at the high price of potentially compromised protection.
If security is not a priority, PPTP is a viable encryption tool. However, when it comes to standard everyday protection, PPTP shouldn’t be your first choice.
If you’re looking to keep secure and stay ahead of the online security curve, using an outdated security protocol in the form of PPTP isn’t the way to go about it.
NordVPN shows how far VPN technology has advanced since 1999. Not only do you get access to lightning-fast servers, but NordVPN also has the best encryption protocols available — it would take technology that doesn’t exist yet and an absurd amount of time to crack it. If a hacker spots that you’re this protected, they will quickly move on to easier targets.
Take a step towards a safer future and secure yourself today.