Short version: I strongly do not recommend using any of these providers. You are, of course, free to use whatever you like. My TL;DR advice: Roll your own and use Algo or Streisand. For messaging & voice, use Signal. For increased anonymity, use Tor for desktop (though recognize that doing so may actually put you at greater risk), and Onion Browser for mobile.
This mini-rant came on the heels of an interesting twitter discussion: https://twitter.com/kennwhite/status/591074055018582016
Again I strongly do not recommend using any of these providers.
Provider / known "Secret" Key
Astril / way2stars
EarthVPN / earthvpn
GFwVPN / gfwvpn
GoldenFrog / thisisourkey
IBVPN / ibVPNsharedPSK!
IPVanish / ipvanish
NordVPN / nordvpn
PrivateInternetAccess (PIA) / mysafety
PureVPN / 12345678
SlickVPN / gogoVPN
TorGuard / torguard
TigerVPN / tigerVPN
UnblockVPN / xunblock4me
VPNReactor / VPNReactor
Yes, I know. Many/most of these offer OpenVPN, or special clients for IPSec. But for all of the above, they are actively placing a significant portion of their user base (particularly those with older Androids and desktops) at risk by not using per-user PSKs. If your threat model is streaming BBC or helping your cousin geo-shift Hulu, go wild and plug into the Mad Max-esque Thunderdome commons and take your chances. If you're a dissident in Tehran or Riyadh, be extremely cautious of any of these providers.
Lastly, a VPN Hall of Shame honorary mention goes to DoubleHop.me
* on general principle for blatant sexism and utter insincerity. Their privacy/legal policy section includes LGBT slurs and literally has your-mom jokes. But even ignoring that, as of this writing, there is virtually zero technical information provided, only YouTube videos apparently intended for 10 year-old boys.
Moral of the story: Don't believe everything you read on, say, TorrentFreak and PCMagazine. And (crucially) think about your threat model—are you guarding against amateur WiFi snoops at Starbucks or Marriott? Reducing identity monetization profiling by ISPs (ie ad tracking)? Minimizing exposure to government surveillance? Trying to be anonymous online? If the latter, a VPN won't help much.
Citations:
https://www.google.com/#q=goldenfrog+thisisourkey Archive: http://archive.is/qlrLK
http://www.gfwvpn.com/?q=node/224 Archive: http://archive.is/EdpFV
https://www.vpnreactor.com/android_l2tp_ipsec.html Archive: http://archive.is/uwJvk
http://unblockvpn.com/support/how-to-set-up-l2tp-on-the-android.html Archive: http://archive.is/4To5Y
http://www.ibvpn.com/billing/knowledgebase/34/Set-up-the-VPN-connection-on-Android-handsets.html Archive: http://archive.is/srptW
https://www.astrill.com/knowledge-base/50/L2TP-IPSec-PSK---How-to-configure-L2TP-IPSec-on-Android.html Archive:http://archive.is/PZpRU
http://billing.purevpn.com/knowledgebase.php?action=displayarticle&id=33 Archive: http://archive.is/R4JTi
https://www.privateinternetaccess.com/pages/client-support/ Archive: http://archive.is/U1bkL
http://torguard.net/knowledgebase.php?action=displayarticle&id=58 Archive: http://archive.is/iKJjl
https://www.ipvanish.com/visualguides/L2TP/Android/ Archive: http://imgur.com/IQU1mdg
http://www.earthvpn.com/android-l2tp-setup-guide/ Archive: http://archive.is/roKtf
https://nordvpn.com/tutorials/android/l2tpipsec/ (scroll down) Archive: http://archive.is/BQumt
https://help.tigervpn.com/support/search/solutions?term=shared+secret+tigerVPN Archive: http://archive.is/xZ136
https://www.slickvpn.com/tutorials/ipsec-for-iphone/ and http://archive.is/h4rI9
*DoubleHop.me: Archive:http://archive.is/G11WQ and http://archive.is/MZgWE and http://imgur.com/Zn5HSIj
This piece makes some very harsh yet vague accusations about the lack of security in VPN services in general. Reading between the lines, as well as through the comment section, I get the sense that the level of security depends largely on what software and protocols are used and to what degree you trust the service provider. But this still leaves the possibility that some VPN services, properly configured, can provide a reasonable level of privacy for online activity, assuming you're not being individually targeted by a sophisticated adversary.
The author's comments and background also suggest he is more on the side of content owners than end users in the ongoing battle between Draconian copyright laws and fair use. This is especially striking in his endorsement of US-based VPN providers over foreign-based ones, considering this goes against prevailing wisdom in security and privacy circles. Given this bias, I would take his recommendations with a large grain of salt.