NordVPN suddenly not working with OpenVPN? UPDATE: NordVPN maybe down currently. (vlemmy.net)

submitted 1 year ago* (last edited 1 year ago) by theophrastus@vlemmy.net to c/piracy@lemmy.dbzer0.com

19 comments fedilink hide all child comments

After working pretty well for several years suddenly NordVPN is returning an AUTH_FAILURE via OpenVPN, despite the same username/password working to login on their website. Has anyone else suddenly experienced this? Any clues? (other than stop using NordVPN [wink]/-sigh-) Thank you! UPDATE: NordVPN is (apparently) reading as down via https://downdetector.com/status/nord-vpn/map/

UPDATE2: It is starting to indicate a generalized failure of accepting authorization from OpenVPN as one can see from the comments down the page linked above. Has NordVPN quietly pulled a reddit against 'third party' agents? (if so, i want some money back - hah, fat chance -sigh-)

top 13 comments

sorted by: hot top controversial new old

[-] Mr_Robot@infosec.pub 5 points 1 year ago

Some further reasons to avoid NordVPN

Proton VPN has a free tier. Other recommended VPNs are IVPN and Mullvad. Techlore, Privacy Guides, and The New Oil have solid recommendations. IVPN allows for using a custom DNS over HTTPS (DoH) and has a Fedora Silverblue client.

[-] ItsaB3AR@sh.itjust.works 3 points 1 year ago

Not to be too obvious, but have you tried different servers?

[-] theophrastus@vlemmy.net 1 points 1 year ago* (last edited 1 year ago)

That's a perfectly sensible question. But alas, i've tried many different NordVPN servers and no luck:

AUTH: Received control message: AUTH_FAILED

This being the very same username/password pair which allows a login on the NordVPN page

[-] CookieJarObserver@feddit.de 3 points 1 year ago

Don't use Nord.

[-] Goob@kbin.social 1 points 1 year ago

Why? Privacy issues? Security issues? I've been using it for a couple of years now and not had any trouble with it.

[-] httpjames@sh.itjust.works 5 points 1 year ago

Many issues.

They were hacked in 2019 and got their private keys leaked.
They have ties to a data mining company called Tesonet.
Their "experiments" have used cookies to perform price discrimination on unsuspecting visitors.
Their website is infested with trackers and third party cookies.

https://blog.httpjames.space/nordvpn-is-a-shitvpn/

[-] CookieJarObserver@feddit.de 4 points 1 year ago

Also they have a shit load of money advertising, if a company advertises that much they definitely scam you.

[-] MrComradeTaco@lemmy.fmhy.ml 1 points 1 year ago* (last edited 1 year ago)

I'm using a shared NordVPN account I bought from a random site for 2.5USD and 9 months of service LOL.

I will buy one for another random site when this expires.

[-] theophrastus@vlemmy.net 0 points 1 year ago

fair 'nuf. but that 'requires' a: use ... instead. That is, you recommend ....?

[-] httpjames@sh.itjust.works 3 points 1 year ago

Windscribe, Mullvad, IVPN, Proton

[-] CookieJarObserver@feddit.de 3 points 1 year ago

Proton, all around better service and Swiss privacy Promise (a one you can actually build on)

[-] theophrastus@vlemmy.net 1 points 1 year ago* (last edited 1 year ago)

UPDATE3: NordVPN changed stuff as regards OpenVPN access and apparently told no one (not even their support folks!). You must now go to their login page and pursue "manual setup" which apparently ends one with a new username/password pair. But it's not made clear how long (perhaps one session?) these will last. Well, mateys i'm likely to kiss NordVPN goodbye for this. @#$!!! (there's a reddit post about this, forgive me for offering a reddit link but there's little else here it is: https://www.reddit.com/r/nordvpn/comments/14l7r7k/anyone_else_unable_to_login/ )

[-] CountVon@sh.itjust.works 2 points 1 year ago* (last edited 1 year ago)

The manual credentials last indefinitely as far as I can tell. I just checked my NordVPN settings, and lo and behold I set this up years ago and forgot about it. It's been working for me this entire time and I noticed no connection drop on my media server today.

I'm guessing this change is related to two factor authentication. For accounts with 2FA enabled, I imagine they flipped some switch so that the default credentials can no longer be used without also supplying the 2FA token. Terrible messaging and rollout on their part though, no question. On the flip side I think manual credentials were always the intended setup for OpenVPN, and the real fuckup is that you're regular credentials ever worked without your 2FA token, even though you had 2FA enabled. That makes me seriously question Nord's security chops...

load more comments