For example, say I log into a website (let’s call it website A) while on my VPN. I also log into another website (let’s call it website B) while also on my VPN. If website B provides website A with my IP information, can website A use the IP information they received and their own IP information to identify me as being the same person, even if I used a VPN?
Apologies if this has been asked before. I’m not too experienced with VPNs and I believe there wasn’t an answer online.
IP addresses are too unreliable to track people in this way. It’s common for a VPN to assign a different IP address each time someone logs in, so a given IP address could be anybody.
If a website wants to track you, they will use more reliable methods that don’t depend on IP address like cookies, local databases, and browser fingerprinting.
It is less likely that website A and B want to track you with the same data. It is more likely that marketing analytics website C is tracking you across websites A through Z, VPN or not…
Technically, it might be possible. But in practice no. The IP a website would see while you’re using a VPN is tied to many other users. So if the website decided to track someone by IP they would get many matches to many different people.
Websites have much better ways of tracking people like cookies. Those aren’t really shared cross sites though.
This can be compared to tracking someone by the town they live in. Sure, the person you’re trying to track is in that set of people but so are a lot of other people. To the point that it is meaningless.
I say it is technically possible because some websites still might do something like this. They will blacklist/limit by IP. They are betting on the chance no one has duplicate IPs. But even if they track IPs, websites don’t really share information like IPs.
Tl;dr: no
It’s called fingerprinting and it’s done all the time; in fact it’s one of the main ways they nail you off the deep web/tor
It is typical for VPN’s to DHCP you another IP address every time you use it (hence why static IP address connections are an alternative option in most VPN services rather than the default)
So they may see the IP address belonging to a server that they can research that belongs to the VPN, but won’t be able to correlate the 2 IP addresses together that ties you in.
Account A: 123.123.134
Account B: 123.123.145*
For all they know, these 2 accounts, A and B use the same VPN service, both starting with 123.123, and use their servers. But there’s no evidence that they’re the same person.
And this is the example even if you connect via the same country another day. Of course if its immediately afterwards they may get suspicious since its the exact same IP.
But think of it this way.
Every single session will almost definitely be a different IP address, the moment you disconnect and reconnect to the VPN again.
> If website B provides website A with my IP information
Generally this does not happen, websites do not share cookies, analytics, or any other information with each other. Though I guess its not impossible for multiple websites to sell advertising information to the same client or analytics group. Still if you are behind VPN, your VPN IP is not static (unless you ask for a static IP when you buy your VPN), so its hard to eb identified
Probably there are thousands of other people using the same VPN server, and same IP address, that you are, at the same time.
But approximate correlation still is possible. If your browser gives info such as timezone, OS type, browser type, fonts, etc, you may be the only person with that configuration and that IP address logged into sites A and B that day. But the sites can’t be 100% sure; there could be two different people with that same config using that same VPN server at the same time, and one logged into site A and the other logged into site B.
The short answer is yes, of course.
If you are using off-the-shelf software, things like cookies and browser fingerprinting will make very sure that companies know exactly who you are, no matter what your IP address is.
VPNs are just one of many tools and techniques you would need to use if you truly wanted to hide your identity.
But the real question is – why? If you’re a super-sekret spy trying to hide your identity from the government, you’re not going to.
And if you’re anybody else, nobody cares enough about you to track you.
If you’re signed in to any place on the Internet on the browser you’re using, at least some activity may be tracked. Like, if you’re searching with Google and using a Google address, they may remember you’re searches, regardless of how many times you change your up address.
What you’re skipping is that, usually, A & B have already hired C to give them that information.
Of course, the use is almost always advertising, so it’s quite benign.
[redacted] due to interruption
Websites have much better ways of tracking people like cookies. Those aren’t really shared cross sites though.
A typical web site uses 20-30 trackers. They all cross-reference. All of them.